Crash when reading a fine in Xine

[elv13]

Summary of the bug:
How to reproduce:
play a file

Version:
2.8.7

GDB:
​http://pastebin.ca/3591051

Valgrind:
​http://pastebin.com/8eCK7dib

[elv13]

s/fine/file/

[Carl Eugen Hoyos]

Please test current FFmpeg git head compiled with debug information and provide all necessary information here on the bug tracker, external resources may disappear. See ​http://ffmpeg.org/bugreports.html for the needed information.

[elv13]

with debug information

I did compile the latest release with the debug symbols for this bug report

Please test current FFmpeg git head

Given the bug is actually a GUI related one, I can't use the command line and this break the API/ABI, so I think this is unfortunately not really an option. I think you got enough information.

This is a buffer overflow, it is quite visible in the backtrace. It is potentially a security issue, not only a denial of service one. I did not investigate any further, but I am available if you need me to test patches.

[Carl Eugen Hoyos]

Replying to elv13:

with debug information

I did compile the latest release with the debug symbols for this bug report

I don't understand: Current libavcodec has version 57 but you provided gdb output for version 56.
Please explain.

[elv13]

I don't understand: Current libavcodec has version 57 but you provided gdb output for version 56.
Please explain.

Gentoo ships both 2.8.7 and 3.0.2 as the 2 available latest versions. However, none of the packages I use support (or at least, Gentoo claim they don't) API 57. So 56 is the latest I can use to reproduce the bug.

[Carl Eugen Hoyos]

You have shown backtrace but please provide backtrace together with disassembly and register dump as explained on https://ffmpeg.org/bugreports.html here on the bug tracker, do not use external resources.

Is the crash also reproducible with you compile with --disable-avx2?