[issue2115] Ошибка при открыт ии mp3 файла

Anton Mon, 19 Jul 2010 07:46:17 -0700

New submission from Anton <[email protected]>:

Sometimes when you open a mp3 file an error reading memory.
The error occurs when calling the function av_probe_input_format()


Example:
#define PROBE_BUF_MIN 4*1024

AVProbeData pd;

pd.filename = "";
pd.buf = (unsigned char *)av_malloc(PROBE_BUF_MIN);
memset(pd.buf, 0, PROBE_BUF_MIN);
oms::oms_pos rpos = _smpStream->read(pd.buf, PROBE_BUF_MIN);
_smpStream->rseek(-rpos, oms::seek_cur);

pd.buf_size = int(rpos);

aIc->iformat = av_probe_input_format(&pd, 1);

av_free(pd.buf);
pd.buf = NULL;

FFmpeg version SVN-r24245, Copyright (c) 2000-2010 the FFmpeg developers
  built on Jul 19 2010 18:42:58 with gcc 4.3.0 20080305 (alpha-testing)
mingw-20080502
  configuration: --enable-memalign-hack --prefix=/usr/i686-mingw32
--enable-swscale --enable-w32threads --target-os=mingw32 --disable-static
--enable-shared
  libavutil     50.22. 0 / 50.22. 0
  libavcodec    52.83. 0 / 52.83. 0
  libavformat   52.73. 0 / 52.73. 0
  libavdevice   52. 2. 0 / 52. 2. 0
  libavfilter    1.22. 0 /  1.22. 0
  libswscale     0.11. 0 /  0.11. 0

Valgrind log:
==00:00:05:23.866 2207== Invalid read of size 4
==00:00:05:23.866 2207==    at 0x06bb597a: ff_ac3_parse_header (get_bits.h:365)
==00:00:05:23.866 2207==    by 0x06b85e41: ac3_eac3_probe (raw.c:618)
==00:00:05:23.866 2207==    by 0x06ba3c8d: av_probe_input_format (utils.c:324)
==00:00:05:23.866 2207==    by 0x06b28815:
mme::ffmpeg::Player::parseStreamFormat(AVFormatContext*) (player.cpp:1979)
==00:00:05:23.866 2207==    by 0x06b2edf4: mme::ffmpeg::Player::decodeThread()
(player.cpp:2028)
==00:00:05:23.866 2207==    by 0x06b30aed:
mme::ffmpeg::SyncThread::thread_proc_impl() (player.cpp:148)
==00:00:05:23.866 2207==    by 0x052981fa: oms::ThreadOfControl::thread_proc()
(oms_control.cpp:159)
==00:00:05:23.866 2207==    by 0x052a10d4:
oms::thread_adapter<oms::ThreadOfControl>::operator() (:0)
==00:00:05:23.866 2207==    by 0x052a1122:
boost::detail::function::void_function_obj_invoker0<oms::thread_adapter<oms::ThreadOfControl>,
==00:00:05:23.866 2207==    by 0x0529eb02: boost::function0<void>::operator() 
(:0)
==00:00:05:23.866 2207==    by 0x0529eb25:
boost::detail::thread_data<boost::function0<void>
==00:00:05:23.866 2207==    by 0x04eea41a: thread_proxy (in
/mnt/data/oms_project/x86_64/gcc41/debug/bin/liboms.so.2.2.2)
==00:00:05:23.866 2207==    by 0x08e369c9: start_thread (pthread_create.c:300)
==00:00:05:23.866 2207==    by 0x0965e6fc: clone (clone.S:112)
==00:00:05:23.866 2207==    Address 0x2d1b7c8d is 4,093 bytes inside a block of
size 4,096 alloc'd
==00:00:05:23.866 2207==    at 0x04c27676: memalign (vg_replace_malloc.c:581)
==00:00:05:23.866 2207==    by 0x04c276cf: posix_memalign 
(vg_replace_malloc.c:709)
==00:00:05:23.866 2207==    by 0x06ee055c: av_malloc (mem.c:83)
==00:00:05:23.866 2207==    by 0x06b2878f:
mme::ffmpeg::Player::parseStreamFormat(AVFormatContext*) (player.cpp:1972)
==00:00:05:23.866 2207==    by 0x06b2edf4: mme::ffmpeg::Player::decodeThread()
(player.cpp:2028)
==00:00:05:23.866 2207==    by 0x06b30aed:
mme::ffmpeg::SyncThread::thread_proc_impl() (player.cpp:148)
==00:00:05:23.866 2207==    by 0x052981fa: oms::ThreadOfControl::thread_proc()
(oms_control.cpp:159)
==00:00:05:23.866 2207==    by 0x052a10d4:
oms::thread_adapter<oms::ThreadOfControl>::operator() (:0)
==00:00:05:23.866 2207==    by 0x052a1122:
boost::detail::function::void_function_obj_invoker0<oms::thread_adapter<oms::ThreadOfControl>,
==00:00:05:23.866 2207==    by 0x0529eb02: boost::function0<void>::operator() 
(:0)
==00:00:05:23.866 2207==    by 0x0529eb25:
boost::detail::thread_data<boost::function0<void>
==00:00:05:23.866 2207==    by 0x04eea41a: thread_proxy (in
/mnt/data/oms_project/x86_64/gcc41/debug/bin/liboms.so.2.2.2)
==00:00:05:23.866 2207==    by 0x08e369c9: start_thread (pthread_create.c:300)
==00:00:05:23.866 2207==    by 0x0965e6fc: clone (clone.S:112)
==00:00:05:23.866 2207==
==00:00:05:23.937 2207== Invalid read of size 4
==00:00:05:23.937 2207==    at 0x06b85793: h261_probe (get_bits.h:365)
==00:00:05:23.937 2207==    by 0x06ba3c8d: av_probe_input_format (utils.c:324)
==00:00:05:23.937 2207==    by 0x06b28815:
mme::ffmpeg::Player::parseStreamFormat(AVFormatContext*) (player.cpp:1979)
==00:00:05:23.937 2207==    by 0x06b2edf4: mme::ffmpeg::Player::decodeThread()
(player.cpp:2028)
==00:00:05:23.937 2207==    by 0x06b30aed:
mme::ffmpeg::SyncThread::thread_proc_impl() (player.cpp:148)
==00:00:05:23.937 2207==    by 0x052981fa: oms::ThreadOfControl::thread_proc()
(oms_control.cpp:159)
==00:00:05:23.937 2207==    by 0x052a10d4:
oms::thread_adapter<oms::ThreadOfControl>::operator() (:0)
==00:00:05:23.937 2207==    by 0x052a1122:
boost::detail::function::void_function_obj_invoker0<oms::thread_adapter<oms::ThreadOfControl>,
==00:00:05:23.937 2207==    by 0x0529eb02: boost::function0<void>::operator() 
(:0)
==00:00:05:23.937 2207==    by 0x0529eb25:
boost::detail::thread_data<boost::function0<void>
==00:00:05:23.937 2207==    by 0x04eea41a: thread_proxy (in
/mnt/data/oms_project/x86_64/gcc41/debug/bin/liboms.so.2.2.2)
==00:00:05:23.937 2207==    by 0x08e369c9: start_thread (pthread_create.c:300)
==00:00:05:23.937 2207==    by 0x0965e6fc: clone (clone.S:112)
==00:00:05:23.937 2207==    Address 0x2d1b7c8d is 4,093 bytes inside a block of
size 4,096 alloc'd
==00:00:05:23.937 2207==    at 0x04c27676: memalign (vg_replace_malloc.c:581)
==00:00:05:23.937 2207==    by 0x04c276cf: posix_memalign 
(vg_replace_malloc.c:709)
==00:00:05:23.937 2207==    by 0x06ee055c: av_malloc (mem.c:83)
==00:00:05:23.937 2207==    by 0x06b2878f:
mme::ffmpeg::Player::parseStreamFormat(AVFormatContext*) (player.cpp:1972)
==00:00:05:23.937 2207==    by 0x06b2edf4: mme::ffmpeg::Player::decodeThread()
(player.cpp:2028)
==00:00:05:23.937 2207==    by 0x06b30aed:
mme::ffmpeg::SyncThread::thread_proc_impl() (player.cpp:148)
==00:00:05:23.937 2207==    by 0x052981fa: oms::ThreadOfControl::thread_proc()
(oms_control.cpp:159)
==00:00:05:23.937 2207==    by 0x052a10d4:
oms::thread_adapter<oms::ThreadOfControl>::operator() (:0)
==00:00:05:23.937 2207==    by 0x052a1122:
boost::detail::function::void_function_obj_invoker0<oms::thread_adapter<oms::ThreadOfControl>,
==00:00:05:23.937 2207==    by 0x0529eb02: boost::function0<void>::operator() 
(:0)
==00:00:05:23.937 2207==    by 0x0529eb25:
boost::detail::thread_data<boost::function0<void>
==00:00:05:23.937 2207==    by 0x04eea41a: thread_proxy (in
/mnt/data/oms_project/x86_64/gcc41/debug/bin/liboms.so.2.2.2)
==00:00:05:23.937 2207==    by 0x08e369c9: start_thread (pthread_create.c:300)
==00:00:05:23.937 2207==    by 0x0965e6fc: clone (clone.S:112)

----------
messages: 11273
priority: normal
status: new
substatus: new
title: Ошибка при открытии mp3 файла
type: bug

________________________________________________
FFmpeg issue tracker <[email protected]>
<https://roundup.ffmpeg.org/issue2115>
________________________________________________

[issue2115] Ошибка при открыт ии mp3 файла

Reply via email to