Ernst Albrecht Köstlin <[email protected]> added the comment:
I ran also ran into this issue.
I tracked it down (based on git-1135538) and found the reason for this
behaviour:
When starting ffserver and for some reason the /tmp/feed1.ffm as defined in the
default config file (doc/ffserver.conf) appears to be corrupted the stream
creation done in libavformat/ffmdec.c is rolled back (label "fail" in
"ffm_read_header"), shortly after this transaction the crash appears because of
bad pointer values for the streams *not* created. Those due to that when the
above mentioned roll back is done the previously assigned pointers the
AVFormatContext arent set back to NULL along with the number of streams not
being set back to 0, which will lead the freeing already freed memory.
Anyhow to cut this short I add a patch. To this posting, as Im not really into
gits sync capabilities I leave it to the experts to merge this somehow into the
tree.
Happy hacking
/a
________________________________________________
FFmpeg issue tracker <[email protected]>
<https://roundup.ffmpeg.org/issue2003>
________________________________________________
--- libavformat/ffmdec.c 2010-07-20 20:06:00.000000000 +0200
+++ libavformat/ffmdec_patched.c 2010-07-20 20:07:02.000000000 +0200
@@ -385,8 +385,10 @@
st = s->streams[i];
if (st) {
av_free(st);
+ s->streams[i] = NULL;
}
}
+ s->nb_streams = 0;
return -1;
}
