[issue2327] valgrind reports invalid reads with fuzzed vorbis samples

Carl Eugen Hoyos Wed, 27 Oct 2010 14:03:32 -0700

New submission from Carl Eugen Hoyos <[email protected]>:


Using the samples from issue 2322, valgrind still reports invalid reads:

Input #0, ogg, from 'zzuf.-1090371768.chop.lsp-test2.ogg':
  Duration: 00:00:02.07, start: 0.000000, bitrate: 163 kb/s
    Stream #0.0: Audio: vorbis, 44100 Hz, stereo, s16, 128 kb/s
    Metadata:
      COMMENT         : Vorbis beta 4, mode A (even LSP only, floor 0)
Output #0, null, to 'pipe:':
  Metadata:
    encoder         : Lavf52.84.0
    Stream #0.0: Audio: pcm_s16le, 44100 Hz, stereo, s16, 1411 kb/s
    Metadata:
      COMMENT         : Vorbis beta 4, mode A (even LSP only, floor 0)
Stream mapping:
  Stream #0.0 -> #0.0
Press [q] to stop encoding
==11040== Invalid read of size 4
==11040==    at 0x834F2DA: get_vlc2 (get_bits.h:609)
==11040==    by 0x8352C7B: vorbis_residue_decode_internal (vorbis_dec.c:1305)
==11040==    by 0x8353F5C: vorbis_residue_decode (vorbis_dec.c:1417)
==11040==    by 0x8353A60: vorbis_parse_audio_packet (vorbis_dec.c:1553)
==11040==    by 0x835401B: vorbis_decode_frame (vorbis_dec.c:1627)
==11040==    by 0x8335E45: avcodec_decode_audio3 (utils.c:665)
==11040==    by 0x804EDB7: output_packet (ffmpeg.c:1467)
==11040==    by 0x80532F0: transcode (ffmpeg.c:2524)
==11040==    by 0x80579F5: main (ffmpeg.c:4223)

Input #0, ogg, from 'zzuf.00005.361003813.chop.lsp-test4.ogg':
  Duration: 00:00:02.01, start: 0.000000, bitrate: 186 kb/s
    Stream #0.0: Audio: vorbis, 44100 Hz, stereo, s16, 160 kb/s
Output #0, null, to 'pipe:':
  Metadata:
    encoder         : Lavf52.84.0
    Stream #0.0: Audio: pcm_s16le, 44100 Hz, stereo, s16, 1411 kb/s
Stream mapping:
  Stream #0.0 -> #0.0
Press [q] to stop encoding
[vorbis @ 0x4205ce0] Invalid codebook in vorbis_floor_decode.
==11029== Invalid read of size 4es
==11029==    at 0x834F2DA: get_vlc2 (get_bits.h:609)
==11029==    by 0x8352EEC: vorbis_residue_decode_internal (vorbis_dec.c:1341)
==11029==    by 0x8353F5C: vorbis_residue_decode (vorbis_dec.c:1417)
==11029==    by 0x8353A60: vorbis_parse_audio_packet (vorbis_dec.c:1553)
==11029==    by 0x835401B: vorbis_decode_frame (vorbis_dec.c:1627)
==11029==    by 0x8335E45: avcodec_decode_audio3 (utils.c:665)
==11029==    by 0x804EDB7: output_packet (ffmpeg.c:1467)
==11029==    by 0x80532F0: transcode (ffmpeg.c:2524)
==11029==    by 0x80579F5: main (ffmpeg.c:4223)

----------
messages: 12385
priority: normal
status: open
substatus: open
title: valgrind reports invalid reads with fuzzed vorbis samples
topic: avcodec
type: bug

________________________________________________
FFmpeg issue tracker <[email protected]>
<https://roundup.ffmpeg.org/issue2327>
________________________________________________

[issue2327] valgrind reports invalid reads with fuzzed vorbis samples

Reply via email to