Carl Eugen Hoyos <[email protected]> added the comment:
(gdb) r -i ~/issues/issue2442/crash_mp3_s186_r003.fuzz Starting program: ffmpeg_g -i crash_mp3_s186_r003.fuzz [Thread debugging using libthread_db enabled] FFmpeg version SVN-r26076, Copyright (c) 2000-2010 the FFmpeg developers built on Dec 23 2010 02:49:54 with gcc 4.4.5 configuration: --enable-debug=3 --disable-asm --disable-optimizations --cc='/usr/local/gcc-4.4.5/bin/gcc -m32' libavutil 50.36. 0 / 50.36. 0 libavcore 0.16. 0 / 0.16. 0 libavcodec 52.100. 0 / 52.100. 0 libavformat 52.88. 0 / 52.88. 0 libavdevice 52. 2. 2 / 52. 2. 2 libavfilter 1.69. 0 / 1.69. 0 libswscale 0.12. 0 / 0.12. 0 [NULL @ 0x8acbcc0] Format detected only with low score of 25, misdetection possible! ffmpeg_g: libavutil/mathematics.c:79: av_rescale_rnd: Assertion `c > 0' failed. Program received signal SIGABRT, Aborted. 0xffffe430 in __kernel_vsyscall () (gdb) bt #0 0xffffe430 in __kernel_vsyscall () #1 0xf7d450cf in raise () from /lib/libc.so.6 #2 0xf7d469e7 in abort () from /lib/libc.so.6 #3 0xf7d3defe in __assert_fail () from /lib/libc.so.6 #4 0x0843ea63 in av_rescale_rnd (a=11180, b=352800, c=0, rnd=AV_ROUND_NEAR_INF) at libavutil/mathematics.c:79 #5 0x0843efc6 in av_rescale (a=11180, b=352800, c=0) at libavutil/mathematics.c:130 #6 0x080b8fe7 in mp3_parse_vbr_tags (s=0x8acbcc0, st=0x8acccf0, base=0) at libavformat/mp3.c:132 #7 0x080b90f6 in mp3_read_header (s=0x8acbcc0, ap=0xffffce20) at libavformat/mp3.c:160 #8 0x0810aff4 in av_open_input_stream (ic_ptr=0xffffce50, pb=0x8ad4d20, filename=0xffffd25e "/home/cehoyos/issues/issue2442/crash_mp3_s186_r003.fuzz", fmt=0x857e6c0, ap=0xffffce20) at libavformat/utils.c:487 #9 0x0810b502 in av_open_input_file (ic_ptr=0xffffce50, filename=0xffffd25e "/home/cehoyos/issues/issue2442/crash_mp3_s186_r003.fuzz", fmt=0x857e6c0, buf_size=0, ap=0xffffce20) at libavformat/utils.c:643 #10 0x080553d3 in opt_input_file (filename=0xffffd25e "/home/cehoyos/issues/issue2442/crash_mp3_s186_r003.fuzz") at ffmpeg.c:3186 #11 0x08058aef in parse_options (argc=3, argv=0xffffcff4, options=0x8448920, parse_arg_function=0x8056ce9 <opt_output_file>) at cmdutils.c:204 #12 0x0805823b in main (argc=3, argv=0xffffcff4) at ffmpeg.c:4338 ---------- status: new -> open substatus: new -> reproduced ________________________________________________ FFmpeg issue tracker <[email protected]> <https://roundup.ffmpeg.org/issue2442> ________________________________________________
