New submission from yoav <[email protected]>: The attached file has an invalid id3v2 header (or there might be a bug in ff_id3v2_parse which reads it incorrectly). In any case while running over the tags: "while (len >= taghdrlen)" we update len in each iteration like this: "len -= taghdrlen + tlen;" if the "tlen" read from the file is corrupt and negative it causes a very large len, leading to an infinite loop. (File isn't playable, ffmpeg freezes). See attached file.
Output from ffmpeg -i is: FFmpeg version git-e519753, Copyright (c) 2000-2011 the FFmpeg developers built on Mar 7 2011 18:02:05 with gcc 4.4.5 configuration: --enable-memalign-hack --extra-cflags=-fno-common --extra-cflags=-ggdb --extra-ldflags=-ggdb --extra-cflags=-I. --extra-cflags=-I/opt/lame/include --extra-cflags=-DUNICODE --extra-ldflags=-L/opt/lame/lib --disable-devices --disable-filters --disable-protocols --enable-protocol=file --disable-muxers --enable-muxer=mp3 --disable-encoders --enable-libmp3lame --enable-encoder=libmp3lame --disable-network --disable-decoders --disable-demuxers --enable-decoder=aac --enable-demuxer=aac --enable-demuxer=mov --enable-decoder=mp3 --enable-demuxer=mp3 --enable-decoder=vorbis --enable-demuxer=ogg --enable-decoder=flac --enable-demuxer=flac --enable-decoder=ape --enable-demuxer=ape --enable-decoder=wmav1 --enable-demuxer=asf --enable-decoder=wmav2 --enable-decoder=alac --disable-parsers --enable-parser=aac --enable-parser=mpegaudio --enable-parser=flac --disable-bsfs --disable-ffserver --disable-ffplay --enable-static --enable-shared --prefix=/opt/ffmpeg_git --enable-debug --disable-optimizations --extra-cflags=-DDEBUG --disable-stripping libavutil 50. 39. 0 / 50. 39. 0 libavcodec 52.113. 2 / 52.113. 2 libavformat 52.102. 0 / 52.102. 0 libavdevice 52. 2. 3 / 52. 2. 3 libavfilter 1. 76. 0 / 1. 76. 0 libswscale 0. 12. 0 / 0. 12. 0 File 'fff.mp3' not attached - you can download it from https://roundup.ffmpeg.org/file1362. ---------- files: fff.mp3 messages: 13823 priority: normal status: new substatus: new title: Invalid id3v2 header causes infinite loop in ff_id3v2_parse topic: avformat type: bug ________________________________________________ FFmpeg issue tracker <[email protected]> <https://roundup.ffmpeg.org/issue2649> ________________________________________________
