[FFmpeg-trac] #10866(avcodec:new): speexdec regression

FFmpeg Thu, 15 Feb 2024 19:45:47 -0800

#10866: speexdec regression
-------------------------------------+-------------------------------------
             Reporter:  Michael      |                     Type:  defect
  Niedermayer                        |
               Status:  new          |                 Priority:  normal
            Component:  avcodec      |                  Version:  git-
                                     |  master
             Keywords:               |               Blocked By:
             Blocking:  7.0          |  Reproduced by developer:  1
Analyzed by developer:  0            |
-------------------------------------+-------------------------------------
 Summary of the bug:


 out of array accesses
 testcase provided to james
 this issue is to keep trac of 7.0 blocking issues

 Regression since ab39cc36c72bb73318bb911acb66873de850a107.

 ==18832== Invalid write of size 4
 ==18832==    at 0xD1CFC3: sb_decode (speexdec.c:1260)
 ==18832==    by 0xD1E5EE: speex_decode_frame (speexdec.c:1558)
 ==18832==    by 0x998846: decode_simple_internal (decode.c:430)
 ==18832==    by 0x998DD7: decode_simple_receive_frame (decode.c:609)
 ==18832==    by 0x998F47: decode_receive_frame_internal (decode.c:637)
 ==18832==    by 0x99930C: avcodec_send_packet (decode.c:734)
 ==18832==    by 0x669D2F: try_decode_frame (demux.c:2126)
 ==18832==    by 0x66CAA0: avformat_find_stream_info (demux.c:2809)
 ==18832==    by 0x24E9C2: ifile_open (ffmpeg_demux.c:1663)
 ==18832==    by 0x2755BE: open_files (ffmpeg_opt.c:1333)
 ==18832==    by 0x275780: ffmpeg_parse_options (ffmpeg_opt.c:1373)
 ==18832==    by 0x289702: main (ffmpeg.c:1032)
 ==18832==  Address 0x16a170c0 is 0 bytes after a block of size 1,536
 alloc'd
 ==18832==    at 0x4C33E76: memalign (in /usr/lib/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==18832==    by 0x4C33F91: posix_memalign (in /usr/lib/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==18832==    by 0x13E4006: av_malloc (mem.c:105)
 ==18832==    by 0x13BFC1D: av_buffer_alloc (buffer.c:82)
 ==18832==    by 0x13C0665: pool_alloc_buffer (buffer.c:362)
 ==18832==    by 0x13C07E6: av_buffer_pool_get (buffer.c:401)
 ==18832==    by 0xA46052: audio_get_buffer (get_buffer.c:203)
 ==18832==    by 0xA4648D: avcodec_default_get_buffer2 (get_buffer.c:278)
 ==18832==    by 0x99B967: ff_get_buffer (decode.c:1673)
 ==18832==    by 0xD1E52E: speex_decode_frame (speexdec.c:1552)
 ==18832==    by 0x998846: decode_simple_internal (decode.c:430)
 ==18832==    by 0x998DD7: decode_simple_receive_frame (decode.c:609)
 ==18832==    by 0x998F47: decode_receive_frame_internal (decode.c:637)
 ==18832==    by 0x99930C: avcodec_send_packet (decode.c:734)
 ==18832==    by 0x669D2F: try_decode_frame (demux.c:2126)
 ==18832==    by 0x66CAA0: avformat_find_stream_info (demux.c:2809)
 ==18832==    by 0x24E9C2: ifile_open (ffmpeg_demux.c:1663)
 ==18832==    by 0x2755BE: open_files (ffmpeg_opt.c:1333)
 ==18832==    by 0x275780: ffmpeg_parse_options (ffmpeg_opt.c:1373)
 ==18832==    by 0x289702: main (ffmpeg.c:1032)
-- 
Ticket URL: <https://trac.ffmpeg.org/ticket/10866>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker

_______________________________________________
FFmpeg-trac mailing list
FFmpeg-trac@avcodec.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-trac

To unsubscribe, visit link above, or email
ffmpeg-trac-requ...@ffmpeg.org with subject "unsubscribe".

[FFmpeg-trac] #10866(avcodec:new): speexdec regression

Reply via email to