[FFmpeg-cvslog] r18005 - trunk/libavformat/rmdec.c
Måns Rullgård
mans
Mon Mar 16 21:11:54 CET 2009
Vitor Sessak <vitor1001 at gmail.com> writes:
> Ronald S. Bultje wrote:
>> Hi,
>>
>> On Mon, Mar 16, 2009 at 1:08 PM, Ronald S. Bultje <rsbultje at gmail.com> wrote:
>>> OK, I'll look at it.
>>
>> My short and very inconclusive answer is that I don't know because
>> valgrind-for-macosx refuses to compile on my OSX10.4. Can anyone do a
>> quick valgrind run on that testsample that fails
>> (http://samples.mplayerhq.hu/real/AC-14_4/ and the file is called
>> ra3_in_rm_file.rm) and show me the results? I don't see any failures
>> here on any of my testfiles.
>
> It segfaults here before exiting (but gives the correct md5sum):
[...]
> Program received signal SIGSEGV, Segmentation fault.
> 0x080c68ff in rm_read_packet (s=0x8916ac0, pkt=0xbf8a1ab0)
> at libavformat/rmdec.c:777
> 777 st = s->streams[i];
> (gdb) print i
> $1 = 143785376
> (gdb) bt
> #0 0x080c68ff in rm_read_packet (s=0x8916ac0, pkt=0xbf8a1ab0)
> at libavformat/rmdec.c:777
> #1 0x08060e8c in av_read_packet (s=0x8916ac0, pkt=0xbf8a1ab0)
> at libavformat/utils.c:591
> #2 0x080614a2 in av_read_frame_internal (s=0x8916ac0, pkt=0xbf8a1d0c)
> at libavformat/utils.c:1001
> #3 0x08052b5b in main (argc=0, argv=0x1) at ffmpeg.c:2127
> (gdb)
When sync() returns < 0, i is uninitialised. This patch fixes the
crash on ARM.
diff --git a/libavformat/rmdec.c b/libavformat/rmdec.c
index 4ec6d88..a1c0906 100644
--- a/libavformat/rmdec.c
+++ b/libavformat/rmdec.c
@@ -774,7 +774,8 @@ static int rm_read_packet(AVFormatContext *s, AVPacket *pkt)
flags = (seq++ == 1) ? 2 : 0;
} else {
len=sync(s, ×tamp, &flags, &i, &pos);
- st = s->streams[i];
+ if (len > 0)
+ st = s->streams[i];
}
if(len<0 || url_feof(s->pb))
Thanks for investigating.
--
M?ns Rullg?rd
mans at mansr.com
More information about the ffmpeg-cvslog
mailing list