[Ffmpeg-devel] segfault decoding a jpeg
Michael Niedermayer
michaelni
Sun Jul 17 13:28:57 CEST 2005
Hi
On Wednesday 06 July 2005 16:09, Luca Ognibene wrote:
> I've a segfault decoding this jpeg:
> http://www.freedesktop.org/~skaboy/test-pipe-4003.jpg
>
> The file loads fine in ImageMagick, Firefox and so on..
> I'm attaching to this mail a simple test case.
>
> The backtrace is the following:
> Program received signal SIGSEGV, Segmentation fault.
> mjpeg_decode_com (s=0x8049590) at bswap.h:29
> 29 {
> (gdb) bt
> #0 mjpeg_decode_com (s=0x8049590) at bswap.h:29
> #1 0x4010d234 in mjpeg_decode_frame (avctx=0x80491c0, data=0x80494b0,
> data_size=0xbffffffd, buf=0xbffe7487 "", buf_size=72417) at mjpeg.c:1893 #2
> 0x400e25b5 in avcodec_decode_video (avctx=0x80491c0, picture=0xbffffffd,
> got_picture_ptr=0xbffff8fc, buf=0xbffffffd "", buf_size=72417) at
> utils.c:621 #3 0x08048b70 in video_decode_example ()
> #4 0x08048d8b in main ()
>
> It's trying to decode a comment. In mjpeg_decode_com, line 1732 'len' is a
> very high (>30000) value.. If i change the check to "if (len >= 2 && len <
> 10000) {" than decoding works fine.. but i don't think this is a good fix
> :)
> If anyone can point me in the right direction..
maybe fixed (untested though)
[...]
--
Michael
More information about the ffmpeg-devel
mailing list