[Ffmpeg-devel] [PATCH/BUGREPORT] crash in vorbis decoder
Michael Niedermayer
michaelni
Mon Feb 5 00:27:12 CET 2007
Hi
On Sun, Feb 04, 2007 at 11:56:59PM +0100, Baptiste Coudurier wrote:
> Michael Niedermayer wrote:
> > Hi
> >
> > On Sun, Feb 04, 2007 at 11:35:20PM +0100, Reimar D?ffinger wrote:
> >> Hello,
> >> On Sun, Feb 04, 2007 at 10:27:40PM +0000, M?ns Rullg?rd wrote:
> >>> Michael Niedermayer <michaelni at gmx.at> writes:
> >>>> On Sun, Feb 04, 2007 at 11:08:16PM +0100, Reimar D?ffinger wrote:
> >>>>> http://samples.mplayerhq.hu/A-codecs/vorbis/ffvorbis_crash.ogm
> >>>>> crashes a few seconds into the files.
> >>>> gdb/valgrind output?
> >> [...]
> >>> #0 vorbis_residue_decode (vc=0xa2dee0, vr=0xac41b0, ch=2 '\002',
> >>> do_not_decode=0x7fff0f3f8d70 "", vec=0xab2000, vlen=1024)
> >>> at /home/mru/src/ffmpeg/libavcodec/vorbis.c:1512
> >>> 1512 vec[voffs ]+=codebook.codevectors[coffs+l ]; // FPMATH
> >> [...]
> >>> r11 0xfffffffc 4294967292
> >> This, btw. seems to be the value of the coffs variable. Made me first
> >> assume that it's some signedness problem (e.g. because get_vlc2 returns
> >> int and not unsigned), but it's just a baseless assumption *g*.
> >
> > get_vlc*() returns -1 on error, maybe the code doesnt check this ...
> > btw anyone wants to volunteer to maintain vorbis.c ?
> >
>
> Isn't Denes following devel list ? I thought so, last time a bug was
> reported he fixed it really quickly.
then add him to the MAINTAINERS file ....
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Those who are too smart to engage in politics are punished by being
governed by those who are dumber. -- Plato
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20070205/9d4e4d54/attachment.pgp>
More information about the ffmpeg-devel
mailing list