[FFmpeg-trac] #3210(avfilter:new): Empty format filter argument leads to crash

FFmpeg trac at avcodec.org
Mon Dec 9 09:31:04 CET 2013 

#3210: Empty format filter argument leads to crash
-------------------------------------+-------------------------------------
               Reporter:  ubitux     |                  Owner:
                   Type:  defect     |                 Status:  new
               Priority:  normal     |              Component:  avfilter
                Version:  git-       |               Keywords:  crash
  master                             |  SIGSEGV
             Blocked By:             |               Blocking:
Reproduced by developer:  1          |  Analyzed by developer:  0
-------------------------------------+-------------------------------------
 {{{
 ☭ ./ffmpeg -f lavfi -i testsrc -vf format= -f null -
 ffmpeg version N-58886-g2d4ef7c Copyright (c) 2000-2013 the FFmpeg
 developers
   built on Dec  9 2013 09:26:37 with gcc 4.8.2 (GCC)
   configuration: --enable-gpl --enable-libx264 --enable-libmp3lame
 --enable-x11grab --enable-libvorbis --samples=/home/ux/fate-samples
 --enable-libfreetype --enable-libvpx --cpu=native --cc='ccache cc'
   libavutil      52. 56.100 / 52. 56.100
   libavcodec     55. 45.100 / 55. 45.100
   libavformat    55. 22.100 / 55. 22.100
   libavdevice    55.  5.102 / 55.  5.102
   libavfilter     3. 92.100 /  3. 92.100
   libswscale      2.  5.101 /  2.  5.101
   libswresample   0. 17.104 /  0. 17.104
   libpostproc    52.  3.100 / 52.  3.100
 Input #0, lavfi, from 'testsrc':
   Duration: N/A, start: 0.000000, bitrate: N/A
     Stream #0:0: Video: rawvideo (RGB[24] / 0x18424752), rgb24, 320x240
 [SAR 1:1 DAR 4:3], 25 tbr, 25 tbn, 25 tbc
 zsh: segmentation fault (core dumped)  ./ffmpeg -f lavfi -i testsrc -vf
 format= -f null -
 }}}

 {{{
 ☭ gdb --args ./ffmpeg_g -f lavfi -i testsrc -vf format= -f null -
 GNU gdb (GDB) 7.6.1
 Copyright (C) 2013 Free Software Foundation, Inc.
 License GPLv3+: GNU GPL version 3 or later
 <http://gnu.org/licenses/gpl.html>
 This is free software: you are free to change and redistribute it.
 There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
 and "show warranty" for details.
 This GDB was configured as "x86_64-unknown-linux-gnu".
 For bug reporting instructions, please see:
 <http://www.gnu.org/software/gdb/bugs/>...
 Reading symbols from /home/ux/src/ffmpeg/ffmpeg_g...done.
 (gdb) r
 Starting program: /home/ux/src/ffmpeg/./ffmpeg_g -f lavfi -i testsrc -vf
 format= -f null -
 warning: no loadable sections found in added symbol-file system-supplied
 DSO at 0x7ffff7ffa000
 warning: Could not load shared library symbols for linux-vdso.so.1.
 Do you need "set solib-search-path" or "set sysroot"?
 [Thread debugging using libthread_db enabled]
 Using host libthread_db library "/usr/lib/libthread_db.so.1".
 ffmpeg version N-58886-g2d4ef7c Copyright (c) 2000-2013 the FFmpeg
 developers
   built on Dec  9 2013 09:26:37 with gcc 4.8.2 (GCC)
   configuration: --enable-gpl --enable-libx264 --enable-libmp3lame
 --enable-x11grab --enable-libvorbis --samples=/home/ux/fate-samples
 --enable-libfreetype --enable-libvpx --cpu=native --cc='ccache cc'
   libavutil      52. 56.100 / 52. 56.100
   libavcodec     55. 45.100 / 55. 45.100
   libavformat    55. 22.100 / 55. 22.100
   libavdevice    55.  5.102 / 55.  5.102
   libavfilter     3. 92.100 /  3. 92.100
   libswscale      2.  5.101 /  2.  5.101
   libswresample   0. 17.104 /  0. 17.104
   libpostproc    52.  3.100 / 52.  3.100
 [New Thread 0x7ffff3b38700 (LWP 19234)]
 [New Thread 0x7ffff3337700 (LWP 19235)]
 [New Thread 0x7ffff2b36700 (LWP 19236)]
 [New Thread 0x7ffff2335700 (LWP 19237)]
 [New Thread 0x7ffff1b34700 (LWP 19238)]
 Input #0, lavfi, from 'testsrc':
   Duration: N/A, start: 0.000000, bitrate: N/A
     Stream #0:0: Video: rawvideo (RGB[24] / 0x18424752), rgb24, 320x240
 [SAR 1:1 DAR 4:3], 25 tbr, 25 tbn, 25 tbc
 [New Thread 0x7ffff1333700 (LWP 19239)]
 [New Thread 0x7ffff0b32700 (LWP 19240)]
 [New Thread 0x7ffff0331700 (LWP 19241)]
 [New Thread 0x7fffefb30700 (LWP 19242)]
 [New Thread 0x7fffef32f700 (LWP 19243)]

 Program received signal SIGSEGV, Segmentation fault.
 ff_set_common_formats (ctx=ctx at entry=0x16a88c0, formats=0x0) at
 libavfilter/formats.c:533
 533         SET_COMMON_FORMATS(ctx, formats, in_formats, out_formats,
 (gdb) bt
 #0  ff_set_common_formats (ctx=ctx at entry=0x16a88c0, formats=0x0) at
 libavfilter/formats.c:533
 #1  0x00000000004ac1a5 in query_formats_format (ctx=0x16a88c0) at
 libavfilter/vf_format.c:107
 #2  0x000000000048c246 in filter_query_formats (ctx=0x16a88c0)
     at libavfilter/avfiltergraph.c:320
 #3  0x000000000048ca34 in query_formats (graph=graph at entry=0x16af7e0,
     log_ctx=log_ctx at entry=0x0) at libavfilter/avfiltergraph.c:451
 #4  0x000000000048d59e in graph_config_formats (log_ctx=<optimized out>,
     graph=<optimized out>) at libavfilter/avfiltergraph.c:1085
 #5  avfilter_graph_config (graphctx=0x16af7e0, log_ctx=log_ctx at entry=0x0)
     at libavfilter/avfiltergraph.c:1195
 #6  0x0000000000476191 in configure_filtergraph (fg=0x16bf2e0) at
 ffmpeg_filter.c:901
 #7  0x000000000047db5f in transcode_init () at ffmpeg.c:2433
 #8  0x00000000004643ff in transcode () at ffmpeg.c:3335
 #9  main (argc=10, argv=0x7fffffffe658) at ffmpeg.c:3544
 (gdb)
 }}}

 Found by wm4:

 {{{
 08:20:17 < wm4> ffplay test.mkv -vf format=
 08:20:19 < wm4> => segfault
 }}}

--
Ticket URL: <https://trac.ffmpeg.org/ticket/3210>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list