[MPlayer-dev-eng] Bug in win32 dll loader code

Fredrik Kuivinen freku045 at student.liu.se
Wed Jan 16 19:51:40 CET 2002


Hi

When using Electric Fence (ftp://ftp.perens.com/pub/ElectricFence/) I came
across this bug. It looks like the memcpy reads to much data from 'format'.
(Electric Fence causes the program to SIGSEGV when it overruns a malloced
memory area.)

I don't really know what is going on here so I send this and the attached gdb
log instead of a patch.

(Using Electric Fence in debian is really simple just apt-get install 
electric-fence and then type efence at the gdb prompt.)

/ Fredrik Kuivinen

-------------- next part --------------
GNU gdb 5.1
Copyright 2001 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-linux"...
(gdb) efence
Enabled Electric Fence
(gdb) r -v -vo x11 -nosound ~/film/Shrek.DivX.DVDRip.avi 
Starting program: /usr/home/ksorim/mplayer/player/main/mplayer -v -vo x11 -nosound ~/film/Shrek.DivX.DVDRip.avi


MPlayer CVS-020116-17:57-2.95.4 (C) 2000-2002 Arpad Gereoffy (see DOCS!)

[New Thread 1024 (LWP 4367)]

Program received signal SIGILL, Illegal instruction.
[Switching to Thread 1024 (LWP 4367)]
check_os_katmai_support () at cpudetect.c:293
293	      __asm __volatile ("xorps %xmm0, %xmm0");
(gdb) c
Continuing.
CPU vendor name: GenuineIntel  max cpuid level: 2
CPU: Intel Pentium III Katmai/Pentium III Xeon Tanner (Type: 6, Stepping: 3)
Testing OS support for SSE... SIGILL, no!
Tests of OS support for SSE failed!
CPUflags: Type: 6 MMX: 1 MMX2: 1 3DNow: 0 3DNow2: 0 SSE: 0 SSE2: 0
Compiled for x86 CPU with features:
Reading /home/ksorim/.mplayer/codecs.conf: 28 audio & 73 video codecs
CommandLine: '-v' '-vo' 'x11' '-nosound' '/home/ksorim/film/Shrek.DivX.DVDRip.avi'
get_path('font/font.desc') -> '/home/ksorim/.mplayer/font/font.desc'
font: can't open file: /home/ksorim/.mplayer/font/font.desc
font: can't open file: /usr/local/share/mplayer/font/font.desc
Using usleep() timing
Playing /home/ksorim/film/Shrek.DivX.DVDRip.avi
Not an URL!
File size is 735295488 bytes
Detected AVI file format!
======= AVI Header =======
us/frame: 41708  (fps=23.976)
max bytes/sec: 0
padding: 0
MainAVIHeader.dwFlags: (272) HAS_INDEX IS_INTERLEAVED
frames  total: 126571   initial: 0
streams: 2
Suggested BufferSize: 0
Size:  512 x 384
==> Found video stream: 0
======= STREAM Header =======
Type: vids   FCC: div3 (33766964)
Flags: 0
Priority: 0   Language: 0
InitialFrames: 0
Rate: 23976/1000 = 23.976
Start: 0   Len: 126571
Suggested BufferSize: 70986
Quality 10000
Sample size: 0
found 'bih', 40 bytes of 40
======= VIDEO Format ======
  biSize 40
  biWidth 512
  biHeight 384
  biPlanes 1
  biBitCount 24
  biCompression 861292868='DIV3'
  biSizeImage 589824
===========================
Regenerating keyframe table for DIVX 3 video
==> Found audio stream: 1
======= STREAM Header =======
Type: auds   FCC:  (0)
Flags: 0
Priority: 0   Language: 0
InitialFrames: 1
Rate: 48000/1152 = 41.667
Start: 0   Len: 219959
Suggested BufferSize: 384
Quality -1
Sample size: 0
found 'wf', 30 bytes of 20
======= WAVE Format =======
Format Tag: 85 (0x55)
Channels: 2
Samplerate: 48000
avg byte/sec: 15999
Block align: 1152
bits/sample: 0
cbSize: 12
Software  : Nandub v1.0rc2
Name      : Shrek *ViTE*
Title     : Shrek *ViTE*
Author    : ViTE
Copyright : ViTE
Comment   : ViTE
Found movie at 0x280C - 0x2B7F16CA
Reading INDEX block, 346530 chunks for 126571 frames
AVI index offset: 10248
Auto-selected AVI video ID = 0
AVI_NI: No Audio stream found...  ->nosound
AVI video length=732512996
VIDEO:  [DIV3]  512x384  24bpp  23.98 fps  1110.1 kbps (135.5 kbyte/s)
[V] filefmt:3  fourcc:0x33564944  size:512x384  fps:23.98  ftime:=0.0417
get_path('sub/') -> '/home/ksorim/.mplayer/sub/'
Clip info: 
 Name: Shrek *ViTE*
 Author: ViTE
 Copyright: ViTE
 Comments: ViTE
 Encoder: Nandub v1.0rc2
Detected video codec: [divxds] drv:4 prio:0 (DivX ;-) (MS MPEG-4 v3))

Program received signal SIGSEGV, Segmentation fault.
0x40405197 in memcpy () from /lib/libc.so.6
(gdb) bt
#0  0x40405197 in memcpy () from /lib/libc.so.6
#1  0x080d448a in DS_VideoDecoder_Open (dllname=0x40604ff4 "divx_c32.ax", guid=0x4087ca00, format=0x40a39fd8, flip=0, maxauto=0)
    at DS_VideoDecoder.c:110
#2  0x08062d65 in init_video (sh_video=0x40a37f54) at dec_video.c:401
#3  0x0805c61d in main (argc=6, argv=0xbffff984, envp=0xbffff9a0) at mplayer.c:1206
#4  0x403a965f in __libc_start_main () from /lib/libc.so.6
(gdb) q
The program is running.  Exit anyway? (y or n) 


More information about the MPlayer-dev-eng mailing list