[Mplayer-advusers] AAC audio buffer overflow/crash
Attila Kinali
attila at kinali.ch
Mon Jan 26 11:40:00 CET 2004
On Mon, 26 Jan 2004 04:52:01 +0200 (EET)
Urpala Uoti <urpala at ee.tut.fi> wrote:
> Mplayer crashes when playing a matroska file containing 6-channel
> audio, codec ID A_AAC/MPEG4/LC/SBR. Line 218 in libmpcodecs/ad_faad.c,
> memcpy(buf+len,faac_sample_buffer, sh->samplesize*faac_finfo.samples);
> writes beyond the end of the allocated buffer.
>
> I believe the error is that line 45 in ad_faad.c,
> sh->audio_out_minsize=2048*FAAD_MAX_CHANNELS;
> should specify a larger value. I assume that 2048 comes from 1024
> samples of 16-bit audio. However, apparently libfaad can return twice
> that many samples with SBR ("hInfo->samples *= 2;", line 1147 in
> libfaad2/decoder.c). Making audio_out_minsize twice as large fixes the
> problem for my test file.
>
> ad_faad.c also seems to have support for output formats larger than
> 16-bit, maybe the buffer should be larger still to take those into
> account? (I haven't studied the code enough to tell whether that's
> needed).
You should definitly read bugreports.html, incomplete bugreports
dont belong here.
You should also upload a sample file to mphg
Attila Kinali
--
egp ist vergleichbar mit einem ikea bausatz fuer flugzeugtraeger
-- reeler in +kaosu
More information about the MPlayer-advusers
mailing list