[libav-bugs] [Bug 986] New: load of null pointer of type 'int16_t' (aka 'short') in get_bits.h

bugzilla at libav.org bugzilla at libav.org
Tue Nov 8 18:02:47 CET 2016


https://bugzilla.libav.org/show_bug.cgi?id=986

            Bug ID: 986
           Summary: load of null pointer of type 'int16_t' (aka 'short')
                    in get_bits.h
           Product: Libav
           Version: 11
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: ---
         Component: general
          Assignee: bugzilla at libav.org
          Reporter: ago at gentoo.org

Found with the undefined behavior sanitizer.
Compiler: clang-3.8.1
Tested on: 11.8
Command to reproduce: avconv -i $FILE -f null -
Testcase:
https://github.com/asarubbo/poc/blob/master/00042-libav-loadnullptr-get_bits_h
Output:
avconv version 11.8, Copyright (c) 2000-2016 the Libav developers
  built on Oct 28 2016 13:04:18 with clang version 3.8.1
(tags/RELEASE_381/final)
[mpeg @ 0x15ae4e0] Format detected only with low score of 25, misdetection
possible!
Marker bit missing before time_increment_resolution
Marker bit missing before fixed_vop_rate
[NULL @ 0x15bf720] hmm, seems the headers are not complete, trying to guess
time_increment_bits
[NULL @ 0x15bf720] my guess is 11 bits ;)
[NULL @ 0x15bf720] Error, header damaged or not MPEG4 header (f_code=0)
Marker bit missing before time_increment_resolution
[NULL @ 0x15bf720] N-bit not supported
[NULL @ 0x15bf720] quant precision 14
Marker bit missing in complexity estimation part 2
[NULL @ 0x15bf720] hmm, seems the headers are not complete, trying to guess
time_increment_bits                                                             
[NULL @ 0x15bf720] my guess is 11 bits ;)                                       
[NULL @ 0x15bf720] hmm, seems the headers are not complete, trying to guess
time_increment_bits                                                             
[NULL @ 0x15bf720] my guess is 16 bits ;)                                       
Marker bit missing before vop_coded                                             
[NULL @ 0x15bf720] hmm, seems the headers are not complete, trying to guess
time_increment_bits                                                             
[NULL @ 0x15bf720] my guess is 16 bits ;)                                       
Marker bit missing before vop_coded                                             
Marker bit missing before time_increment_resolution                             
[NULL @ 0x15bf720] N-bit not supported                                          
[NULL @ 0x15bf720] quant precision 14                                           
Marker bit missing in complexity estimation part 1                              
Marker bit missing before time_increment                                        
Marker bit missing before time_increment_resolution                             
[NULL @ 0x15bf720] N-bit not supported                                          
[NULL @ 0x15bf720] quant precision 14                                           
Marker bit missing in complexity estimation part 1                              
[NULL @ 0x15bf720] hmm, seems the headers are not complete, trying to guess
time_increment_bits                                                             
[NULL @ 0x15bf720] my guess is 11 bits ;)                                       
[NULL @ 0x15bf720] illegal chroma format                                        
[NULL @ 0x15bf720] only rectangular vol supported                               
Marker bit missing before time_increment_resolution                             
Marker bit missing before fixed_vop_rate                                        
[NULL @ 0x15bf720] hmm, seems the headers are not complete, trying to guess
time_increment_bits                                                             
[NULL @ 0x15bf720] my guess is 11 bits ;)                                       
[NULL @ 0x15bf720] hmm, seems the headers are not complete, trying to guess
time_increment_bits                                                             
[NULL @ 0x15bf720] my guess is 16 bits ;)                                       
Marker bit missing before vop_coded                                             
[NULL @ 0x15bf720] hmm, seems the headers are not complete, trying to guess
time_increment_bits                                                             
[NULL @ 0x15bf720] my guess is 7 bits ;)                                        
Marker bit missing before time_increment_resolution                             
[NULL @ 0x15bf720] Static Sprites not supported                                 
[NULL @ 0x15bf720] 16 sprite_warping_points                                     
[NULL @ 0x15bf720] hmm, seems the headers are not complete, trying to guess
time_increment_bits                                                             
[NULL @ 0x15bf720] my guess is 11 bits ;)                                       
[NULL @ 0x15bf720] static sprite not supported                                  
Marker bit missing before time_increment_resolution                             
[NULL @ 0x15bf720] Static Sprites not supported                                 
[NULL @ 0x15bf720] hmm, seems the headers are not complete, trying to guess
time_increment_bits                                                             
[NULL @ 0x15bf720] my guess is 7 bits ;)                                        
/tmp/portage/media-video/libav-11.8/work/libav-11.8/libavcodec/get_bits.h:530:5:
runtime error: load of null pointer of type 'int16_t' (aka 'short')

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.libav.org/pipermail/libav-bugs/attachments/20161108/270f6b69/attachment.html>


More information about the libav-bugs mailing list