Opened 16 years ago
Closed 16 years ago
#1179 closed defect (duplicate)
Mplayer Crashed: Invalid Read
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | normal | Component: | demuxer |
| Version: | HEAD | Severity: | normal |
| Keywords: | Cc: | catchconv-bugreports@… | |
| Blocked By: | Blocking: | ||
| Reproduced by developer: | no | Analyzed by developer: | no |
Description
The following report is for the SUPERB-TRUST 2008, the cyber security project.
#Error found at test case .mp4 file for mplayer version (dev-SVN-r27249-4.1.2)
valgrind report the Invalid Read.
#The test case is "70-salma.mp4" can be found at the URL
*http://www.eecs.berkeley.edu/~sckhan/70-salma.mp4
#Reproducible with the following command
*valgrind mplayer 70-salma.mp4
Can also be run as:
*valgrind --log-file=log12 mplayer 70-salma.mp4
#OS: Debian Etch Linux
#Valgrind output:
==11929== Memcheck, a memory error detector.
==11929== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==11929== Using LibVEX rev 1854, a library for dynamic binary translation.
==11929== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==11929== Using valgrind-3.3.1, a dynamic binary instrumentation framework.
==11929== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==11929== For more details, rerun with: -v
==11929==
==11929== My PID = 11929, parent PID = 1823. Prog and args are:
==11929== mplayer
==11929== 70-salma.mp4
==11929==
==11929== Invalid read of size 1
==11929== Stack hash: 2372702564
==11929== at 0x81379A6: gen_sh_video (demux_mov.c:1120)
==11929== by 0x813B934: lschunks (demux_mov.c:1323)
==11929== by 0x813C345: mov_read_header (demux_mov.c:1931)
==11929== by 0x811E32E: demux_open_stream (demuxer.c:864)
==11929== by 0x811E601: demux_open (demuxer.c:991)
==11929== by 0x807799E: main (mplayer.c:3238)
==11929== Address 0x4c is not stack'd, malloc'd or (recently) free'd
==11929==
==11929== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 19 from 1)
==11929== malloc/free: in use at exit: 16,876,514 bytes in 2,186 blocks.
==11929== malloc/free: 2,330 allocs, 144 frees, 18,160,375 bytes allocated.
==11929== For counts of detected errors, rerun with: -v
==11929== searching for pointers to 2,186 not-freed blocks.
==11929== checked 3,033,056 bytes.
==11929==
==11929== LEAK SUMMARY:
==11929== definitely lost: 968 bytes in 3 blocks.
==11929== possibly lost: 0 bytes in 0 blocks.
==11929== still reachable: 16,875,546 bytes in 2,183 blocks.
==11929== suppressed: 0 bytes in 0 blocks.
==11929== Rerun with --leak-check=full to see details of leaked memory.
*Mplayer Crashed Info*
MPlayer interrupted by signal 11 in module: demux_open
- MPlayer crashed by bad usage of CPU/FPU/RAM. Recompile MPlayer with --enable-debug and make a 'gdb' backtrace and disassembly. Details in DOCS/HTML/en/bugreports_what.html#bugreports_crash.
- MPlayer crashed. This shouldn't happen. It can be a bug in the MPlayer code _or_ in your drivers _or_ in your gcc version. If you think it's MPlayer's fault, please read DOCS/HTML/en/bugreports.html and follow the instructions there. We can't and won't help unless you provide this information when reporting a possible bug.
*This report to inform the error found in Mplayer where it crashes in running
test case: 70-salma.mp4. Stack hash: 2372702564 and error back trace at: gen_sh_video (demux_mov.c:1120).
#The bug is found in making comparison of the fuzzing tools and is a part of
the metafuzz project.
*URL at: metafuzz.com
* This bug has been marked as a duplicate of bug 1170 *