SIGSEGV playing a gif file

[ggrieco]

Summary of the bug:

SIGSEGV playing a gif file. Tested in mplayer svn 2015-12-18

How to reproduce:

mplayer -vo null -ao null (testcase attached)

backtrace:

[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
MPlayer SVN-r37563-snapshot-4.8 (C) 2000-2015 MPlayer Team

Playing SIGSEGV.PC.5555557f7cf2.STACK.d7c589751.CODE.1.ADDR.(nil).INSTR.cmpl___$0x100,(%rsi).fuzz.
libavformat version 57.20.100 (internal)
GIF file format detected.
VIDEO:  [RGB]  1273x512  8bpp  5.000 fps    0.0 kbps ( 0.0 kbyte/s)
Load subtitles in ./

Program received signal SIGSEGV, Segmentation fault.
0x00005555557f7cf2 in demux_gif_fill_buffer ()
#0  0x00005555557f7cf2 in demux_gif_fill_buffer ()
#1  0x000055555576c5a8 in ds_get_next_pts ()
#2  0x00005555556a07e9 in main ()

valgrind report:

MPlayer SVN-r37563-snapshot-4.8 (C) 2000-2015 MPlayer Team

Playing SIGSEGV.PC.5555557f7cf2.STACK.d7c589751.CODE.1.ADDR.(nil).INSTR.cmpl___$0x100,(%rsi).fuzz.
libavformat version 57.20.100 (internal)
GIF file format detected.
VIDEO:  [RGB]  1273x512  8bpp  5.000 fps    0.0 kbps ( 0.0 kbyte/s)
Load subtitles in ./
==7239== Invalid read of size 4
==7239==    at 0x3ABCF2: demux_gif_fill_buffer (in /home/vagrant/repos/mplayer-export-2015-12-18/mplayer)
==7239==    by 0x3205A7: ds_get_next_pts (in /home/vagrant/repos/mplayer-export-2015-12-18/mplayer)
==7239==    by 0x2547E8: main (in /home/vagrant/repos/mplayer-export-2015-12-18/mplayer)
==7239==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==7239== 

[rxt]

Already fixed with between r37572 (29/12/2015) and r37594 (08/01/2016) after being reported to the devel mailing list.