#238 closed defect (fixed)
crash on invalid RIFF/WAV header
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | normal | Component: | demuxer |
| Version: | HEAD | Severity: | minor |
| Keywords: | Cc: | Dominik 'Rathann' Mierzejewski | |
| Blocked By: | Blocking: | ||
| Reproduced by developer: | no | Analyzed by developer: | no |
Description
An invalid RIFF/WAV causes mplayer to crash. I've uploaded a sample file
to ftp://mplayerhq.hu/MPlayer/incoming/riff_broken_hrdlen.wav. Here's full
output from mplayer and a backtrace:
$ gdb mplayer
GNU gdb 2002-04-01-cvs
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-linux"...
(gdb) r -v -vo null -ao null riff_broken_hrdlen.wav
Starting program: /usr/bin/mplayer -v -vo null -ao null riff_broken_hrdlen.wav
[New Thread 1024 (LWP 10373)]
Using GNU internationalization
Original domain: messages
Original dirname: /usr/share/locale
Current domain: mplayer
Current dirname: /usr/share/locale
MPlayer dev-CVS-050219-15:50-2.95.4 (C) 2000-2005 MPlayer Team
CPU: Advanced Micro Devices Athlon Thunderbird (Family: 6, Stepping: 2)
Detected cache-line size is 64 bytes
CPUflags: MMX: 1 MMX2: 1 3DNow: 1 3DNow2: 1 SSE: 0 SSE2: 0
Compiled with runtime CPU detection - WARNING - this is not optimal!
To get best performance, recompile MPlayer with --disable-runtime-cpudetection.
76 audio & 180 video codecs
CommandLine: '-v' '-vo' 'null' '-ao' 'null' 'riff_broken_hrdlen.wav'
init_freetype
get_path('font/font.desc') -> '/home/lindi/.mplayer/font/font.desc'
font: can't open file: /home/lindi/.mplayer/font/font.desc
font: can't open file: /usr/share/mplayer/font/font.desc
Using MMX (with tiny bit MMX2) Optimized OnScreenDisplay
Using Linux hardware RTC timing (1024Hz).
get_path('input.conf') -> '/home/lindi/.mplayer/input.conf'
Can't open input config file /home/lindi/.mplayer/input.conf: No such file or
directory
Parsing input config file /etc/mplayer/input.conf
Input config file /etc/mplayer/input.conf parsed: 0 binds
get_path('riff_broken_hrdlen.wav.conf') ->
'/home/lindi/.mplayer/riff_broken_hrdlen.wav.conf'
Playing riff_broken_hrdlen.wav.
[file] File size is 36750 bytes
STREAM: [file] riff_broken_hrdlen.wav
STREAM: Description: File
STREAM: Author: Albeu
STREAM: Comment: based on the code from ??? (probably Arpi)
Checking for YUV4MPEG2
ASF_check: not ASF guid!
Checking for Nullsoft Streaming Video
Checking for NuppelVideo
Checking for REAL
Checking for SMJPEG
Searching demuxer type for filename riff_broken_hrdlen.wav ext: .wav
Trying demuxer 17 based on filename extension
==> Found audio stream: 0
[demux_audio] Bad wav header length: too short (-240)!!!
demuxer: continue fuzzy content-based format guessing...
Checking for MOV
Checking for VIVO
header block 1 size: 73
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1024 (LWP 10373)]
0x405852ef in malloc () from /lib/libc.so.6
(gdb) bt
#0 0x405852ef in malloc () from /lib/libc.so.6
#1 0x40585074 in malloc () from /lib/libc.so.6
#2 0x0811dfac in new_demuxer (stream=0x8621bf0, type=23, a_id=-1, v_id=-1,
s_id=-1) at demuxer.c:60
#3 0x0811fe29 in demux_open_stream (stream=0x8621bf0, file_format=0,
audio_id=-1, video_id=-1, dvdsub_id=-1,
filename=0x8617938 "riff_broken_hrdlen.wav") at demuxer.c:972
#4 0x08120d66 in demux_open (vs=0x8621bf0, file_format=0, audio_id=-1,
video_id=-1, dvdsub_id=-1, filename=0x8617938 "riff_broken_hrdlen.wav")
at demuxer.c:1482
#5 0x080738e4 in main (argc=7, argv=0xbffff524) at mplayer.c:1644
Here's system information as requested in
http://www.mplayerhq.hu/DOCS/HTML/en/bugreports_what.html. I'm running Debian woody.
$ uname -a
Linux sauna 2.4.29sauna #1 Sat Jan 22 10:49:44 UTC 2005 i686 unknown
$ ls -l /lib/libc[.-]*
-rwxr-xr-x 1 root root 888064 Jan 9 2002 /lib/libc-2.1.3.so
-rwxr-xr-x 1 root root 1153784 Jan 7 14:05 /lib/libc-2.2.5.so
lrwxrwxrwx 1 root root 13 Jan 17 22:45 /lib/libc.so.6 ->
libc-2.2.5.so
$ gcc -v
Reading specs from /usr/lib/gcc-lib/i386-linux/2.95.4/specs
gcc version 2.95.4 20011002 (Debian prerelease)
$ ld -v
GNU ld version 2.12.90.0.1 20020307 Debian/GNU Linux
$ as --version
GNU assembler 2.12.90.0.1 20020307 Debian/GNU Linux
Copyright 2002 Free Software Foundation, Inc.
This program is free software; you may redistribute it under the terms of
the GNU General Public License. This program has absolutely no warranty.
This assembler was configured for a target of `i386-linux'.
$ cat /proc/cpuinfo
processor : 0
vendor_id : AuthenticAMD
cpu family : 6
model : 4
model name : AMD Athlon(tm) processor
stepping : 2
cpu MHz : 701.604
cache size : 256 KB
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 1
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
pat pse36 mmx fxsr syscall mmxext 3dnowext 3dnow
bogomips : 1399.19
Change History (3)
comment:1 by , 18 years ago
| Cc: | added |
|---|
comment:2 by , 18 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
does not crash with latest SVN (does not play either though).
Please re-check with current CVS and re-upload if it's still happening.