New submission from Vitor <[email protected]>: To reproduce
vi...@vitor:~$ touch file vi...@vitor:~$ ffmpeg_g -i file FFmpeg version SVN-r22567, Copyright (c) 2000-2010 the FFmpeg developers built on Mar 16 2010 20:16:07 with gcc 4.4.1 configuration: --cc='ccache gcc' --cpu=host --disable-yasm --samples=/home/vitor/ffmpeg/fate/fate-suite libavutil 50.12. 0 / 50.12. 0 libavcodec 52.59. 0 / 52.59. 0 libavformat 52.56. 0 / 52.56. 0 libavdevice 52. 2. 0 / 52. 2. 0 libswscale 0.10. 0 / 0.10. 0 *** glibc detected *** /home/vitor/ffmpeg/ffmpeg.2/ffmpeg_g: realloc(): invalid pointer: 0x09d6e468 *** ======= Backtrace: ========= /lib/tls/i686/cmov/libc.so.6[0xea7ff1] /lib/tls/i686/cmov/libc.so.6(realloc+0x2b8)[0xeada38] /home/vitor/ffmpeg/ffmpeg.2/ffmpeg_g[0x8106a02] ======= Memory map: ======== 00124000-00139000 r-xp 00000000 08:05 7915593 /lib/tls/i686/cmov/libpthread-2.10.1.so [... boring list omitted ...] With valgrind: ==25424== Memcheck, a memory error detector ==25424== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al. ==25424== Using Valgrind-3.5.0-Debian and LibVEX; rerun with -h for copyright info ==25424== Command: /home/vitor/ffmpeg/ffmpeg.2/ffmpeg_g -i a.a ==25424== FFmpeg version SVN-r22567, Copyright (c) 2000-2010 the FFmpeg developers built on Mar 16 2010 20:16:07 with gcc 4.4.1 configuration: --cc='ccache gcc' --cpu=host --disable-yasm --samples=/home/vitor/ffmpeg/fate/fate-suite libavutil 50.12. 0 / 50.12. 0 libavcodec 52.59. 0 / 52.59. 0 libavformat 52.56. 0 / 52.56. 0 libavdevice 52. 2. 0 / 52. 2. 0 libswscale 0.10. 0 / 0.10. 0 ==25424== Invalid write of size 4 ==25424== at 0x8106A63: av_open_input_file (string3.h:85) ==25424== Address 0x44767f8 is not stack'd, malloc'd or (recently) free'd ==25424== ==25424== Conditional jump or move depends on uninitialised value(s) ==25424== at 0x80A6F77: ff_id3v2_match (id3v2.c:28) ==25424== ==25424== Conditional jump or move depends on uninitialised value(s) ==25424== at 0x81125EA: aiff_probe (aiffdec.c:163) ==25424== ==25424== Conditional jump or move depends on uninitialised value(s) ==25424== at 0x80813DB: amr_probe (amr.c:71) ==25424== [... more probes ...] ==25424== Conditional jump or move depends on uninitialised value(s) ==25424== at 0x8110C5B: yuv4_probe (yuv4mpeg.c:386) ==25424== a.a: Unknown format ==25424== ==25424== HEAP SUMMARY: ==25424== in use at exit: 0 bytes in 0 blocks ==25424== total heap usage: 21 allocs, 21 frees, 2,169,944 bytes allocated ==25424== ==25424== All heap blocks were freed -- no leaks are possible ==25424== ==25424== For counts of detected and suppressed errors, rerun with: -v ==25424== Use --track-origins=yes to see where uninitialised values come from ==25424== ERROR SUMMARY: 1480 errors from 83 contexts (suppressed: 33 from 8) ---------- messages: 9853 priority: normal status: new substatus: new title: Crash on empty files type: bug ________________________________________________ FFmpeg issue tracker <[email protected]> <https://roundup.ffmpeg.org/issue1818> ________________________________________________
