Bug#610550: [CVE-2011-0480] memory corruptions in the ffmpeg Vorbis codec
Luciano Bello
luciano at debian.org
Tue Jan 25 01:50:23 UTC 2011
test case out.webm.139771.2965 :
''''''''''''''''''''''''''''''''
luciano at mybox:/tmp$ ffmpeg -i out.webm.139771.2965 -f null -
FFmpeg version SVN-r25838, Copyright (c) 2000-2010 the FFmpeg developers
built on Nov 29 2010 15:39:30 with gcc 4.4.5
configuration: --enable-libdc1394 --prefix=/usr --extra-cflags='-Wall -g ' --
cc='ccache cc' --enable-shared --enable-libmp3lame --enable-gpl --enable-
libvorbis --enable-pthreads --enable-libfaac --enable-libxvid --enable-postproc
--enable-x11grab --enable-libgsm --enable-libtheora --enable-libopencore-amrnb
--enable-libopencore-amrwb --enable-libx264 --enable-libspeex --enable-nonfree
--disable-stripping --enable-avfilter --enable-libdirac --disable-
decoder=libdirac --enable-libschroedinger --disable-encoder=libschroedinger --
enable-version3 --enable-libopenjpeg --enable-libvpx --enable-librtmp --extra-
libs=-lgcrypt --disable-altivec --disable-armv5te --disable-armv6 --disable-vis
libavutil 50.33. 0 / 50.33. 0
libavcore 0.14. 0 / 0.14. 0
libavcodec 52.97. 2 / 52.97. 2
libavformat 52.87. 1 / 52.87. 1
libavdevice 52. 2. 2 / 52. 2. 2
libavfilter 1.65. 0 / 1.65. 0
libswscale 0.12. 0 / 0.12. 0
libpostproc 51. 2. 0 / 51. 2. 0
[matroska,webm @ 0x22b97a0] Invalid track number 2050
[matroska,webm @ 0x22b97a0] Invalid stream 2050 or size 18378
[matroska,webm @ 0x22b97a0] Estimating duration from bitrate, this may be
inaccurate
Input #0, matroska,webm, from 'out.webm.139771.2965':
Duration: 00:00:01.17, start: 0.000000, bitrate: N/A
Stream #0.0: Audio: vorbis, 44100 Hz, stereo, s16
Stream #0.1: Video: vp8, yuv420p, 200x600, PAR 1:1 DAR 1:3, 25 fps, 25 tbr,
1k tbn, 25 tbc
[buffer @ 0x234fc00] w:200 h:600 pixfmt:yuv420p
Output #0, null, to 'pipe:':
Metadata:
encoder : Lavf52.87.1
Stream #0.0: Video: rawvideo, yuv420p, 200x600 [PAR 1:1 DAR 1:3], q=2-31,
200 kb/s, 90k tbn, 25 tbc
Stream #0.1: Audio: pcm_s16le, 44100 Hz, stereo, s16, 1411 kb/s
Stream mapping:
Stream #0.1 -> #0.0
Stream #0.0 -> #0.1
Press [q] to stop encoding
[vp8 @ 0x22c0560] Invalid start code 0xde019d
Error while decoding stream #0.1
[vp8 @ 0x22c0560] Discarding interframe without a prior keyframe!
Error while decoding stream #0.1
Error while decoding stream #0.1s
Segmentation fault
test case out.webm.68798.1929:
''''''''''''''''''''''''''''''
luciano at mybox:/tmp$ ffmpeg -i out.webm.68798.1929 -f null -
out.webm.139771.2965 out.webm.68798.1929
luciano at mybox:/tmp$ ffmpeg -i out.webm.139771.2965 -f null -
FFmpeg version SVN-r25838, Copyright (c) 2000-2010 the FFmpeg developers
built on Nov 29 2010 15:39:30 with gcc 4.4.5
configuration: --enable-libdc1394 --prefix=/usr --extra-cflags='-Wall -g ' --
cc='ccache cc' --enable-shared --enable-libmp3lame --enable-gpl --enable-
libvorbis --enable-pthreads --enable-libfaac --enable-libxvid --enable-postproc
--enable-x11grab --enable-libgsm --enable-libtheora --enable-libopencore-amrnb
--enable-libopencore-amrwb --enable-libx264 --enable-libspeex --enable-nonfree
--disable-stripping --enable-avfilter --enable-libdirac --disable-
decoder=libdirac --enable-libschroedinger --disable-encoder=libschroedinger --
enable-version3 --enable-libopenjpeg --enable-libvpx --enable-librtmp --extra-
libs=-lgcrypt --disable-altivec --disable-armv5te --disable-armv6 --disable-vis
libavutil 50.33. 0 / 50.33. 0
libavcore 0.14. 0 / 0.14. 0
libavcodec 52.97. 2 / 52.97. 2
libavformat 52.87. 1 / 52.87. 1
libavdevice 52. 2. 2 / 52. 2. 2
libavfilter 1.65. 0 / 1.65. 0
libswscale 0.12. 0 / 0.12. 0
libpostproc 51. 2. 0 / 51. 2. 0
[matroska,webm @ 0x22b97a0] Invalid track number 2050
[matroska,webm @ 0x22b97a0] Invalid stream 2050 or size 18378
[matroska,webm @ 0x22b97a0] Estimating duration from bitrate, this may be
inaccurate
Input #0, matroska,webm, from 'out.webm.139771.2965':
Duration: 00:00:01.17, start: 0.000000, bitrate: N/A
Stream #0.0: Audio: vorbis, 44100 Hz, stereo, s16
Stream #0.1: Video: vp8, yuv420p, 200x600, PAR 1:1 DAR 1:3, 25 fps, 25 tbr,
1k tbn, 25 tbc
[buffer @ 0x234fc00] w:200 h:600 pixfmt:yuv420p
Output #0, null, to 'pipe:':
Metadata:
encoder : Lavf52.87.1
Stream #0.0: Video: rawvideo, yuv420p, 200x600 [PAR 1:1 DAR 1:3], q=2-31,
200 kb/s, 90k tbn, 25 tbc
Stream #0.1: Audio: pcm_s16le, 44100 Hz, stereo, s16, 1411 kb/s
Stream mapping:
Stream #0.1 -> #0.0
Stream #0.0 -> #0.1
Press [q] to stop encoding
[vp8 @ 0x22c0560] Invalid start code 0xde019d
Error while decoding stream #0.1
[vp8 @ 0x22c0560] Discarding interframe without a prior keyframe!
Error while decoding stream #0.1
Error while decoding stream #0.1s
Segmentation fault
-------------- next part --------------
A non-text attachment was scrubbed...
Name: out.webm.68798.1929
Type: video/webm
Size: 592002 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20110124/ad37a3a8/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: out.webm.139771.2965
Type: video/webm
Size: 592002 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20110124/ad37a3a8/attachment-0003.bin>
More information about the pkg-multimedia-maintainers
mailing list