How to report a bunch of mplayer bugs

[Gustavo Grieco]

Hello,

I'm the main developer and maintainer of QuickFuzz, a free and open-source experimental grammar fuzzer. I recently made a quick test of Mplayer version shipped with Ubuntu 14.04 and found a few interesting crashes trying to play malformed wav files. These crashes are de-duplicated by Honggfuzz, so they should be more or less independent (although, some are definitely related). The list is here:

SIGBUS.PC.5704be.STACK.5c9a551.CODE.128.ADDR.(nil).INSTR.callq__0xfffffffffff3c6e2.fuzz
SIGFPE.PC.432d0e.STACK.18b3c0fcd4.CODE.1.ADDR.0x432d0e.INSTR.idivl__0x560ca8(%rip)________#_0x0000000000560cae.fuzz
SIGFPE.PC.4bf2c3.STACK.1bca543b66.CODE.1.ADDR.0x4bf2c3.INSTR.divl___0x80(%rsi).fuzz
SIGFPE.PC.7ffff3ceed83.STACK.d7d8808dd.CODE.1.ADDR.0x7ffff3ceed83.INSTR.idiv___%r8d.fuzz
SIGSEGV.PC.4bd833.STACK.18b2dd10ac.CODE.1.ADDR.0xa.INSTR.movzwl_0xa(%rax),%ecx.fuzz
SIGSEGV.PC.4be46b.STACK.1aba63653d.CODE.1.ADDR.(nil).INSTR.movzbl_(%rcx,%rdx,1),%ecx.fuzz
SIGSEGV.PC.5704be.STACK.5c9a551.CODE.1.ADDR.0x7ffffaaf0e08.INSTR.callq__0xfffffffffff3c6e2.fuzz
SIGSEGV.PC.5704be.STACK.5c9a551.CODE.1.ADDR.0x7ffffefcecd8.INSTR.callq__0xfffffffffff3c6e2.fuzz
SIGSEGV.PC.5704be.STACK.5c9a551.CODE.1.ADDR.0x7fffff48eff8.INSTR.callq__0xfffffffffff3c6e2.fuzz
SIGSEGV.PC.5704be.STACK.5c9a551.CODE.1.ADDR.0x7fffff54e258.INSTR.callq__0xfffffffffff3c6e2.fuzz
SIGSEGV.PC.5704be.STACK.5c9a551.CODE.1.ADDR.0x7fffff60c128.INSTR.callq__0xfffffffffff3c6e2.fuzz
SIGSEGV.PC.5704be.STACK.5c9a551.CODE.1.ADDR.0x7fffff60d498.INSTR.callq__0xfffffffffff3c6e2.fuzz
SIGSEGV.PC.5704be.STACK.5c9a551.CODE.1.ADDR.0x7fffff60d4a8.INSTR.callq__0xfffffffffff3c6e2.fuzz
SIGSEGV.PC.5704be.STACK.5c9a551.CODE.1.ADDR.0x7fffff60daa8.INSTR.callq__0xfffffffffff3c6e2.fuzz
SIGSEGV.PC.5704be.STACK.5c9a551.CODE.1.ADDR.0x7fffff60db58.INSTR.callq__0xfffffffffff3c6e2.fuzz
SIGSEGV.PC.5704be.STACK.5c9a551.CODE.1.ADDR.0x7fffff6429a8.INSTR.callq__0xfffffffffff3c6e2.fuzz
SIGSEGV.PC.5947b5.STACK.1b0df30f87.CODE.1.ADDR.(nil).INSTR.movzbl_(%rcx,%rdx,1),%ecx.fuzz
SIGSEGV.PC.7fffefe7314e.STACK.18f3cc3594.CODE.1.ADDR.(nil).INSTR.movdqu_%xmm8,(%rdi,%rcx,1).fuzz

I think some of them can be security issues (that's why they are not linked in this email). I want to handle such test cases to some trusted maintainers of Mplayer and avoid spamming the bug tracker. I already ask upstream (http://permalink.gmane.org/gmane.comp.video.mplayer.devel/64515) and they told me that mplayer 1.1 is unsupported, so i'm re-testing for the last cve revision. 

Regards,
Gus.