How to report a bunch of mplayer bugs

Gustavo Grieco gustavo.grieco at imag.fr
Wed Dec 23 11:25:48 UTC 2015 

----- Original Message -----
> Hi Gustavo,
> 
> On 22.12.2015 16:15, Gustavo Grieco wrote:
> > I'm the main developer and maintainer of QuickFuzz, a free and open-source
> > experimental
> > grammar fuzzer. I recently made a quick test of Mplayer version shipped
> > with Ubuntu 14.04
> > and found a few interesting crashes trying to play malformed wav files.
> > These crashes are
> > de-duplicated by Honggfuzz, so they should be more or less independent
> > (although, some are
> > definitely related).
> 
> Thanks for your effort!

:D

> 
> This list is not very useful. Please provide at least backtraces (with the
> necessary -dbg
> packages installed).

I have the valgrind and gdb backtraces just here (attached).

> 
> > I think some of them can be security issues (that's why they are not linked
> > in this email).
> > I want to handle such test cases to some trusted maintainers of Mplayer and
> > avoid spamming the
> > bug tracker. I already ask upstream
> > (http://permalink.gmane.org/gmane.comp.video.mplayer.devel/64515)
> > and they told me that mplayer 1.1 is unsupported, so i'm re-testing for the
> > last cve revision.
> 
> I suspect that most the the issues you found are not even bugs in mplayer,
> but rather Libav,
> which is used in Ubuntu 14.04.
> We've switched back to FFmpeg recently and I suspect most/all of the issues
> you found
> don't affect it.
> 
> Please test your samples with mplayer/ffmpeg from Debian unstable/testing or
> Ubuntu xenial.

Compiling the last snapshot version from the mplayer repository is not the same? (i'm using mplayer-export-2015-12-18)
I verified that there is no linked libraries matching "libav*" in the resulting mplayer binary.

> 
> Best regards,
> Andreas
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: reports-valgrind.log
Type: text/x-log
Size: 66449 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20151223/765c8685/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: reports-gdb.log
Type: text/x-log
Size: 40221 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20151223/765c8685/attachment-0003.bin>

More information about the pkg-multimedia-maintainers mailing list