Bug#775959: lame: invalid sample rate -> segmentation fault
Jakub Wilk
jwilk at debian.org
Wed Jan 21 23:05:01 UTC 2015
Package: lame
Version: 3.99.5+repack1-5
Usertags: afl
lame crashes while trying compress the attached WAV file, which
apparently has bogus sample rate:
$ lame crash.wav
LAME 3.99.5 32bits (http://lame.sf.net)
CPU features: MMX (ASM used), 3DNow! (ASM used), SSE (ASM used), SSE2
Resampling: input -2.14748e+06 kHz output 8 kHz
Using polyphase lowpass filter, transition band: 3000 Hz - 3097 Hz
Encoding crash.wav to crash.mp3
Encoding as 8 kHz single-ch MPEG-2.5 Layer III (16x) 8 kbps qval=3
Frame | CPU time/estim | REAL time/estim | play/CPU | ETA
0/ ( 0%)| 0:00/ : | 0:00/ : | x|
:
00:00------------------------------------------------------------------
kbps % %
0.0 Segmentation fault
This bug was found using American fuzzy lop:
https://packages.debian.org/experimental/afl
Disclaimer: I don't have spare CPU cycles, so I fuzzed only till the
first crash (which took a few seconds). It's likely that extensive
fuzzing would uncover more interesting crashers. I'd encourage LAME
maintainers to perform fuzzing with AFL on their own. :-)
-- System Information:
Debian Release: 8.0
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages lame depends on:
ii libc6 2.19-13
ii libmp3lame0 3.99.5+repack1-5
ii libncurses5 5.9+20140913-1+b1
ii libtinfo5 5.9+20140913-1+b1
--
Jakub Wilk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: crash.wav
Type: audio/x-wav
Size: 572 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20150122/ecca5b0d/attachment-0001.wav>
More information about the pkg-multimedia-maintainers
mailing list