[gstreamer-bugs] [Bug 172281] New: Buffer overflows in gstspeed
bugzilla-daemon at bugzilla.gnome.org
bugzilla-daemon at bugzilla.gnome.org
Thu Mar 31 09:19:26 PST 2005
Please DO NOT reply to this by email. All additional comments should be made in
the comments box of this bug report.
http://bugzilla.gnome.org/show_bug.cgi?id=172281
GStreamer | gst-plugins | Ver: 0.8.8
Summary: Buffer overflows in gstspeed
Product: GStreamer
Version: 0.8.8
Platform: Other
OS/Version: All
Status: UNCONFIRMED
Severity: critical
Priority: High
Component: gst-plugins
AssignedTo: gstreamer-bugs at lists.sourceforge.net
ReportedBy: nelson at bignachos.com
QAContact: gstreamer-bugs at lists.sourceforge.net
CC: all-bugs at bugzilla.gnome.org
Steps to reproduce:
1. Occurs randomly with when setting the speed to a value greater than about
3.0
Stack trace:
$ valgrind gst-launch-0.8 filesrc location=foo.ogg ! spider ! speed speed=4
==10946== Memcheck, a memory error detector for x86-linux.
==10946== Copyright (C) 2002-2005, and GNU GPL'd, by Julian Seward et al.
==10946== Using valgrind-2.4.0, a program supervision framework for x86-linux.
==10946== Copyright (C) 2000-2005, and GNU GPL'd, by Julian Seward et al.
==10946== For more details, rerun with: -v
==10946==
RUNNING pipeline ...
==10946== Invalid write of size 4
==10946== at 0x1B914898: speed_chain_float32 (gstspeed.c:352)
==10946== by 0x1B9141E6: speed_chain (gstspeed.c:418)
==10946== by 0x1B95A680: gst_pad_call_chain_function
(in /usr/lib/libgstreamer-0.8.so.1.4.0)
==10946== by 0x1B957604: gst_pad_push
(in /usr/lib/libgstreamer-0.8.so.1.4.0)
==10946== by 0x1C3B16EA: (within /usr/lib/gstreamer-0.8/libgstspider.so)
==10946== by 0x1C3B24C7: (within /usr/lib/gstreamer-0.8/libgstspider.so)
==10946== by 0x1C3BBB33:
(within /usr/lib/gstreamer-0.8/libgstoptscheduler.so)
==10946== by 0x1C3BAF92:
(within /usr/lib/gstreamer-0.8/libgstoptscheduler.so)
==10946== by 0x1C3BB277:
(within /usr/lib/gstreamer-0.8/libgstoptscheduler.so)
==10946== by 0x1C3BB3F6:
(within /usr/lib/gstreamer-0.8/libgstoptscheduler.so)
==10946== by 0x1C3BF74E:
(within /usr/lib/gstreamer-0.8/libgstoptscheduler.so)
==10946== by 0x1B965178: gst_scheduler_iterate
(in /usr/lib/libgstreamer-0.8.so.1.4.0)
==10946== Address 0x1BE25F24 is 2044 bytes inside a block of size 2046 alloc'd
==10946== at 0x1B90459D: malloc (vg_replace_malloc.c:130)
==10946== by 0x1BC3FA46: g_malloc (in /usr/lib/libglib-2.0.so.0.600.3)
==10946== by 0x1B93867B: gst_buffer_new_and_alloc
(in /usr/lib/libgstreamer-0.8.so.1.4.0)
==10946== by 0x1B95638A: gst_pad_alloc_buffer
(in /usr/lib/libgstreamer-0.8.so.1.4.0)
==10946== by 0x1B914149: speed_chain (gstspeed.c:408)
==10946== by 0x1B95A680: gst_pad_call_chain_function
(in /usr/lib/libgstreamer-0.8.so.1.4.0)
==10946== by 0x1B957604: gst_pad_push
(in /usr/lib/libgstreamer-0.8.so.1.4.0)
==10946== by 0x1C3B16EA: (within /usr/lib/gstreamer-0.8/libgstspider.so)
==10946== by 0x1C3B24C7: (within /usr/lib/gstreamer-0.8/libgstspider.so)
==10946== by 0x1C3BBB33:
(within /usr/lib/gstreamer-0.8/libgstoptscheduler.so)
==10946== by 0x1C3BAF92:
(within /usr/lib/gstreamer-0.8/libgstoptscheduler.so)
==10946== by 0x1C3BB277:
(within /usr/lib/gstreamer-0.8/libgstoptscheduler.so)
Execution ended after 16629 iterations (sum 274290931000 ns, average 16494733
ns, min 877000 ns, max 1544243000 ns).
Other information:
On my system, gstspeed.c:352 corresponds to the line:
out_data[j * filter->channels] =
lower * (1 - interp) + in_data[i * filter->channels] * interp;
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are the QA contact for the bug.
More information about the Gstreamer-bugs
mailing list