[Bug 727409] New: streamsynchronizer does invalid memory access
GStreamer (bugzilla.gnome.org)
bugzilla at gnome.org
Mon Mar 31 21:03:36 PDT 2014
https://bugzilla.gnome.org/show_bug.cgi?id=727409
GStreamer | gst-plugins-base | 1.2.3
Summary: streamsynchronizer does invalid memory access
Classification: Platform
Product: GStreamer
Version: 1.2.3
OS/Version: Linux
Status: UNCONFIRMED
Severity: normal
Priority: Normal
Component: gst-plugins-base
AssignedTo: gstreamer-bugs at lists.freedesktop.org
ReportedBy: msameer at foolab.org
QAContact: gstreamer-bugs at lists.freedesktop.org
GNOME version: ---
if streamsynchronizer receives a buffer which is not copyable then it can cause
a crash.
gststreamsynchronizer.c line 556 and 557:
buffer = gst_buffer_make_writable (buffer);
GST_BUFFER_FLAG_UNSET (buffer, GST_BUFFER_FLAG_DISCONT);
The code does not check the return value of gst_buffer_make_writable ()
in my case, I have buffers with an uncopyable GstMemory which causes
gst_mini_object_make_writable to return NULL.
Here's what valgrind shows:
0:00:20.032290552 25081 0x7ea1780 DEBUG GST_PERFORMANCE
gstminiobject.c:326:gst_mini_object_make_writable: copy GstBuffer miniobject
0x4f8a828 -> (nil)
==25081== Thread 10:
==25081== Invalid read of size 4
==25081== at 0x51586F4: gst_stream_synchronizer_sink_chain
(gststreamsynchronizer.c:557)
==25081== by 0x48B0717: gst_pad_push_data (gstpad.c:3760)
==25081== by 0x48A0173: gst_proxy_pad_chain_default (gstghostpad.c:128)
==25081== by 0x48B0717: gst_pad_push_data (gstpad.c:3760)
==25081== by 0x5342A1F: gst_selector_pad_chain (gstinputselector.c:1108)
==25081== by 0x48B0717: gst_pad_push_data (gstpad.c:3760)
==25081== by 0x48A0173: gst_proxy_pad_chain_default (gstghostpad.c:128)
==25081== by 0x48B0717: gst_pad_push_data (gstpad.c:3760)
==25081== by 0x48A0173: gst_proxy_pad_chain_default (gstghostpad.c:128)
==25081== by 0x48B0717: gst_pad_push_data (gstpad.c:3760)
==25081== by 0x523625F: gst_video_decoder_clip_and_push_buf
(gstvideodecoder.c:2657)
==25081== by 0x523BBDF: gst_video_decoder_finish_frame
(gstvideodecoder.c:2572)
==25081== Address 0xc is not stack'd, malloc'd or (recently) free'd
==25081==
Caught SIGSEGV
Notice the (nil) printed by gst_mini_object_make_writable()
Here is my pipeline:
GST_DEBUG='*:3,GST_PERFORMANCE:5' valgrind gst-launch-1.0 playbin
uri=file:////home/nemo/Videos/Camera/20140327_001.mp4 flags=99
--
Configure bugmail: https://bugzilla.gnome.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.
More information about the gstreamer-bugs
mailing list