[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#920231: marked as done (bs1770gain: Segfault in av_packet_copy_props() on mp3)

Your message dated Wed, 23 Jan 2019 10:19:08 +0000
with message-id <E1gmFci-000DjO-Sg@fasolo.debian.org>
and subject line Bug#920231: fixed in bs1770gain 0.5.2-1
has caused the Debian Bug report #920231,
regarding bs1770gain: Segfault in av_packet_copy_props() on mp3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
920231: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920231
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: bs1770gain
Version: 0.5.1-3

While using bs1770gain to measure the loudness of a lot of files, I ran
into a file causing bs1770gain to segfault.  This is the valgrind output
from the crash:

$ valgrind bs1770gain --xml --truepeak DTNormieS_01.mp3 
==24286== Memcheck, a memory error detector
==24286== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==24286== Using Valgrind-3.14.0 and LibVEX; rerun with -h for copyright info
==24286== Command: bs1770gain --xml --truepeak DTNormieS_01.mp3
==24286== 
<bs1770gain>
  <album>
    <track total="1" number="1" file="DTNormieS&#x5F;01&#x2E;mp3">
==24286== Invalid read of size 4
==24286==    at 0x4EDD7F4: av_packet_copy_props (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDDF82: av_packet_ref (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4F826C3: avcodec_send_packet (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4F84C22: ??? (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x111892: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x111EBF: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x1139ED: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x113ADD: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x4877932: sox_flow_effects (in /usr/lib/x86_64-linux-gnu/libsox.so.3.0.0)
==24286==    by 0x110777: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x10E7C8: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x10C3F2: ??? (in /usr/bin/bs1770gain)
==24286==  Address 0x11de38b8 is 8 bytes inside a block of size 16 free'd
==24286==    at 0x48369AB: free (vg_replace_malloc.c:530)
==24286==    by 0x4EDCDE8: av_packet_free_side_data (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDD86C: av_packet_unref (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x112693: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x111EBF: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x1139ED: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x113ADD: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x4877932: sox_flow_effects (in /usr/lib/x86_64-linux-gnu/libsox.so.3.0.0)
==24286==    by 0x110777: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x10E7C8: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x10C3F2: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x64DB09A: (below main) (libc-start.c:308)
==24286==  Block was alloc'd at
==24286==    at 0x48356AF: malloc (vg_replace_malloc.c:298)
==24286==    by 0x4837DE7: realloc (vg_replace_malloc.c:826)
==24286==    by 0x4EDCF12: av_packet_add_side_data (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDCFDC: av_packet_new_side_data (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDD805: av_packet_copy_props (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDDF82: av_packet_ref (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4C7E24A: ??? (in /usr/lib/x86_64-linux-gnu/libavformat.so.58.20.100)
==24286==    by 0x4C84563: av_read_frame (in /usr/lib/x86_64-linux-gnu/libavformat.so.58.20.100)
==24286==    by 0x11269F: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x111EBF: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x1139ED: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x113ADD: ??? (in /usr/bin/bs1770gain)
==24286== 
==24286== Invalid read of size 4
==24286==    at 0x4EDD7F8: av_packet_copy_props (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDDF82: av_packet_ref (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4F826C3: avcodec_send_packet (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4F84C22: ??? (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x111892: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x111EBF: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x1139ED: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x113ADD: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x4877932: sox_flow_effects (in /usr/lib/x86_64-linux-gnu/libsox.so.3.0.0)
==24286==    by 0x110777: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x10E7C8: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x10C3F2: ??? (in /usr/bin/bs1770gain)
==24286==  Address 0x11de38bc is 12 bytes inside a block of size 16 free'd
==24286==    at 0x48369AB: free (vg_replace_malloc.c:530)
==24286==    by 0x4EDCDE8: av_packet_free_side_data (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDD86C: av_packet_unref (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x112693: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x111EBF: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x1139ED: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x113ADD: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x4877932: sox_flow_effects (in /usr/lib/x86_64-linux-gnu/libsox.so.3.0.0)
==24286==    by 0x110777: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x10E7C8: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x10C3F2: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x64DB09A: (below main) (libc-start.c:308)
==24286==  Block was alloc'd at
==24286==    at 0x48356AF: malloc (vg_replace_malloc.c:298)
==24286==    by 0x4837DE7: realloc (vg_replace_malloc.c:826)
==24286==    by 0x4EDCF12: av_packet_add_side_data (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDCFDC: av_packet_new_side_data (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDD805: av_packet_copy_props (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDDF82: av_packet_ref (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4C7E24A: ??? (in /usr/lib/x86_64-linux-gnu/libavformat.so.58.20.100)
==24286==    by 0x4C84563: av_read_frame (in /usr/lib/x86_64-linux-gnu/libavformat.so.58.20.100)
==24286==    by 0x11269F: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x111EBF: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x1139ED: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x113ADD: ??? (in /usr/bin/bs1770gain)
==24286== 
==24286== Invalid read of size 8
==24286==    at 0x4EDD7FB: av_packet_copy_props (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDDF82: av_packet_ref (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4F826C3: avcodec_send_packet (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4F84C22: ??? (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x111892: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x111EBF: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x1139ED: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x113ADD: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x4877932: sox_flow_effects (in /usr/lib/x86_64-linux-gnu/libsox.so.3.0.0)
==24286==    by 0x110777: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x10E7C8: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x10C3F2: ??? (in /usr/bin/bs1770gain)
==24286==  Address 0x11de38b0 is 0 bytes inside a block of size 16 free'd
==24286==    at 0x48369AB: free (vg_replace_malloc.c:530)
==24286==    by 0x4EDCDE8: av_packet_free_side_data (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDD86C: av_packet_unref (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x112693: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x111EBF: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x1139ED: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x113ADD: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x4877932: sox_flow_effects (in /usr/lib/x86_64-linux-gnu/libsox.so.3.0.0)
==24286==    by 0x110777: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x10E7C8: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x10C3F2: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x64DB09A: (below main) (libc-start.c:308)
==24286==  Block was alloc'd at
==24286==    at 0x48356AF: malloc (vg_replace_malloc.c:298)
==24286==    by 0x4837DE7: realloc (vg_replace_malloc.c:826)
==24286==    by 0x4EDCF12: av_packet_add_side_data (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDCFDC: av_packet_new_side_data (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDD805: av_packet_copy_props (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDDF82: av_packet_ref (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4C7E24A: ??? (in /usr/lib/x86_64-linux-gnu/libavformat.so.58.20.100)
==24286==    by 0x4C84563: av_read_frame (in /usr/lib/x86_64-linux-gnu/libavformat.so.58.20.100)
==24286==    by 0x11269F: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x111EBF: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x1139ED: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x113ADD: ??? (in /usr/bin/bs1770gain)
==24286== 
==24286== Invalid read of size 8
==24286==    at 0x483C97D: memmove (vg_replace_strmem.c:1270)
==24286==    by 0x4EDD7E0: av_packet_copy_props (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDDF82: av_packet_ref (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4F826C3: avcodec_send_packet (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4F84C22: ??? (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x111892: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x111EBF: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x1139ED: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x113ADD: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x4877932: sox_flow_effects (in /usr/lib/x86_64-linux-gnu/libsox.so.3.0.0)
==24286==    by 0x110777: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x10E7C8: ??? (in /usr/bin/bs1770gain)
==24286==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==24286== 
==24286== 
==24286== Process terminating with default action of signal 11 (SIGSEGV)
==24286==  Access not within mapped region at address 0x0
==24286==    at 0x483C97D: memmove (vg_replace_strmem.c:1270)
==24286==    by 0x4EDD7E0: av_packet_copy_props (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4EDDF82: av_packet_ref (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4F826C3: avcodec_send_packet (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x4F84C22: ??? (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100)
==24286==    by 0x111892: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x111EBF: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x1139ED: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x113ADD: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x4877932: sox_flow_effects (in /usr/lib/x86_64-linux-gnu/libsox.so.3.0.0)
==24286==    by 0x110777: ??? (in /usr/bin/bs1770gain)
==24286==    by 0x10E7C8: ??? (in /usr/bin/bs1770gain)
==24286==  If you believe this happened as a result of a stack
==24286==  overflow in your program's main thread (unlikely but
==24286==  possible), you can try to increase the size of the
==24286==  main thread stack using the --main-stacksize= flag.
==24286==  The main thread stack size used in this run was 8388608.
==24286== 
==24286== HEAP SUMMARY:
==24286==     in use at exit: 3,036,194 bytes in 1,048 blocks
==24286==   total heap usage: 690,380 allocs, 689,332 frees, 113,824,724 bytes allocated
==24286== 
==24286== LEAK SUMMARY:
==24286==    definitely lost: 0 bytes in 0 blocks
==24286==    indirectly lost: 0 bytes in 0 blocks
==24286==      possibly lost: 1,352 bytes in 18 blocks
==24286==    still reachable: 3,034,842 bytes in 1,030 blocks
==24286==                       of which reachable via heuristic:
==24286==                         newarray           : 1,536 bytes in 16 blocks
==24286==         suppressed: 0 bytes in 0 blocks
==24286== Rerun with --leak-check=full to see details of leaked memory
==24286== 
==24286== For counts of detected and suppressed errors, rerun with: -v
==24286== ERROR SUMMARY: 4 errors from 4 contexts (suppressed: 0 from 0)
Segmentation fault
%

Can this be a security issue?

-- 
Happy hacking
Petter Reinholdtsen

--- End Message ---
--- Begin Message --- 
Source: bs1770gain
Source-Version: 0.5.2-1

We believe that the bug you reported is fixed in the latest version of
bs1770gain, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 920231@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Petter Reinholdtsen <pere@debian.org> (supplier of updated bs1770gain package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 23 Jan 2019 10:48:53 +0100
Source: bs1770gain
Binary: bs1770gain
Architecture: source
Version: 0.5.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Changed-By: Petter Reinholdtsen <pere@debian.org>
Description:
 bs1770gain - measure and adjust audio and video sound loudness
Closes: 910451 920231
Changes:
 bs1770gain (0.5.2-1) unstable; urgency=medium
 .
   * Corrected/added bug numbers closed.
   * Extended test to verify mp3 files can be measured.
   * New upstream version 0.5.2 (Closes: #910451, #920231).
Checksums-Sha1:
 e22a2ad5802d656e6f953f0e5236762be0f125bc 2056 bs1770gain_0.5.2-1.dsc
 2e0cb163e3499c9a94bab801b8bfac1abae898c7 196694 bs1770gain_0.5.2.orig.tar.gz
 4cf85a8e3468c58b0d298830ddadfb7635f9d523 521820 bs1770gain_0.5.2-1.debian.tar.xz
 b520650b06c9fc0f979c7977a65e6274fa112f55 9597 bs1770gain_0.5.2-1_source.buildinfo
Checksums-Sha256:
 b47f062c6bb87c27424d6dfc357d3ec64318cfac3f21426afae9ffa0cbd368ce 2056 bs1770gain_0.5.2-1.dsc
 73e5738786b57afb89582333ed18206fd2c6d5245717d3b24ace7f7670f9dedc 196694 bs1770gain_0.5.2.orig.tar.gz
 b393ac8c932f0d6a81b0e2919c61df473e5942e28a829c2b63af00f0570f3183 521820 bs1770gain_0.5.2-1.debian.tar.xz
 943e0c3550d717b335d628830dd23e40b9bd508b5fea863ff71296fa85d6d678 9597 bs1770gain_0.5.2-1_source.buildinfo
Files:
 70c4eb1703b3f1a91ddfdb0367e7088c 2056 sound optional bs1770gain_0.5.2-1.dsc
 b4bbfeb00ffcc6bd72a4e3585ac44bfb 196694 sound optional bs1770gain_0.5.2.orig.tar.gz
 596e386c277cc991e3ce80e3d7ffc429 521820 sound optional bs1770gain_0.5.2-1.debian.tar.xz
 b416fd26556a7e2761444e6c9b5eb038 9597 sound optional bs1770gain_0.5.2-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEERqLf4owIeylOb9kkgSgKoIe6+w4FAlxIOUYACgkQgSgKoIe6
+w5NuRAAmI87GE0/ALu9DhMOP1ou3hRslPNlo95K7McVMPJRG1CIZ5kuNLNMCWYH
4k3xrRXDqeX3kmI1Wg+Aje6Jzay1ZxmzTea2rq0kvUMySf5Os9YNqd9yR82v4Vgs
tqFH5qd2TNwla9NaZ+BM61BpbcpUsaHMFgkQHYoFeK+KHVpHtEyi5TdfapJfoF2B
8MrS6fN03djT+ZyXVUWTPFypWjnZnpb2h3t2zovXCiy9t4tba+ukUS1L7tGzRGNf
sCbfDIB/VITXPnXIZANGQF33oZW8sCgx/IshSJo1BH1+bscUYS/WCmv7zIa8mksD
GUaPkECqyrkq3f7laS6Vv1RWpeNay7MpQ7Pk2anXBaoiY+VJwXnHpagH+X3Gkmen
+j+rEFoQ8iBvMsvO/5aV9C9/ZamX3ZOlxjl3Fp85nwuo+qNIJ4GHL4A26KY3j6oo
FFa74DIp/1Ekp1Go19gMlh5L3m2DlAmTL40RroGncUSYSjOa1fTwKkjBh90Ws5vQ
+578BkSKdop48ESyojoMKqpHm0MDohym7TzB8pvPb8HB0u0CsPTYU2WE7XT0arZ9
MsyQEKt6Ch7fR+i51uDDLYWtD6OZ6ienPdRdkSx7wvVQAgLYKWK53yLTcw3KxljG
n2hNkqBngKWizbHnLzrfSJSyYG4wSrkoiULZ1dN2lAP8hzL9GQY=
=Dufo
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: