Public bug reported: Binary package hint: gpac
Tried to encode this video using podencoder, which makes a call to MP4Box, which may be corrupting itself. I have not looked at the source to see if this is a security issue or not. Tested on Feisty... podencoder is a shell script available from here: http://diveintomark.org/public/2007/06/podencoder.txt I will attach the problematic file... [EMAIL PROTECTED]:/tmp$ uname -a + uname -a Linux jherm-desktop 2.6.20-16-generic #2 SMP Thu Jun 7 20:19:32 UTC 2007 i686 GNU/Linux ++ echo -ne '\033]0;[EMAIL PROTECTED]: /tmp\007' [EMAIL PROTECTED]:/tmp$ podencoder poster.mov + podencoder poster.mov + version=0.20070117.0 ++ basename /usr/local/bin/podencoder + appname=podencoder + appdescription='Encode video for iPod 5G' + confname=.podencoderrc + device=/dev/dvd + outputdir=. + scratchdir=/tmp + tracks= + chapters= + naming=%d-%t + index=1 + videobitrate=450 + audiobitrate=128 + crop= + fitto4x3= + scale=320:-10 + x264encopts_required=vbv_maxrate=768:vbv_bufsize=244:nocabac:level_idc=13 + x264encopts_optional=turbo=1:me=umh:frameref=5:subq=6:partitions=all:trellis=1:direct_pred=auto:threads=auto + x264encopts= + '[' -r /home/khermans/.podencoderrc ']' + getopts :a:b:c:fi:n:o:s:t:vx: options + shift 0 + '[' -n poster.mov ']' + device=poster.mov + tty -s + : + '[' -d . ']' ++ cd . ++ pwd + outputdir=/tmp + '[' ']' ++ which mplayer + '[' -n /usr/bin/mplayer ']' ++ which mencoder + '[' -n /usr/bin/mencoder ']' ++ mencoder -oac help ++ grep faac + '[' -z ' faac - FAAC AAC audio encoder' ']' ++ mencoder -ovc help ++ grep x264 + '[' -z ' x264 - H.264 encoding' ']' ++ which MP4Box + '[' -n /usr/bin/MP4Box ']' + trap TrapBreak HUP INT TERM + '[' -f poster.mov ']' + inputfile=poster.mov ++ basename poster.mov .VOB + outputfile=poster.mov.mp4 + '[' -s /tmp/poster.mov.mp4 ']' + tracks= ++ mplayer -identify -frames 0 -vc null -vo null -ao null -nosound poster.mov + videoinfo='MPlayer 2:1.0~rc1-0ubuntu9.1 (C) 2000-2006 MPlayer Team CPU: AMD Athlon(tm) XP 2400+ (Family: 6, Model: 8, Stepping: 1) CPUflags: MMX: 1 MMX2: 1 3DNow: 1 3DNow2: 1 SSE: 1 SSE2: 0 Compiled with runtime CPU detection. Can'\''t open joystick device /dev/input/js0: No such file or directory Can'\''t init input joystick mplayer: could not connect to socket mplayer: No such file or directory Failed to open LIRC support. You will not be able to use your remote control. Playing poster.mov. Quicktime/MOV file format detected. ID_VIDEO_ID=0 VIDEO: [rle ] 524x360 24bpp 15.000 fps 0.0 kbps ( 0.0 kbyte/s) ID_FILENAME=poster.mov ID_DEMUXER=mov ID_VIDEO_FORMAT=rle ID_VIDEO_BITRATE=0 ID_VIDEO_WIDTH=524 ID_VIDEO_HEIGHT=360 ID_VIDEO_FPS=15.000 ID_VIDEO_ASPECT=0.0000 ID_LENGTH=0.07 ========================================================================== Forced video codec: null Opening video decoder: [null] Null video decoder VDec: vo config request - 524 x 360 (preferred colorspace: BGR 24-bit) VDec: using Planar YV12 as output csp (no 0) Movie-Aspect is undefined - no prescaling applied. VO: [null] 524x360 => 524x360 Planar YV12 Selected video codec: [null] vfm: null (NULL codec (no decoding!)) ========================================================================== ID_VIDEO_CODEC=null Audio: no sound Starting playback... Exiting... (End of file)' ++ echo 'MPlayer 2:1.0~rc1-0ubuntu9.1 (C) 2000-2006 MPlayer Team CPU: AMD Athlon(tm) XP 2400+ (Family: 6, Model: 8, Stepping: 1) CPUflags: MMX: 1 MMX2: 1 3DNow: 1 3DNow2: 1 SSE: 1 SSE2: 0 Compiled with runtime CPU detection. Can'\''t open joystick device /dev/input/js0: No such file or directory Can'\''t init input joystick mplayer: could not connect to socket mplayer: No such file or directory Failed to open LIRC support. You will not be able to use your remote control. Playing poster.mov. Quicktime/MOV file format detected. ID_VIDEO_ID=0 VIDEO: [rle ] 524x360 24bpp 15.000 fps 0.0 kbps ( 0.0 kbyte/s) ID_FILENAME=poster.mov ID_DEMUXER=mov ID_VIDEO_FORMAT=rle ID_VIDEO_BITRATE=0 ID_VIDEO_WIDTH=524 ID_VIDEO_HEIGHT=360 ID_VIDEO_FPS=15.000 ID_VIDEO_ASPECT=0.0000 ID_LENGTH=0.07 ========================================================================== Forced video codec: null Opening video decoder: [null] Null video decoder VDec: vo config request - 524 x 360 (preferred colorspace: BGR 24-bit) VDec: using Planar YV12 as output csp (no 0) Movie-Aspect is undefined - no prescaling applied. VO: [null] 524x360 => 524x360 Planar YV12 Selected video codec: [null] vfm: null (NULL codec (no decoding!)) ========================================================================== ID_VIDEO_CODEC=null Audio: no sound Starting playback... Exiting... (End of file)' ++ grep '^ID_LENGTH' ++ sed -e 's/^.*=//' -e 's/[.].*//' + inputlength=0 + '[' -n 0 ']' ++ basename poster.mov .VOB + avioutput=/tmp/poster.mov.temp ++ basename poster.mov .VOB + mencoderlog=/tmp/poster.mov.mencoder.log ++ basename poster.mov .VOB + mencoderpasslogfile=/tmp/poster.mov.2pass.log + '[' -z '' ']' + echo -ne Auto-cropping... Auto-cropping...++ mencoder -endpos 60 -ovc lavc -oac copy -o /dev/null -vf cropdetect poster.mov ++ grep CROP ++ awk '-F-vf crop=' '{print $2}' ++ cut '-d)' -f 1 ++ uniq -c ++ sort -n ++ tail -n 1 ++ sed 's/^ *//' ++ cut '-d ' -f 2 + crop= + '[' -z '' ']' + crop=720:480:0:0 + '[' -n '' ']' + echo crop=720:480:0:0 crop=720:480:0:0 + mencoder poster.mov -passlogfile /tmp/poster.mov.2pass.log -o /dev/null -ovc x264 -x264encopts pass=1:bitrate=450:vbv_maxrate=768:vbv_bufsize=244:nocabac:level_idc=13:turbo=1:me=umh:frameref=5:subq=6:partitions=all:trellis=1:direct_pred=auto:threads=auto: -vf pullup,softskip,crop=720:480:0:0,scale=320:-10,harddup -oac faac -faacopts mpeg=4:br=128:object=2 -channels 2 -srate 48000 -ofps 24000/1001 + pid=18429 + pass=1 + DisplayEncodingProgress + '[' -z '' ']' + progresstext='Encoding poster.mov (pass 1 of 2)' + '[' ']' + echo 'Encoding poster.mov (pass 1 of 2)' Encoding poster.mov (pass 1 of 2) + ps + grep '18429 ' + pid= + mencoder poster.mov -passlogfile /tmp/poster.mov.2pass.log -o /tmp/poster.mov.temp.avi -ovc x264 -x264encopts pass=2:bitrate=450:vbv_maxrate=768:vbv_bufsize=244:nocabac:level_idc=13:turbo=1:me=umh:frameref=5:subq=6:partitions=all:trellis=1:direct_pred=auto:threads=auto: -vf pullup,softskip,crop=720:480:0:0,scale=320:-10,harddup -oac faac -faacopts mpeg=4:br=128:object=2 -channels 2 -srate 48000 -ofps 24000/1001 + pid=18432 + pass=2 + DisplayEncodingProgress + '[' -z '' ']' + progresstext='Encoding poster.mov (pass 2 of 2)' + '[' ']' + echo 'Encoding poster.mov (pass 2 of 2)' Encoding poster.mov (pass 2 of 2) + ps + grep '18432 ' + pid= + echo 'Creating poster.mov.mp4' Creating poster.mov.mp4 + cd /tmp + MP4Box -aviraw video /tmp/poster.mov.temp.avi *** glibc detected *** MP4Box: double free or corruption (top): 0x0806e008 *** ======= Backtrace: ========= /lib/tls/i686/cmov/libc.so.6[0xb7bfc7cd] /lib/tls/i686/cmov/libc.so.6(cfree+0x90)[0xb7bffe30] /usr/lib/libgpac.so(AVI_open_input_file+0xba)[0xb7e6956a] /usr/lib/libgpac.so(gf_media_export_avi_track+0x3f)[0xb7e783ef] /usr/lib/libgpac.so(gf_media_export+0x12a)[0xb7e7c72a] MP4Box[0x804f62d] /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xdc)[0xb7baaebc] MP4Box[0x804ca31] ======= Memory map: ======== 08048000-0806c000 r-xp 00000000 fe:00 201501 /usr/bin/MP4Box 0806c000-0806e000 rw-p 00023000 fe:00 201501 /usr/bin/MP4Box 0806e000-0808f000 rw-p 0806e000 00:00 0 [heap] b7900000-b7921000 rw-p b7900000 00:00 0 b7921000-b7a00000 ---p b7921000 00:00 0 b7a76000-b7a81000 r-xp 00000000 fe:00 26460 /lib/libgcc_s.so.1 b7a81000-b7a82000 rw-p 0000a000 fe:00 26460 /lib/libgcc_s.so.1 b7a82000-b7a83000 rw-p b7a82000 00:00 0 b7a83000-b7ab2000 r-xp 00000000 fe:00 201460 /usr/lib/libnspr4.so.0d b7ab2000-b7ab3000 rw-p 0002f000 fe:00 201460 /usr/lib/libnspr4.so.0d b7ab3000-b7ab5000 rw-p b7ab3000 00:00 0 b7ab5000-b7ab7000 r-xp 00000000 fe:00 48844 /lib/tls/i686/cmov/libdl-2.5.so b7ab7000-b7ab9000 rw-p 00001000 fe:00 48844 /lib/tls/i686/cmov/libdl-2.5.so b7ab9000-b7aba000 rw-p b7ab9000 00:00 0 b7aba000-b7acd000 r-xp 00000000 fe:00 48855 /lib/tls/i686/cmov/libpthread-2.5.so b7acd000-b7acf000 rw-p 00013000 fe:00 48855 /lib/tls/i686/cmov/libpthread-2.5.so b7acf000-b7ad1000 rw-p b7acf000 00:00 0 b7ad1000-b7b6a000 r-xp 00000000 fe:00 201483 /usr/lib/libmozjs.so.0d b7b6a000-b7b6e000 rw-p 00099000 fe:00 201483 /usr/lib/libmozjs.so.0d b7b6e000-b7b93000 r-xp 00000000 fe:00 48845 /lib/tls/i686/cmov/libm-2.5.so b7b93000-b7b95000 rw-p 00024000 fe:00 48845 /lib/tls/i686/cmov/libm-2.5.so b7b95000-b7cd0000 r-xp 00000000 fe:00 48841 /lib/tls/i686/cmov/libc-2.5.so b7cd0000-b7cd1000 r--p 0013b000 fe:00 48841 /lib/tls/i686/cmov/libc-2.5.so b7cd1000-b7cd3000 rw-p 0013c000 fe:00 48841 /lib/tls/i686/cmov/libc-2.5.so b7cd3000-b7cd6000 rw-p b7cd3000 00:00 0 b7cd6000-b7ce9000 r-xp 00000000 fe:00 11522 /usr/lib/libz.so.1.2.3 b7ce9000-b7cea000 rw-p 00012000 fe:00 11522 /usr/lib/libz.so.1.2.3 b7cea000-b7f3b000 r-xp 00000000 fe:00 201531 /usr/lib/libgpac-0.4.2.so b7f3b000-b7f41000 rw-p 00250000 fe:00 201531 /usr/lib/libgpac-0.4.2.so b7f41000-b7f45000 rw-p b7f41000 00:00 0 b7f55000-b7f56000 rw-p b7f55000 00:00 0 b7f56000-b7f6f000 r-xp 00000000 fe:00 140113 /lib/ld-2.5.so b7f6f000-b7f71000 rw-p 00019000 fe:00 140113 /lib/ld-2.5.so bfd20000-bfd4d000 rw-p bfd20000 00:00 0 [stack] ffffe000-fffff000 r-xp 00000000 00:00 0 [vdso] /usr/local/bin/podencoder: line 479: 18435 Aborted (core dumped) MP4Box -aviraw video "$avioutput".avi > /dev/null + MP4Box -aviraw audio /tmp/poster.mov.temp.avi *** glibc detected *** MP4Box: double free or corruption (top): 0x0806e008 *** ======= Backtrace: ========= /lib/tls/i686/cmov/libc.so.6[0xb7c0b7cd] /lib/tls/i686/cmov/libc.so.6(cfree+0x90)[0xb7c0ee30] /usr/lib/libgpac.so(AVI_open_input_file+0xba)[0xb7e7856a] /usr/lib/libgpac.so(gf_media_export_avi_track+0x3f)[0xb7e873ef] /usr/lib/libgpac.so(gf_media_export+0x12a)[0xb7e8b72a] MP4Box[0x804f62d] /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xdc)[0xb7bb9ebc] MP4Box[0x804ca31] ======= Memory map: ======== 08048000-0806c000 r-xp 00000000 fe:00 201501 /usr/bin/MP4Box 0806c000-0806e000 rw-p 00023000 fe:00 201501 /usr/bin/MP4Box 0806e000-0808f000 rw-p 0806e000 00:00 0 [heap] b7900000-b7921000 rw-p b7900000 00:00 0 b7921000-b7a00000 ---p b7921000 00:00 0 b7a85000-b7a90000 r-xp 00000000 fe:00 26460 /lib/libgcc_s.so.1 b7a90000-b7a91000 rw-p 0000a000 fe:00 26460 /lib/libgcc_s.so.1 b7a91000-b7a92000 rw-p b7a91000 00:00 0 b7a92000-b7ac1000 r-xp 00000000 fe:00 201460 /usr/lib/libnspr4.so.0d b7ac1000-b7ac2000 rw-p 0002f000 fe:00 201460 /usr/lib/libnspr4.so.0d b7ac2000-b7ac4000 rw-p b7ac2000 00:00 0 b7ac4000-b7ac6000 r-xp 00000000 fe:00 48844 /lib/tls/i686/cmov/libdl-2.5.so b7ac6000-b7ac8000 rw-p 00001000 fe:00 48844 /lib/tls/i686/cmov/libdl-2.5.so b7ac8000-b7ac9000 rw-p b7ac8000 00:00 0 b7ac9000-b7adc000 r-xp 00000000 fe:00 48855 /lib/tls/i686/cmov/libpthread-2.5.so b7adc000-b7ade000 rw-p 00013000 fe:00 48855 /lib/tls/i686/cmov/libpthread-2.5.so b7ade000-b7ae0000 rw-p b7ade000 00:00 0 b7ae0000-b7b79000 r-xp 00000000 fe:00 201483 /usr/lib/libmozjs.so.0d b7b79000-b7b7d000 rw-p 00099000 fe:00 201483 /usr/lib/libmozjs.so.0d b7b7d000-b7ba2000 r-xp 00000000 fe:00 48845 /lib/tls/i686/cmov/libm-2.5.so b7ba2000-b7ba4000 rw-p 00024000 fe:00 48845 /lib/tls/i686/cmov/libm-2.5.so b7ba4000-b7cdf000 r-xp 00000000 fe:00 48841 /lib/tls/i686/cmov/libc-2.5.so b7cdf000-b7ce0000 r--p 0013b000 fe:00 48841 /lib/tls/i686/cmov/libc-2.5.so b7ce0000-b7ce2000 rw-p 0013c000 fe:00 48841 /lib/tls/i686/cmov/libc-2.5.so b7ce2000-b7ce5000 rw-p b7ce2000 00:00 0 b7ce5000-b7cf8000 r-xp 00000000 fe:00 11522 /usr/lib/libz.so.1.2.3 b7cf8000-b7cf9000 rw-p 00012000 fe:00 11522 /usr/lib/libz.so.1.2.3 b7cf9000-b7f4a000 r-xp 00000000 fe:00 201531 /usr/lib/libgpac-0.4.2.so b7f4a000-b7f50000 rw-p 00250000 fe:00 201531 /usr/lib/libgpac-0.4.2.so b7f50000-b7f54000 rw-p b7f50000 00:00 0 b7f64000-b7f65000 rw-p b7f64000 00:00 0 b7f65000-b7f7e000 r-xp 00000000 fe:00 140113 /lib/ld-2.5.so b7f7e000-b7f80000 rw-p 00019000 fe:00 140113 /lib/ld-2.5.so bfef3000-bff1d000 rw-p bfef3000 00:00 0 [stack] ffffe000-fffff000 r-xp 00000000 00:00 0 [vdso] /usr/local/bin/podencoder: line 480: 18438 Aborted (core dumped) MP4Box -aviraw audio "$avioutput".avi > /dev/null + mv /tmp/poster.mov.temp_video.h264 /tmp/poster.mov.temp.h264 mv: cannot stat `/tmp/poster.mov.temp_video.h264': No such file or directory + mv /tmp/poster.mov.temp_audio.raw /tmp/poster.mov.temp.aac mv: cannot stat `/tmp/poster.mov.temp_audio.raw': No such file or directory + rm -f poster.mov.mp4 + MP4Box -add /tmp/poster.mov.temp.aac:lang=en poster.mov.mp4 (Requested URL is not valid or cannot be found)+ MP4Box -add /tmp/poster.mov.temp.h264:fps=23.976 poster.mov.mp4 (Requested URL is not valid or cannot be found)+ '[' -s poster.mov.mp4 ']' + die 'Could not mux poster.mov.mp4' + '[' ']' + echo 'Could not mux poster.mov.mp4. Encoding failed.' Could not mux poster.mov.mp4. Encoding failed. + exit 1 ++ echo -ne '\033]0;[EMAIL PROTECTED]: /tmp\007' ** Affects: gpac (Ubuntu) Importance: Undecided Status: New -- MP4Box double-free/heap corruption https://bugs.launchpad.net/bugs/135071 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
