GNOME Bugzilla – Bug 322769
The ID3 tag of this file is a segfaulter
Last modified: 2006-01-13 15:37:18 UTC
Steps to reproduce:
1. Download the crasher.mp3 attached below
2. gst-launch-0.8 -t filesrc location=crasher.mp3 ! mad ! fakesink
3. it segfaults
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1213184320 (LWP 22864)]
0xb743ff46 in id3_ucs4_length () from /usr/lib/libid3tag.so.0
(warning, this trace is with the standard breezy packages)
The crasher is in the "&" symbol, in the title of the song, in the ID3v2 tag.
To avoid the crash, open the song with XMMS, edit the tag and remove then retype
the "&". You will not see any difference but it will not crash anymore.
Forgot that attachment must be less than 1Mo.
So, here's the crasher MP3 : http://ploum.fritalk.com/crasher.mp3
Broken in 0.9 too: filesrc ! id3demux ! fakesink is sufficient to reproduce.
It's crashing dereferencing a null pointer inside libid3, but with a completely
unusable backtrace (only a single entry!). Valgrind provides no additional
usable information. Weird.
This crashes calling id3_tag_parse from libid3tag. A source build of this
library doesn't crash, so I'm really not sure what's going on (it later notes
that one of the tags is invalid, but that's ok).
Not sure what we can do about this.
For the original reporter: what OS? If linux, what distribution/version?
Thanks for your attention to this bug.
I'm using Ubuntu Breezy, on i386.
Ok, that's the same as what I'm using, and as mentioned, I can reproduce this here.
Other people using other distributions can't, and I can't using a source build
I'm pretty sure this is an upstream problem with the build in breezy. Can you
report this to them? There's nothing we can really do about this in gstreamer.
Works now with 0.10's new id3demux, which does not use libid3tag. Closing as fixed.