GNOME Bugzilla – Bug 575672
[mpegtsdemux] crashes when souphttpsrc is used as a stream source
Last modified: 2009-07-16 17:50:46 UTC
The crash is very hard to reproduce. We've managed to reproduce it on one sample TS file only. Problem occurs here: gstmpegtsdemux.c, line 1610: if (demux->streams[demux->streams[j]->PMT_pid] && stream->PID == demux->streams[demux->streams[j]->PMT_pid]->PMT.PCR_PID) { 'demux->streams[j]->PMT_pid' is 0x2000 here (FLUTS_MAX_PID + 1) Several lines before there's a check for PMT_pid validity, but it looks really strange: if (demux->streams[j] && demux->streams[j]->PMT_pid) As I understand there should be something like this: if (demux->streams[j] && demux->streams[j]->PMT_pid <= FLUTS_MAX_PID) as PMT_pid can't be 0 (reserved for PAT pid)
Can you provide that sample TS file? Also, why does it only happen with souphttpsrc used as source?
Actually your change is obviously correct, thanks :) commit 4f75adcfbf672e70072514a92cfe92adb07073a3 Author: Aleksey Yulin <ulin@tut.by> Date: Thu Jul 16 19:49:26 2009 +0200 mpegtsdemux: Don't use PIDs > MPEGTS_MAX_PID The mpegtsdemux streams array only has MPEGTS_MAX_PID entries and accessing one afterwards will result in crashes. Fixes bug #575672.