GNOME Bugzilla – Bug 575672
[mpegtsdemux] crashes when souphttpsrc is used as a stream source
Last modified: 2009-07-16 17:50:46 UTC
The crash is very hard to reproduce. We've managed to reproduce it on one sample TS file only. Problem occurs here:
gstmpegtsdemux.c, line 1610:
if (demux->streams[demux->streams[j]->PMT_pid] &&
'demux->streams[j]->PMT_pid' is 0x2000 here (FLUTS_MAX_PID + 1)
Several lines before there's a check for PMT_pid validity, but it looks really strange:
if (demux->streams[j] && demux->streams[j]->PMT_pid)
As I understand there should be something like this:
if (demux->streams[j] && demux->streams[j]->PMT_pid <= FLUTS_MAX_PID)
as PMT_pid can't be 0 (reserved for PAT pid)
Can you provide that sample TS file? Also, why does it only happen with souphttpsrc used as source?
Actually your change is obviously correct, thanks :)
Author: Aleksey Yulin <firstname.lastname@example.org>
Date: Thu Jul 16 19:49:26 2009 +0200
mpegtsdemux: Don't use PIDs > MPEGTS_MAX_PID
The mpegtsdemux streams array only has MPEGTS_MAX_PID entries
and accessing one afterwards will result in crashes.
Fixes bug #575672.