After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 609460 - asfdemux can crash when NULL tag names are present
asfdemux can crash when NULL tag names are present
Status: RESOLVED OBSOLETE
Product: GStreamer
Classification: Platform
Component: gst-plugins-ugly
0.10.13
Other Linux
: Normal normal
: git master
Assigned To: GStreamer Maintainers
GStreamer Maintainers
Depends on:
Blocks:
 
 
Reported: 2010-02-09 20:56 UTC by Sean Cross
Modified: 2010-02-10 19:01 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
Patch to check for NULL tag names and ignore them. (1.68 KB, application/octet-stream)
2010-02-09 20:56 UTC, Sean Cross 		Details

Description Sean Cross 2010-02-09 20:56:47 UTC 
Created attachment 153364 [details]
Patch to check for NULL tag names and ignore them.

BACKGROUND:

It seems as though it's possible to create ASF streams that have NULL tags.  When asfdemux goes to read these tags, the plugin will crash with a segfault.


STEPS TO REPRODUCE:

Locate a WMV file with an extended content section with NULL tags and attempt to play it.


EXPECTED RESULTS:

The file should play.


OBSERVED RESULTS:

The file crashes with a segfault.  Relevant logs:

0:00:39.239915077  2115    0x14008 LOG               GST_STATES gstelement.c:2772:gst_element_change_state_func:<disk_source> default handler tries setting state from READY to PAUSED (0013)
0:00:39.240396307  2115   0x1213d0 LOG                 asfdemux gstasfdemux.c:712:gst_asf_demux_identify_guid: ASF_OBJ_EXT_CONTENT_DESC  0xd2d0a440-0x11d2e307-0xa000f097-0x50a85ec9
0:00:39.240864923  2115   0x1213d0 INFO                asfdemux gstasfdemux.c:3335:gst_asf_demux_process_object: HEADER/EXT_CONTENT_DESC: size 278
0:00:39.241295692  2115   0x1213d0 INFO                asfdemux gstasfdemux.c:2318:gst_asf_demux_process_ext_content_desc:<asfdemux0> object is an extended content description
0:00:39.241735077  2115   0x1213d0 DEBUG               asfdemux gstasfdemux.c:2359:gst_asf_demux_process_ext_content_desc: Found tag/metadata (null)
Segmentation fault


Attached is a patch which fixes it on our system.
Comment 1 Tim-Philipp Müller 2010-02-10 00:48:40 UTC 
Thanks for the bug report and patch (patches in diff -u format tend to be nicer to read though).

Could you attach the first 990kB of a file that causes this problem?

 head --bytes=990k foo.asf > foo-head.asf
Comment 2 Sean Cross 2010-02-10 07:18:13 UTC 
It seems to occur on all WMV files that I've tried, such as http://media.grc.com/files/testvideo.wmv which is only 288k.

Correcting Version of package; the latest version of gst-plugins-ugly is 0.10.13.
Comment 3 Thiago Sousa Santos 2010-02-10 18:48:34 UTC 
I can't reproduce it with this file.

Tried both 0.10.13 and git versions.
Comment 4 Thiago Sousa Santos 2010-02-10 18:56:12 UTC 
Is there anything different with your setup? Distro applied patches?

Can you reproduce with "gst-launch playbin2 uri=file:///path/to/file" or your application uses a different pipeline?
Comment 5 Thiago Sousa Santos 2010-02-10 19:01:28 UTC 
In fact, this commit seems to have fixed it already. Please test with git version and reopen if it still doesn't work for you.


commit 84d80fffcd77221884c3410d9252478be4c9d129
Author: Michael Smith <msmith@songbirdnest.com>
Date:   Thu Jan 7 14:36:47 2010 -0800

    asfdemux: Use GST_STR_NULL in a couple of places.
    
    Fixes crashing on some of the log statements on win32.