video_configs_.find(bytestream_track_id) == video_configs_.end() in media_tracks |
|||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=4722304938672128 Fuzzer: ochang_media_mutator Job Type: linux_asan_chrome_media Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: video_configs_.find(bytestream_track_id) == video_configs_.end() in media_tracks media::MediaTracks::AddVideoTrack media::FFmpegDemuxer::OnFindStreamInfoDone Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_media&range=415934:416233 Minimized Testcase (42.06 Kb): https://cluster-fuzz.appspot.com/download/AMIfv950zOCDZjgimAWsXjWqo7FXgVi6dKPtiVIAEp9DGs6M2BPUxl12QdSjvqTy9Njwy_TAPwMjZ8D2c1hx12KzzI51LByoKlwxliuDjHECTTA1X04RLh93KyUWscsmm6OgjAy1XJElIbMo5QfZujPKvrtfnfa6u1U9NayodpWc2DOPY6D3gU0?testcase_id=4722304938672128 Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Oct 20 2016
,
Oct 20 2016
Hmm, looks like there are duplicate stream ids in that .mp4 file. Fix coming soon.
,
Oct 21 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/41ecabf2dc6286a0cc529cfe50eabe44c3a56c54 commit 41ecabf2dc6286a0cc529cfe50eabe44c3a56c54 Author: servolk <servolk@chromium.org> Date: Fri Oct 21 18:05:35 2016 Handle duplicate media track ids in FFmpegDemuxer Previously we would just crash due to CHECK when we detected media streams with duplicate bytestream ids. This CL adds explicit checks for duplicate stream ids in FFmpegDemuxer and skips those streams. BUG= 657437 Review-Url: https://chromiumcodereview.appspot.com/2434383003 Cr-Commit-Position: refs/heads/master@{#426840} [modify] https://crrev.com/41ecabf2dc6286a0cc529cfe50eabe44c3a56c54/media/filters/ffmpeg_demuxer.cc [modify] https://crrev.com/41ecabf2dc6286a0cc529cfe50eabe44c3a56c54/media/filters/ffmpeg_demuxer_unittest.cc [add] https://crrev.com/41ecabf2dc6286a0cc529cfe50eabe44c3a56c54/media/test/data/crbug657437.mp4
,
Oct 21 2016
,
Oct 22 2016
ClusterFuzz has detected this issue as fixed in range 426818:426932. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4722304938672128 Fuzzer: ochang_media_mutator Job Type: linux_asan_chrome_media Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: video_configs_.find(bytestream_track_id) == video_configs_.end() in media_tracks media::MediaTracks::AddVideoTrack media::FFmpegDemuxer::OnFindStreamInfoDone Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_media&range=415934:416233 Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_media&range=426818:426932 Minimized Testcase (42.06 Kb): https://cluster-fuzz.appspot.com/download/AMIfv950zOCDZjgimAWsXjWqo7FXgVi6dKPtiVIAEp9DGs6M2BPUxl12QdSjvqTy9Njwy_TAPwMjZ8D2c1hx12KzzI51LByoKlwxliuDjHECTTA1X04RLh93KyUWscsmm6OgjAy1XJElIbMo5QfZujPKvrtfnfa6u1U9NayodpWc2DOPY6D3gU0?testcase_id=4722304938672128 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by ajha@chromium.org
, Oct 20 2016Components: Internals>Media>Video
Owner: dalecur...@chromium.org
Status: Assigned (was: Untriaged)