[Webkit-unassigned] [Bug 217647] [GStreamer] Crash in WebCore::GStreamerRegistryScanner::isAVC1CodecSupported

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Oct 12 20:43:41 PDT 2020 

https://bugs.webkit.org/show_bug.cgi?id=217647

Michael Catanzaro <mcatanzaro at gnome.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mcatanzaro at gnome.org

--- Comment #1 from Michael Catanzaro <mcatanzaro at gnome.org> ---
Added some debug:

isAVC1CodecSupported: this=0x7f7e822eee00 1: codec=avc1.42AC23 hardware=0
isAVC1CodecSupported: sps[0]=66 sps[1]=172 sps[2]=35
isAVC1CodecSupported: profile=baseline level=(null)
isAVC1CodecSupported: 2
isAVC1CodecSupported: this=0x7f7e822eee00 1: codec=avc1.42E034 hardware=0
isAVC1CodecSupported: sps[0]=66 sps[1]=224 sps[2]=52
isAVC1CodecSupported: profile=constrained-baseline level=5.2
isAVC1CodecSupported: 2
isAVC1CodecSupported: 3
isAVC1CodecSupported: 4
isAVC1CodecSupported: this=0x7f7e822eee00 1: codec=avc1.42E034 hardware=0
isAVC1CodecSupported: sps[0]=66 sps[1]=224 sps[2]=52
isAVC1CodecSupported: profile=constrained-baseline level=5.2
isAVC1CodecSupported: 2
isAVC1CodecSupported: 3
isAVC1CodecSupported: 4
isAVC1CodecSupported: this=0x7f7e822eee00 1: codec=avc1.42E01E hardware=0
isAVC1CodecSupported: sps[0]=66 sps[1]=224 sps[2]=30
isAVC1CodecSupported: profile=constrained-baseline level=3
isAVC1CodecSupported: 2
isAVC1CodecSupported: 3
isAVC1CodecSupported: 4
isAVC1CodecSupported: this=0x7f7e822eee00 1: codec=avc1.42E01E hardware=0
isAVC1CodecSupported: sps[0]=66 sps[1]=224 sps[2]=30
isAVC1CodecSupported: profile=constrained-baseline level=3
isAVC1CodecSupported: 2
isAVC1CodecSupported: 3
isAVC1CodecSupported: 4
isAVC1CodecSupported: this=0x7f7e822eee00 1: codec=avc1.42E009 hardware=0
isAVC1CodecSupported: sps[0]=66 sps[1]=224 sps[2]=9
isAVC1CodecSupported: profile=constrained-baseline level=1b
isAVC1CodecSupported: 2
isAVC1CodecSupported: 3
isAVC1CodecSupported: 4
isAVC1CodecSupported: this=0x7f7e822eee00 1: codec=avc1.42E009 hardware=0
isAVC1CodecSupported: sps[0]=66 sps[1]=224 sps[2]=9
isAVC1CodecSupported: profile=constrained-baseline level=1b
isAVC1CodecSupported: 2
isAVC1CodecSupported: 3
isAVC1CodecSupported: 4
isAVC1CodecSupported: this=0x7f7e822eee00 1: codec=avc1.123456 hardware=0
isAVC1CodecSupported: sps[0]=18 sps[1]=52 sps[2]=86
isAVC1CodecSupported: profile=(null) level=(null)
isAVC1CodecSupported: 2
isAVC1CodecSupported: this=0x7f7e822eee00 1: codec=avc1.42F01E hardware=0
isAVC1CodecSupported: sps[0]=66 sps[1]=240 sps[2]=30
isAVC1CodecSupported: profile=constrained-baseline level=3
isAVC1CodecSupported: 2
isAVC1CodecSupported: 3
isAVC1CodecSupported: 4
isAVC1CodecSupported: this=0x7f7e822eee00 1: codec=avc1.42F01E hardware=0
isAVC1CodecSupported: sps[0]=66 sps[1]=240 sps[2]=30
isAVC1CodecSupported: profile=constrained-baseline level=3
isAVC1CodecSupported: 2
isAVC1CodecSupported: 3
isAVC1CodecSupported: 4
isAVC1CodecSupported: this=0x7f7e822eee00 1: codec=avc1.4D001E hardware=0
isAVC1CodecSupported: sps[0]=77 sps[1]=0 sps[2]=30
isAVC1CodecSupported: profile=main level=3
isAVC1CodecSupported: 2
isAVC1CodecSupported: 3
isAVC1CodecSupported: 4
isAVC1CodecSupported: this=0x7f7e822eee00 1: codec=avc1.4D001E hardware=0
isAVC1CodecSupported: sps[0]=77 sps[1]=0 sps[2]=30
isAVC1CodecSupported: profile=main level=3
isAVC1CodecSupported: 2
isAVC1CodecSupported: 3
isAVC1CodecSupported: 4
isAVC1CodecSupported: this=0x7f7e822eee00 1: codec=avc1x hardware=0
1   0x7f7e7d7afbd9 WTFCrash
2   0x7f7e814b2255 WebCore::GStreamerRegistryScanner::isAVC1CodecSupported(WTF::String const&, bool) const
3   0x7f7e814b24b9 WebCore::GStreamerRegistryScanner::isCodecSupported(WTF::String, bool) const
4   0x7f7e814b2ab9 WebCore::GStreamerRegistryScanner::isContentTypeSupported(WebCore::ContentType const&, WTF::Vector<WebCore::ContentType, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&) const
5   0x7f7e812df7d4 WebCore::MediaPlayerPrivateGStreamer::supportsType(WebCore::MediaEngineSupportParameters const&)
6   0x7f7e80cf510b /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(+0x2eb010b) [0x7f7e80cf510b]
7   0x7f7e80cf6fc4 WebCore::MediaPlayer::supportsType(WebCore::MediaEngineSupportParameters const&)
8   0x7f7e808637f2 WebCore::HTMLMediaElement::canPlayType(WTF::String const&) const
9   0x7f7e7fd8aeee WebCore::jsHTMLMediaElementPrototypeFunctionCanPlayType(JSC::JSGlobalObject*, JSC::CallFrame*)
10  0x7f7e280ff178 [0x7f7e280ff178]

So it crashes when there is no period in the codec string (accessing components[1] off the end of the array).

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20201013/0e87096e/attachment-0001.htm>

More information about the webkit-unassigned mailing list