there is a bug in ffmpeg when it deals with PIX_FMT_PAL8 format images - the get_buffer function avcodec_default_get_buffer doesn't alloc enough space for the palette entries. This will cause a seg fault later (probably the next time you call free or malloc) here is a patch against ffmpeg-0.4.9-p20050906 to fix it: --- libavcodec/utils.c.orig 2005-11-17 15:13:57.000000000 +0000 +++ libavcodec/utils.c 2005-11-17 15:14:51.000000000 +0000 @@ -325,6 +325,15 @@ const int h_shift= i==0 ? 0 : h_chroma_shift; const int v_shift= i==0 ? 0 : v_chroma_shift; + if(s->pix_fmt == PIX_FMT_PAL8 && i == 1) + { + buf->base[i] = av_malloc(256 * 4); + if(buf->base[i] == NULL) + return -1; + buf->data[i] = buf->base[i]; + continue; + } + //FIXME next ensures that linesize= 2^x uvlinesize, thats needed because some MC code assumes it buf->linesize[i]= ALIGN(pixel_size*w>>h_shift, STRIDE_ALIGN<<(h_chroma_shift-h_shift)); if someone who is actually able to access mplayerhq.hu could send it on to them aswell it would be handy Reproducible: Always Steps to Reproduce: 1. obtain a 1x1 pixel PNG file which includes a palette 2. use avcodec_decode_video to read it in 3. call avcodec_close or pretty much anything else that uses free/malloc Actual Results: seg fault in glibc, inside free Expected Results: not seg faulted
Created attachment 73301 [details, diff] patch that fixes it
could you check the latest snapshot and if still applyes please report upstream?
there is now a patch in CVS as of 2 Dec 2005
*** This bug has been marked as a duplicate of 115760 ***