Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SEGV in mp4encrypt #437

Open
c0d3xpl0it opened this issue Sep 30, 2019 · 0 comments
Open

SEGV in mp4encrypt #437

c0d3xpl0it opened this issue Sep 30, 2019 · 0 comments
Assignees
Labels

Comments

@c0d3xpl0it
Copy link

@c0d3xpl0it c0d3xpl0it commented Sep 30, 2019

System Details
Commit ID: bc1b02a
Test Machine : Ubuntu 16.04.3 LTS
MP4 Encrypter - Version 1.6
(Bento4 Version 1.5.1.0)

Command
mp4encrypt --method OMA-PDCF-CBC --show-progress POC /dev/null

ASAN Output

fuzzer@thickfuzzer:~/victim/Bento4$ ./mp4encrypt --method OMA-PDCF-CBC --show-progress /home/fuzzer/victim/Bento4/cmakebuild/out3/4/crashes/unique/manul-1569860171-4-14003_id5_1.mp4 /dev/null
WARNING: track ID 1 will not be encrypted
ASAN:DEADLYSIGNAL
=================================================================
==11724==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x0000005a42f4 bp 0x7ffdb06d0290 sp 0x7ffdb06d01b0 T0)
    #0 0x5a42f3 in AP4_DescriptorListWriter::Action(AP4_Descriptor*) const /home/fuzzer/victim/Bento4/Source/C++/Core/Ap4Descriptor.h:108:16
    #1 0x6c7886 in AP4_List<AP4_Descriptor>::Apply(AP4_List<AP4_Descriptor>::Item::Operator const&) const /home/fuzzer/victim/Bento4/Source/C++/Core/Ap4List.h:353:9
    #2 0x6c7886 in AP4_InitialObjectDescriptor::WriteFields(AP4_ByteStream&) /home/fuzzer/victim/Bento4/Source/C++/Core/Ap4ObjectDescriptor.cpp:300
    #3 0x5ff8a8 in AP4_Expandable::Write(AP4_ByteStream&) /home/fuzzer/victim/Bento4/Source/C++/Core/Ap4Expandable.cpp:105:5
    #4 0x5ebc24 in AP4_IodsAtom::WriteFields(AP4_ByteStream&) /home/fuzzer/victim/Bento4/Source/C++/Core/Ap4IodsAtom.cpp:99:36
    #5 0x5961a1 in AP4_Atom::Write(AP4_ByteStream&) /home/fuzzer/victim/Bento4/Source/C++/Core/Ap4Atom.cpp:229:14
    #6 0x59b9b2 in AP4_AtomListWriter::Action(AP4_Atom*) const /home/fuzzer/victim/Bento4/Source/C++/Core/Ap4Atom.cpp:753:5
    #7 0x587216 in AP4_List<AP4_Atom>::Apply(AP4_List<AP4_Atom>::Item::Operator const&) const /home/fuzzer/victim/Bento4/Source/C++/Core/Ap4List.h:353:9
    #8 0x587216 in AP4_ContainerAtom::WriteFields(AP4_ByteStream&) /home/fuzzer/victim/Bento4/Source/C++/Core/Ap4ContainerAtom.cpp:232
    #9 0x5961a1 in AP4_Atom::Write(AP4_ByteStream&) /home/fuzzer/victim/Bento4/Source/C++/Core/Ap4Atom.cpp:229:14
    #10 0x59b9b2 in AP4_AtomListWriter::Action(AP4_Atom*) const /home/fuzzer/victim/Bento4/Source/C++/Core/Ap4Atom.cpp:753:5
    #11 0x5b092e in AP4_List<AP4_Atom>::Apply(AP4_List<AP4_Atom>::Item::Operator const&) const /home/fuzzer/victim/Bento4/Source/C++/Core/Ap4List.h:353:9
    #12 0x5b092e in AP4_Processor::Process(AP4_ByteStream&, AP4_ByteStream&, AP4_ByteStream*, AP4_Processor::ProgressListener*, AP4_AtomFactory&) /home/fuzzer/victim/Bento4/Source/C++/Core/Ap4Processor.cpp:644
    #13 0x529852 in main /home/fuzzer/victim/Bento4/Source/C++/Apps/Mp4Encrypt/Mp4Encrypt.cpp:654:18
    #14 0x7fdf1c6f482f in __libc_start_main /build/glibc-LK5gWL/glibc-2.23/csu/../csu/libc-start.c:291
    #15 0x451428 in _start (/home/fuzzer/victim/Bento4/mp4encrypt+0x451428)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/fuzzer/victim/Bento4/Source/C++/Core/Ap4Descriptor.h:108:16 in AP4_DescriptorListWriter::Action(AP4_Descriptor*) const
==11724==ABORTING
@barbibulle barbibulle self-assigned this Oct 8, 2019
@barbibulle barbibulle added the fuzzing label Oct 8, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.