A memory allocation failure unhandled in Ap4RtpAtom.cpp and leads to crashes. This seems to be an incomplete fix of issue #396, CVE-2019-13238.
./mp42aac input_file /dev/null
In file Source/C++/Core/Ap4RtpAtom.cpp
AP4_RtpAtom allocate a new buffer to parse the atom in the stream.
The unhandled memory allocation failure cause the read content memcpy to a null pointer.
The rest of issue seems be similar with previous issue.
Asan trace report:
==725001==WARNING: AddressSanitizer failed to allocate 0xffffffffff00025b bytes
=================================================================
==725001==ERROR: AddressSanitizer: allocator is out of memory trying to allocate 0xffffffffff00025b bytes
#0 0x4f7fb7 in operator new[](unsigned long) /dependence/llvm11/llvm-11.0.0.src/projects/compiler-rt/lib/asan/asan_new_delete.cpp:102:3
#1 0x652e4a in AP4_RtpAtom::AP4_RtpAtom(unsigned int, AP4_ByteStream&) /benchmark/Bento4/Source/C++/Core/Ap4RtpAtom.cpp:50:25
==725001==HINT: if you don't care about these errors you may set allocator_may_return_null=1
SUMMARY: AddressSanitizer: out-of-memory /dependence/llvm11/llvm-11.0.0.src/projects/compiler-rt/lib/asan/asan_new_delete.cpp:102:3 in operator new[](unsigned long)
==725001==ABORTING
A memory allocation failure unhandled in Ap4RtpAtom.cpp and leads to crashes. This seems to be an incomplete fix of issue #396, CVE-2019-13238.
./mp42aac input_file /dev/nullIn file Source/C++/Core/Ap4RtpAtom.cpp

AP4_RtpAtom allocate a new buffer to parse the atom in the stream.
The unhandled memory allocation failure cause the read content memcpy to a null pointer.
The rest of issue seems be similar with previous issue.
Asan trace report:
mp42aac_exhaustive_AP4_RtpAtom50.zip
(unzip first)
The text was updated successfully, but these errors were encountered: