New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AddressSanitizer: heap-buffer-overflow in audio_sample_entry_AddBox() at box_code_base.c:3934 #1180
Comments
|
hi weirdly I couldn't reproduce this one I might have an idea of the problem, can you retest with the latest version and tell me if the issue is still present? thanks |
|
hi I retest the poc file with master d1c4bc3 and the problem still exists. Do I do something wrong during the above steps? cheers |
|
the steps look fine but asan isn't giving me the same error ; it might be because I'm testing with an older gcc I thought the problem was the boundary check fixed here: ea13945 since asan reports a read "to the right of 17-byte region [0x603000000580,0x603000000591)" does it give you the exact same error as before? on the same line? |
|
ok that makes more sense unfortunately we still haven't fixed that particular issue but at least it's not a new one I guess we can keep this issue open and come back to it when the other ones are fixed thanks for your help |
|
hi the remaining issue should now be fixed |
|
CVE-2018-21016 was assigned for this issue. |
Tested in Ubuntu 18.04, 64bit, gcc 7.3.0, gpac (master 94ad872)
Compile cmd:
$ ./configure --extra-cflags="-fsanitize=address,undefined -g" --extra-ldflags="-fsanitize=address,undefined -ldl -g"$ makeTriggered by
$ MP4Box -diso $POCPOC file:
https://github.com/Marsman1996/pocs/blob/master/gpac/poc14-heapoverflow
ASAN info:
GDB info:
The text was updated successfully, but these errors were encountered: