Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tested in Ubuntu 18.04, 64bit, gcc 7.3.0, gpac (master d1c4bc3)
Compile cmd: $ ./configure --extra-cflags="-fsanitize=address,undefined -g" --extra-ldflags="-fsanitize=address,undefined -ldl -g" $ make
$ ./configure --extra-cflags="-fsanitize=address,undefined -g" --extra-ldflags="-fsanitize=address,undefined -ldl -g"
$ make
Triggered by $ MP4Box -diso $POC
$ MP4Box -diso $POC
POC file: https://github.com/Marsman1996/pocs/blob/master/gpac/poc13-leak
ASAN info:
ubuntu@ubuntu-virtual-machine:~/Desktop/crashana/gpac/gpac-d1c4bc3/build_asan$ ./bin/gcc/MP4Box -diso ../../poc13-leak [iso file] Unknown box type mo2v [iso file] Box "mvhd" is invalid in container mo2v [iso file] Box "href" is invalid in container dinf [iso file] Unknown box type stb. [iso file] Box "trik" is invalid in container stb. [iso file] Read Box type .... (0x01000000) has size 0 but is not at root/file level, skipping [iso file] Box "stpp" size 15 invalid (read 33) [iso file] Box "stpp" is invalid in container stb. [iso file] Unknown box type pts. [iso file] Box "UNKN" is larger than container box [iso file] Missing dref box in dinf [iso file] Box "dinf" size 44 invalid (read 494) [iso file] Box "trik" is invalid in container minf [iso file] Read Box type .... (0x01000000) has size 0 but is not at root/file level, skipping [iso file] Box "stpp" size 15 invalid (read 33) [iso file] Box "stpp" is invalid in container minf [iso file] Unknown box type pts. [iso file] Box "trak" size 128 invalid (read 714) [iso file] Unknown box type [iso file] Incomplete box UNKN [iso file] Incomplete file while reading for dump - aborting parsing [iso file] Unknown box type mo2v [iso file] Box "mvhd" is invalid in container mo2v [iso file] Box "href" is invalid in container dinf [iso file] Unknown box type stb. [iso file] Box "trik" is invalid in container stb. [iso file] Read Box type .... (0x01000000) has size 0 but is not at root/file level, skipping [iso file] Box "stpp" size 15 invalid (read 33) [iso file] Box "stpp" is invalid in container stb. [iso file] Unknown box type pts. [iso file] Box "UNKN" is larger than container box [iso file] Missing dref box in dinf [iso file] Box "dinf" size 44 invalid (read 494) [iso file] Box "trik" is invalid in container minf [iso file] Read Box type .... (0x01000000) has size 0 but is not at root/file level, skipping [iso file] Box "stpp" size 15 invalid (read 33) [iso file] Box "stpp" is invalid in container minf [iso file] Unknown box type pts. [iso file] Box "trak" size 128 invalid (read 714) [iso file] Unknown box type Truncated file - missing 1936916471 bytes Error opening file ../../poc13-leak: IsoMedia File is truncated ================================================================= ==93222==ERROR: LeakSanitizer: detected memory leaks Direct leak of 40 byte(s) in 1 object(s) allocated from: #0 0x7fed213dcb50 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb50) #1 0x7fed1df0b7fa in dref_New /home/ubuntu/Desktop/crashana/gpac/gpac-d1c4bc3/src/isomedia/box_code_base.c:1012 SUMMARY: AddressSanitizer: 40 byte(s) leaked in 1 allocation(s).
The text was updated successfully, but these errors were encountered:
prevent dref memleak on invalid input (#1183)
d2371b4
with a bit of delay: this should now be fixed
Sorry, something went wrong.
CVE-2018-21017 as assigned for this issue.
No branches or pull requests
Tested in Ubuntu 18.04, 64bit, gcc 7.3.0, gpac (master d1c4bc3)
Compile cmd:
$ ./configure --extra-cflags="-fsanitize=address,undefined -g" --extra-ldflags="-fsanitize=address,undefined -ldl -g"$ makeTriggered by
$ MP4Box -diso $POCPOC file:
https://github.com/Marsman1996/pocs/blob/master/gpac/poc13-leak
ASAN info:
The text was updated successfully, but these errors were encountered: