Skip to content

buffer overflow issue 3# #1186

Closed
Closed
@niugx

Description

@niugx

There is a buffer overflow issue in gf_sm_load_init () function, scene_manager.c

GF_Err gf_sm_load_init(GF_SceneLoader *load)
{
……
ext = (char *)strrchr(load->fileName, '.');
if (!ext) return GF_NOT_SUPPORTED;
if (!stricmp(ext, ".gz")) {
char *anext;
ext[0] = 0;
anext = (char *)strrchr(load->fileName, '.');
ext[0] = '.';
ext = anext;
}
strcpy(szExt, &ext[1]); // buffer overflow here.
……
}

root@ubuntu:/opt/niugx/cov_product/gpac/gpac-master/bin/gcc# ./MP4Box -inctx inScene.exttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttt -out output.txt -add overview.srt overview.mp4
Timed Text (SRT) import - text track 580 x 436, font Serif (size 18)
*** stack smashing detected ***: ./MP4Box terminated
Aborted (core dumped)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions