==27934==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60b00000a236 at pc 0x00000047c2aa bp 0x7ffded5429d0 sp 0x7ffded5429c0
READ of size 1 at 0x60b00000a236 thread T0
#0 0x47c2a9 in BS_ReadByte /home/dungnguyen/gueb-testing/gpac-head/src/utils/bitstream.c:253
#1 0x47c2a9 in gf_bs_read_bit /home/dungnguyen/gueb-testing/gpac-head/src/utils/bitstream.c:287
#2 0x47ecc7 in gf_bs_read_double /home/dungnguyen/gueb-testing/gpac-head/src/utils/bitstream.c:444
#3 0x85122d in gf_odf_read_mediatime /home/dungnguyen/gueb-testing/gpac-head/src/odf/odf_code.c:1471
#4 0x8412bb in gf_odf_parse_descriptor /home/dungnguyen/gueb-testing/gpac-head/src/odf/descriptors.c:159
#5 0x84b027 in gf_odf_read_iod /home/dungnguyen/gueb-testing/gpac-head/src/odf/odf_code.c:505
#6 0x8412bb in gf_odf_parse_descriptor /home/dungnguyen/gueb-testing/gpac-head/src/odf/descriptors.c:159
#7 0x9808b0 in gf_m2ts_process_pmt /home/dungnguyen/gueb-testing/gpac-head/src/media_tools/mpegts.c:2179
#8 0x970944 in gf_m2ts_section_complete /home/dungnguyen/gueb-testing/gpac-head/src/media_tools/mpegts.c:1610
#9 0x971fa2 in gf_m2ts_gather_section /home/dungnguyen/gueb-testing/gpac-head/src/media_tools/mpegts.c:1740
#10 0x97991c in gf_m2ts_process_packet /home/dungnguyen/gueb-testing/gpac-head/src/media_tools/mpegts.c:3446
#11 0x97991c in gf_m2ts_process_data /home/dungnguyen/gueb-testing/gpac-head/src/media_tools/mpegts.c:3507
#12 0x986f65 in gf_m2ts_probe_file /home/dungnguyen/gueb-testing/gpac-head/src/media_tools/mpegts.c:4641
#13 0x963fa9 in gf_media_import /home/dungnguyen/gueb-testing/gpac-head/src/media_tools/media_import.c:10998
#14 0x45b475 in convert_file_info /home/dungnguyen/gueb-testing/gpac-head/applications/mp4box/fileimport.c:124
#15 0x43ac0c in mp4boxMain /home/dungnguyen/gueb-testing/gpac-head/applications/mp4box/main.c:4804
#16 0x7fe2e64fa82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#17 0x421eb8 in _start (/home/dungnguyen/PoCs/gpac_987169b/MP4Box-asan+0x421eb8)
Thanks,
Manh Dung
The text was updated successfully, but these errors were encountered:
Hi,
Our fuzzer found a buffer overflow on MP4Box (the latest commit 987169b on master).
PoC: https://github.com/strongcourage/PoCs/blob/master/gpac_987169b/PoC_hbo_BS_ReadByte
Command: MP4Box -info $PoC
ASAN says:
Thanks,
Manh Dung
The text was updated successfully, but these errors were encountered: