There is a null dereference issue in gpac MP4Box DumpTrackInfo,this can reproduce on the lattest commit.
Steps To Reproduce
build:
CC=gcc CXX=g++ CFLAGS="-fsanitize=address" CXXFLAGS="-fsanitize=address" LDFLAGS="-fsanitize=address" ./configure --enable-debug
make
run as:
MP4Box -info <poc>
shows the following log:
=================================================================
==3138257==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x55ffcb90f3d9 bp 0x7fffae555b10 sp 0x7fffae52f160 T0)
==3138257==The signal is caused by a READ memory access.
==3138257==Hint: address points to the zero page.
#0 0x55ffcb90f3d8 in DumpTrackInfo /home/r00t/fuzz/target/tmp/gpac/applications/mp4box/filedump.c:2877
#1 0x55ffcb91323c in DumpMovieInfo /home/r00t/fuzz/target/tmp/gpac/applications/mp4box/filedump.c:3590
#2 0x55ffcb9008f5 in mp4boxMain /home/r00t/fuzz/target/tmp/gpac/applications/mp4box/main.c:5904
#3 0x55ffcb902653 in main /home/r00t/fuzz/target/tmp/gpac/applications/mp4box/main.c:6335
#4 0x7f17fb5c50b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
#5 0x55ffcb8ee2ad in _start (/home/r00t/fuzz/target/tmp/gpac/bin/gcc/MP4Box+0x182ad)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/r00t/fuzz/target/tmp/gpac/applications/mp4box/filedump.c:2877 in DumpTrackInfo
==3138257==ABORTING
Hi,
There is a null dereference issue in gpac MP4Box DumpTrackInfo,this can reproduce on the lattest commit.
Steps To Reproduce
build:
run as:
shows the following log:
Reporter:
5n1p3r0010 from Topsec Alpha Lab
null_DumpTrackInfo.zip
The text was updated successfully, but these errors were encountered: