Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hi,
There is a stack overflow(oob) issue in gpac MP4Box hevc_parse_vps_extension,this can reproduce on the lattest commit.
build:
CC=gcc CXX=g++ CFLAGS="-fsanitize=address" CXXFLAGS="-fsanitize=address" LDFLAGS="-fsanitize=address" ./configure --enable-debug make
run as:
MP4Box -info <poc>
shows the following log:
================================================================= ==2453140==ERROR: AddressSanitizer: stack-overflow on address 0x7ffc877550e9 (pc 0x7f477fb886b3 bp 0x7ffc87747b40 sp 0x7ffc87747870 T0) #0 0x7f477fb886b2 in hevc_parse_vps_extension media_tools/av_parsers.c:7514 #1 0x7f477fb89ae3 in gf_hevc_read_vps_bs_internal media_tools/av_parsers.c:7745 #2 0x7f477fb8ce3a in gf_hevc_parse_nalu_bs media_tools/av_parsers.c:8373 #3 0x7f477ff46cf9 in naludmx_parse_nal_hevc filters/reframe_nalu.c:1997 #4 0x7f477ff49a41 in naludmx_process filters/reframe_nalu.c:2864 #5 0x7f477fdd631f in gf_filter_process_task filter_core/filter.c:2405 #6 0x7f477fdc59b8 in gf_fs_thread_proc filter_core/filter_session.c:1610 #7 0x7f477fdc633f in gf_fs_run filter_core/filter_session.c:1847 #8 0x7f477fb9fa91 in gf_media_import media_tools/media_import.c:1173 #9 0x55905a1a7a44 in convert_file_info /home/r00t/fuzz/target/tmp/gpac/applications/mp4box/fileimport.c:128 #10 0x55905a19226e in mp4boxMain /home/r00t/fuzz/target/tmp/gpac/applications/mp4box/main.c:5804 #11 0x55905a194653 in main /home/r00t/fuzz/target/tmp/gpac/applications/mp4box/main.c:6333 #12 0x7f477f6400b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2) #13 0x55905a1802ad in _start (/home/r00t/fuzz/target/tmp/gpac/bin/gcc/MP4Box+0x182ad) SUMMARY: AddressSanitizer: stack-overflow media_tools/av_parsers.c:7514 in hevc_parse_vps_extension ==2453140==ABORTING
5n1p3r0010 from Topsec Alpha Lab stack-overflow_hevc_parse_vps_extension.zip
The text was updated successfully, but these errors were encountered:
1273cdc
No branches or pull requests
Hi,
There is a stack overflow(oob) issue in gpac MP4Box hevc_parse_vps_extension,this can reproduce on the lattest commit.
Steps To Reproduce
build:
run as:
shows the following log:
Reporter:
5n1p3r0010 from Topsec Alpha Lab
stack-overflow_hevc_parse_vps_extension.zip
The text was updated successfully, but these errors were encountered: