There is a memory leak issue in gpac MP4Box gf_isom_get_root_od,this can reproduce on the lattest commit.
Steps To Reproduce
build:
CC=gcc CXX=g++ CFLAGS="-fsanitize=address" CXXFLAGS="-fsanitize=address" LDFLAGS="-fsanitize=address" ./configure --enable-debug
make
run as:
MP4Box -info <poc>
shows the following log:
=================================================================
==3387421==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 80 byte(s) in 1 object(s) allocated from:
#0 0x7f8ac7ceebc8 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
#1 0x7f8ac722bdcb in gf_malloc utils/alloc.c:150
#2 0x7f8ac7443f1e in gf_isom_get_root_od isomedia/isom_read.c:684
#3 0x559b80ac9a06 in DumpMovieInfo /home/r00t/fuzz/target/tmp/gpac/applications/mp4box/filedump.c:3471
#4 0x559b80ab78f5 in mp4boxMain /home/r00t/fuzz/target/tmp/gpac/applications/mp4box/main.c:5902
#5 0x559b80ab9653 in main /home/r00t/fuzz/target/tmp/gpac/applications/mp4box/main.c:6333
#6 0x7f8ac6fa50b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
Indirect leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x7f8ac7ceebc8 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
#1 0x7f8ac722bdcb in gf_malloc utils/alloc.c:150
#2 0x7f8ac7220638 in gf_list_new utils/list.c:601
#3 0x7f8ac7443f53 in gf_isom_get_root_od isomedia/isom_read.c:688
#4 0x559b80ac9a06 in DumpMovieInfo /home/r00t/fuzz/target/tmp/gpac/applications/mp4box/filedump.c:3471
#5 0x559b80ab78f5 in mp4boxMain /home/r00t/fuzz/target/tmp/gpac/applications/mp4box/main.c:5902
#6 0x559b80ab9653 in main /home/r00t/fuzz/target/tmp/gpac/applications/mp4box/main.c:6333
#7 0x7f8ac6fa50b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
SUMMARY: AddressSanitizer: 96 byte(s) leaked in 2 allocation(s).
Hi,
There is a memory leak issue in gpac MP4Box gf_isom_get_root_od,this can reproduce on the lattest commit.
Steps To Reproduce
build:
run as:
shows the following log:
Reporter:
5n1p3r0010 from Topsec Alpha Lab
gf_isom_get_root_od.zip
The text was updated successfully, but these errors were encountered: