You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I give enough information for contributors to reproduce my issue (meaningful title, github labels, platform and compiler, command-line ...).
Step to reproduce:
1.get latest commit code (GPAC version 1.1.0-DEV-rev1221-gd626acad8-master)
2.compile with --enable-sanitizer
3.make 5 dirs which every of them has a large name(length=255), this makes the file's abs-path lengh larger than 1024, we called it large.nhml
4.run MP4Box -add {path to large.nhml} -new new.mp4
Env:
Ubunut 20.04 , clang 12.0.1
My cmd line an ASAN report
MP4Box -add ~/12341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341231234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123/12341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341231234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123/12341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341231234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123/12341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341231234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123/12341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341231234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123/large.nhml -new new.mp4
ASAN report:
=336368==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffc4519e5a8 at pc 0x000000491bf8 bp 0x7ffc4519e030 sp 0x7ffc4519d7f0
WRITE of size 2564 at 0x7ffc4519e5a8 thread T0
#0 0x491bf7 in __interceptor_strcpy (/home/lly/pro/gpac_asan/bin/gcc/MP4Box+0x491bf7)
#1 0x7f4bfc71ad1b in nhmldmx_init_parsing dmx_nhml.c
#2 0x7f4bfc7161c1 in nhmldmx_process (/home/lly/pro/gpac_asan/bin/gcc/libgpac.so.10+0xfb91c1)
#3 0x7f4bfc6454f7 in gf_filter_process_task filter.c
#4 0x7f4bfc6275a5 in gf_fs_thread_proc filter_session.c
#5 0x7f4bfc626aa0 in gf_fs_run (/home/lly/pro/gpac_asan/bin/gcc/libgpac.so.10+0xec9aa0)
#6 0x7f4bfc150959 in gf_media_import (/home/lly/pro/gpac_asan/bin/gcc/libgpac.so.10+0x9f3959)
#7 0x526c94 in import_file (/home/lly/pro/gpac_asan/bin/gcc/MP4Box+0x526c94)
#8 0x4eb8b6 in do_add_cat main.c
#9 0x4e7c66 in mp4boxMain (/home/lly/pro/gpac_asan/bin/gcc/MP4Box+0x4e7c66)
#10 0x7f4bfb3d90b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16
#11 0x429a4d in _start (/home/lly/pro/gpac_asan/bin/gcc/MP4Box+0x429a4d)
Address 0x7ffc4519e5a8 is located in stack of thread T0 at offset 1384 in frame
#0 0x7f4bfc71a56f in nhmldmx_init_parsing dmx_nhml.c
This frame has 141 object(s):
Maybe fix for issue 1908 dose not consider this situation that there is a stack buffer overflow in nhmldmx_init_parsing
The text was updated successfully, but these errors were encountered:
Step to reproduce:
1.get latest commit code (GPAC version 1.1.0-DEV-rev1221-gd626acad8-master)
2.compile with --enable-sanitizer
3.make 5 dirs which every of them has a large name(length=255), this makes the file's abs-path lengh larger than 1024, we called it large.nhml
4.run MP4Box -add {path to large.nhml} -new new.mp4
Env:
Ubunut 20.04 , clang 12.0.1
My cmd line an ASAN report
MP4Box -add ~/12341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341231234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123/12341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341231234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123/12341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341231234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123/12341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341231234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123/12341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341231234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234123/large.nhml -new new.mp4
ASAN report:
Maybe fix for issue 1908 dose not consider this situation that there is a stack buffer overflow in nhmldmx_init_parsing
The text was updated successfully, but these errors were encountered: