Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Memory leak in gf_isom_box_parse_ex function of box_funcs.c:166:13 #2328

Closed
HotSpurzzZ opened this issue Nov 28, 2022 · 0 comments
Closed

Memory leak in gf_isom_box_parse_ex function of box_funcs.c:166:13 #2328

HotSpurzzZ opened this issue Nov 28, 2022 · 0 comments

Comments

@HotSpurzzZ
Copy link

A memory leak has occurred when running program MP4Box, this can reproduce on the lattest commit.

Version

$ ./MP4Box -version                              
MP4Box - GPAC version 2.1-DEV-rev505-gb9577e6ad-master
(c) 2000-2022 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io

Please cite our work in your research:
	GPAC Filters: https://doi.org/10.1145/3339825.3394929
	GPAC: https://doi.org/10.1145/1291233.1291452

GPAC Configuration: --static-build --extra-cflags=-fsanitize=address -g --extra-ldflags=-fsanitize=address -g
Features: GPAC_CONFIG_LINUX GPAC_64_BITS GPAC_HAS_IPV6 GPAC_HAS_SSL GPAC_HAS_SOCK_UN GPAC_MINIMAL_ODF GPAC_HAS_QJS GPAC_HAS_FREETYPE GPAC_HAS_JPEG GPAC_HAS_PNG GPAC_HAS_LINUX_DVB

git log

commit b9577e6ad91ef96decbcd369227ab02b2842c77f (HEAD -> master, origin/master, origin/HEAD)
Author: jeanlf <jeanlf@gpac.io>
Date:   Fri Nov 25 16:53:55 2022 +0100

Verification steps

export CFLAGS='-fsanitize=address -g'
export CC=/usr/bin/clang
export CXX=/usr/bin/clang++ 
git clone https://github.com/gpac/gpac.git
cd gpac
./configure --static-build --extra-cflags="${CFLAGS}" --extra-ldflags="${CFLAGS}"
make
cd bin/gcc
./MP4Box -info $poc

POC file

https://github.com/HotSpurzzZ/testcases/blob/main/gpac/gpac_Direct_leak_gf_isom_box_parse_ex.mp4

AddressSanitizer output

$ ./MP4Box -info gpac_Direct_leak_gf_isom_box_parse_ex.mp4
[iso file] Failed to uncompress payload for box type !ssx (0x21737378)
Error opening file gpac_Direct_leak_gf_isom_box_parse_ex.mp4: BitStream Not Compliant

=================================================================
==10575==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 1718840668 byte(s) in 1 object(s) allocated from:
    #0 0x4a186d in malloc (/root/Desktop/gpac/bin/gcc/MP4Box+0x4a186d)
    #1 0x7dfc41 in gf_isom_box_parse_ex /root/Desktop/gpac/src/isomedia/box_funcs.c:166:13
    #2 0x7df29c in gf_isom_parse_root_box /root/Desktop/gpac/src/isomedia/box_funcs.c:38:8

Direct leak of 4096 byte(s) in 1 object(s) allocated from:
    #0 0x4a186d in malloc (/root/Desktop/gpac/bin/gcc/MP4Box+0x4a186d)
    #1 0x599d69 in gf_gz_decompress_payload /root/Desktop/gpac/src/utils/base_encoding.c:257:31
    #2 0x7dfc66 in gf_isom_box_parse_ex /root/Desktop/gpac/src/isomedia/box_funcs.c:170:9
    #3 0x7df29c in gf_isom_parse_root_box /root/Desktop/gpac/src/isomedia/box_funcs.c:38:8

SUMMARY: AddressSanitizer: 1718844764 byte(s) leaked in 2 allocation(s).

@jeanlf jeanlf closed this as completed in 44e8616 Nov 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant