I can indeed reproduce when built from 4112fc3 (current HEAD at the time of writing):
# MP4Box -bt /poc-integer-Overflow
[iso file] extra box maxr found in hinf, deleting
[iso file] extra box maxr found in hinf, deleting
[iso file] Unknown box type 80rak in parent moov
[iso file] Unknown box type drzf in parent dinf
[iso file] Missing dref box in dinf
[iso file] Incomplete box mdat - start 11495 size 853090
[iso file] Incomplete file while reading for dump - aborting parsing
[iso file] extra box maxr found in hinf, deleting
[iso file] extra box maxr found in hinf, deleting
[iso file] Unknown box type 80rak in parent moov
[iso file] Unknown box type drzf in parent dinf
[iso file] Missing dref box in dinf
[iso file] Incomplete box mdat - start 11495 size 853090
[iso file] Incomplete file while reading for dump - aborting parsing
MPEG-4 LASeR Scene Parsing
[LASeR] sameg coded in bitstream but no g defined !
Reading 515 bits but max should be 64, skipping 451 most significants bits
laser/lsr_dec.c:856:27: runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
The text was updated successfully, but these errors were encountered:
Hi, a CVE was issued affecting gpac and I wasn't able to find any report here or any fix. VulDB has a "writeup", which links to an advisory in Google Drive, which links to a reproducer
I can indeed reproduce when built from 4112fc3 (current HEAD at the time of writing):
The text was updated successfully, but these errors were encountered: