MP4Box - GPAC version 2.3-DEV-rev35-gbbca86917-master
(c) 2000-2023 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io
Please cite our work in your research:
GPAC Filters: https://doi.org/10.1145/3339825.3394929
GPAC: https://doi.org/10.1145/1291233.1291452
GPAC Configuration: --enable-sanitizer --enable-debug
Features: GPAC_CONFIG_LINUX GPAC_64_BITS GPAC_HAS_IPV6 GPAC_HAS_SOCK_UN GPAC_MINIMAL_ODF GPAC_HAS_QJS GPAC_HAS_LINUX_DVB GPAC_DISABLE_3D
reproduce
complie and run
./configure --enable-sanitizer
make
./MP4Box -info poc
information reported by sanitizer
[AV1] unknown OBU type 12 (size 100). Skipping.
[AV1] unknown OBU type 12 (size 100). Skipping.
[AV1] unknown OBU type 12 (size 100). Skipping.
[AV1] unknown OBU type 12 (size 100). Skipping.
[AV1] unknown OBU type 12 (size 100). Skipping.
[AV1] unknown OBU type 12 (size 100). Skipping.
[AV1] unknown OBU type 12 (size 100). Skipping.
[AV1] unknown OBU type 12 (size 100). Skipping.
[AV1] unknown OBU type 12 (size 100). Skipping.
[AV1] unknown OBU type 12 (size 100). Skipping.
[AV1] unknown OBU type 12 (size 100). Skipping.
[AV1] unknown OBU type 12 (size 100). Skipping.
[AV1] computed OBU size -1 (input value = 0). Skipping.
=================================================================
==4000990==ERROR: AddressSanitizer: attempting double-free on 0x615000013400 in thread T0:
#0 0x7fe4a288c40f in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:122
#1 0x7fe49b5abbd9 in gf_free utils/alloc.c:165
#2 0x7fe49c378e6f in gf_av1_reset_state media_tools/av_parsers.c:4024
#3 0x7fe49d61b5db in av1dmx_finalize filters/reframe_av1.c:1246
#4 0x7fe49ce06b63 in gf_fs_del filter_core/filter_session.c:771
#5 0x7fe49c42688d in gf_media_import media_tools/media_import.c:1293
#6 0x55a5ca2469ab in convert_file_info /root/gpac/applications/mp4box/fileimport.c:130
#7 0x55a5ca1ff07d in mp4box_main /root/gpac/applications/mp4box/mp4box.c:6302
#8 0x55a5ca201cc0 in main /root/gpac/applications/mp4box/mp4box.c:6846
#9 0x7fe4973ab082 in __libc_start_main ../csu/libc-start.c:308
#10 0x55a5ca1bfb6d in _start (/root/gpac/bin/gcc/MP4Box+0x104b6d)
0x615000013400 is located 0 bytes inside of 512-byte region [0x615000013400,0x615000013600)
freed by thread T0 here:
#0 0x7fe4a288cc3e in __interceptor_realloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:163
#1 0x7fe49b5abbbb in gf_realloc utils/alloc.c:160
#2 0x7fe49b58ae0e in gf_bs_write_data utils/bitstream.c:1059
#3 0x7fe49c3667af in av1_add_obu_internal media_tools/av_parsers.c:2519
#4 0x7fe49c36785c in av1_populate_state_from_obu media_tools/av_parsers.c:2596
#5 0x7fe49c367d8f in aom_av1_parse_temporal_unit_from_section5 media_tools/av_parsers.c:2623
#6 0x7fe49d616bd4 in av1dmx_parse_av1 filters/reframe_av1.c:1006
#7 0x7fe49d6179ee in av1dmx_process_buffer filters/reframe_av1.c:1084
#8 0x7fe49d61b0ff in av1dmx_process filters/reframe_av1.c:1225
#9 0x7fe49ce6abe4 in gf_filter_process_task filter_core/filter.c:2828
#10 0x7fe49ce156d7 in gf_fs_thread_proc filter_core/filter_session.c:1859
#11 0x7fe49ce18ce8 in gf_fs_run filter_core/filter_session.c:2120
#12 0x7fe49c424742 in gf_media_import media_tools/media_import.c:1228
#13 0x55a5ca2469ab in convert_file_info /root/gpac/applications/mp4box/fileimport.c:130
#14 0x55a5ca1ff07d in mp4box_main /root/gpac/applications/mp4box/mp4box.c:6302
#15 0x55a5ca201cc0 in main /root/gpac/applications/mp4box/mp4box.c:6846
#16 0x7fe4973ab082 in __libc_start_main ../csu/libc-start.c:308
previously allocated by thread T0 here:
#0 0x7fe4a288c808 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:144
#1 0x7fe49b5abb69 in gf_malloc utils/alloc.c:150
#2 0x7fe49b57ab5d in gf_bs_new utils/bitstream.c:154
#3 0x7fe49c3661b6 in av1_add_obu_internal media_tools/av_parsers.c:2492
#4 0x7fe49c36785c in av1_populate_state_from_obu media_tools/av_parsers.c:2596
#5 0x7fe49c367d8f in aom_av1_parse_temporal_unit_from_section5 media_tools/av_parsers.c:2623
#6 0x7fe49d606a79 in av1dmx_check_format filters/reframe_av1.c:269
#7 0x7fe49d617838 in av1dmx_process_buffer filters/reframe_av1.c:1075
#8 0x7fe49d61b0ff in av1dmx_process filters/reframe_av1.c:1225
#9 0x7fe49ce6abe4 in gf_filter_process_task filter_core/filter.c:2828
#10 0x7fe49ce156d7 in gf_fs_thread_proc filter_core/filter_session.c:1859
#11 0x7fe49ce18ce8 in gf_fs_run filter_core/filter_session.c:2120
#12 0x7fe49c424742 in gf_media_import media_tools/media_import.c:1228
#13 0x55a5ca2469ab in convert_file_info /root/gpac/applications/mp4box/fileimport.c:130
#14 0x55a5ca1ff07d in mp4box_main /root/gpac/applications/mp4box/mp4box.c:6302
#15 0x55a5ca201cc0 in main /root/gpac/applications/mp4box/mp4box.c:6846
#16 0x7fe4973ab082 in __libc_start_main ../csu/libc-start.c:308
SUMMARY: AddressSanitizer: double-free ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:122 in __interceptor_free
==4000990==ABORTING
Thanks for reporting your issue. Please make sure these boxes are checked before submitting your issue - thank you!
Detailed guidelines: http://gpac.io/2013/07/16/how-to-file-a-bug-properly/
version
reproduce
complie and run
information reported by sanitizer
poc
https://github.com/xxy1126/Vuln/blob/main/gpac/2
The text was updated successfully, but these errors were encountered: