You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,I use the fuzzer(AFL) to fuzz binary gpac and got some crashes.
The following is the details.
Title: SEGV on unknown address 0x000000000038
1. Description
SEGV on unknown address 0x000000000038 has occurred in function set_file_udta /root/gpac/applications/mp4box/fileimport.c:70:14
when running program MP4Box, this can reproduce on the lattest commit.
2. Software version info
fuzz@ubuntu:~/gpac2.1/gpac/bin/gcc$ MP4Box -version
MP4Box - GPAC version 2.3-DEV-rev395-g98979a443-master
(c) 2000-2023 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io
3. System version info
./uname -a
Linux ouc7 5.4.0-150-generic #167-Ubuntu SMP Mon May 15 17:35:05 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
[iso file] Unknown top-level box type Ytra
[iso file] Box "mehd" (start 84) has 88 extra bytes
[iso file] Unknown top-level box type mo^v
[iso file] Unknown top-level box type 000000FF
UndefinedBehaviorSanitizer:DEADLYSIGNAL
==1680297==ERROR: UndefinedBehaviorSanitizer: SEGV on unknown address 0x000000000038 (pc 0x7fe43b404373 bp 0x00006e616d65 sp 0x7ffcf11b03e0 T1680297)
==1680297==The signal is caused by a READ memory access.
==1680297==Hint: address points to the zero page.
#0 0x7fe43b404373 in gf_isom_remove_user_data (/usr/local/lib/libgpac.so.12+0x318373)
#1 0x467b3d in set_file_udta /root/gpac/applications/mp4box/fileimport.c:70:14
#2 0x44aeb1 in do_track_act /root/gpac/applications/mp4box/mp4box.c:5612:8
#3 0x44aeb1 in mp4box_main /root/gpac/applications/mp4box/mp4box.c:6694:6
#4 0x7fe43ad7f082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082)
#5 0x41304d in _start (/usr/local/bin/MP4Box+0x41304d)
UndefinedBehaviorSanitizer can not provide additional info.
SUMMARY: UndefinedBehaviorSanitizer: SEGV (/usr/local/lib/libgpac.so.12+0x318373) in gf_isom_remove_user_data
==1680297==ABORTING
6. Impact
This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution.
Hello,I use the fuzzer(AFL) to fuzz binary gpac and got some crashes.
The following is the details.
Title: SEGV on unknown address 0x000000000038
1. Description
SEGV on unknown address 0x000000000038 has occurred in function set_file_udta /root/gpac/applications/mp4box/fileimport.c:70:14
when running program MP4Box, this can reproduce on the lattest commit.
2. Software version info
3. System version info
4. Command
5. Result
6. Impact
This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution.
7. POC
POC file list
poc_lst.zip
Report of the Information Security Laboratory of Ocean University of China @OUC_ISLOUC @OUC_Blue_Whale
The text was updated successfully, but these errors were encountered: