You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
./bin/gcc/MP4Box -dash 1000 /home/fuzz/crashes/poc15
[DASH] Updated manifest:
P#1: start 0 - duration 0 - xlink none
[DASH] Manifest after update:
P#1: start 0 - duration 0 - xlink none
[DASH] Setting up period start 0 duration 0 xlink none ID DID1
media_tools/dash_client.c:6333:9: runtime error: null pointer passed as argument 1, which is declared to never be null
Asan log:
./bin/gcc/MP4Box -dash 1000 /home/fuzz/crash/poc15
[DASH] Updated manifest:
P#1: start 0 - duration 0 - xlink none
[DASH] Manifest after update:
P#1: start 0 - duration 0 - xlink none
[DASH] Setting up period start 0 duration 0 xlink none ID DID1
AddressSanitizer:DEADLYSIGNAL
=================================================================
==2807995==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x00000043f7e0 bp 0x7ffe04691450 sp 0x7ffe04690bf0 T0)
==2807995==The signal is caused by a READ memory access.
==2807995==Hint: address points to the zero page.
#0 0x43f7e0 in strcmp (/home/fuzz/gpac/gpac/bin/gcc/MP4Box+0x43f7e0)
#1 0x7fe80797751b in gf_dash_setup_period (/home/fuzz/gpac/gpac/bin/gcc/libgpac.so.12+0xd4851b)
#2 0x7fe80792b0be in gf_dash_process (/home/fuzz/gpac/gpac/bin/gcc/libgpac.so.12+0xcfc0be)
#3 0x7fe807fc31d3 in dashdmx_process (/home/fuzz/gpac/gpac/bin/gcc/libgpac.so.12+0x13941d3)
#4 0x7fe807e90d3e in gf_filter_process_task (/home/fuzz/gpac/gpac/bin/gcc/libgpac.so.12+0x1261d3e)
#5 0x7fe807e5ed86 in gf_fs_thread_proc (/home/fuzz/gpac/gpac/bin/gcc/libgpac.so.12+0x122fd86)
#6 0x7fe807e5d67f in gf_fs_run (/home/fuzz/gpac/gpac/bin/gcc/libgpac.so.12+0x122e67f)
#7 0x7fe8077fb9e7 in gf_dasher_process (/home/fuzz/gpac/gpac/bin/gcc/libgpac.so.12+0xbcc9e7)
#8 0x50205c in do_dash /home/fuzz/gpac/gpac/applications/mp4box/mp4box.c:4831:15
#9 0x4f34ee in mp4box_main /home/fuzz/gpac/gpac/applications/mp4box/mp4box.c:6245:7
#10 0x7fe8068b0082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
#11 0x42ad4d in _start (/home/fuzz/gpac/gpac/bin/gcc/MP4Box+0x42ad4d)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/home/fuzz/gpac/gpac/bin/gcc/MP4Box+0x43f7e0) in strcmp
==2807995==ABORTING
Impact:
The vulnerability can potentially cause a crash or other effects.
Credit:
Janette88 (Jq Wang)
The text was updated successfully, but these errors were encountered:
Janette88
changed the title
Segv in gf_dash_setup_period at media_tools/dash_client.c:6333
Null pointer deference in gf_dash_setup_period at media_tools/dash_client.c:6333
Oct 13, 2023
Description
Null pointer deference in gf_dash_setup_period at media_tools/dash_client.c:6333
Version
Poc :
https://github.com/Janette88/test_pocs/blob/main/poc15
Reproduce
Impact:
The vulnerability can potentially cause a crash or other effects.
Credit:
Janette88 (Jq Wang)
The text was updated successfully, but these errors were encountered: