You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
AddressSanitizer:DEADLYSIGNAL
=================================================================
==3037856==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x7ffff67d35c7 bp 0x7ffffffec090 sp 0x7ffffffe29c0 T0)
==3037856==The signal is caused by a READ memory access.
==3037856==Hint: address points to the zero page.
#0 0x7ffff67d35c7 in gf_avc_change_vui /afltest/gpac/src/media_tools/av_parsers.c:6872:55#1 0x7ffff67d6ce5 in gf_avc_change_color /afltest/gpac/src/media_tools/av_parsers.c:6950:9#2 0x7ffff677f62c in gf_media_change_color /afltest/gpac/src/media_tools/isom_tools.c:198:3#3 0x54e165 in import_file /afltest/gpac/applications/mp4box/fileimport.c:1670:9#4 0x4f7d1e in do_add_cat /afltest/gpac/applications/mp4box/mp4box.c#5 0x4f7d1e in mp4box_main /afltest/gpac/applications/mp4box/mp4box.c:6196:13#6 0x7ffff58cc082 in __libc_start_main /build/glibc-BHL3KM/glibc-2.31/csu/../csu/libc-start.c:308:16#7 0x42adad in _start (/afltest/gpac/bin/gcc/MP4Box+0x42adad)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /afltest/gpac/src/media_tools/av_parsers.c:6872:55 in gf_avc_change_vui
==3037856==ABORTING
Reproduction
git clone https://github.com/gpac/gpac.git
cd gpac
./configure --enable-sanitizer
make -j24
./bin/gcc/MP4Box -add self:hdr=none:videofmt=undef:asemode=v1-qt poc2gpac
SEGV in MP4Box
Description
SEGV in gpac/MP4Box.
#0 0x7ffff67d35c7 in gf_avc_change_vui /afltest/gpac/src/media_tools/av_parsers.c:6872:55
Version
MP4Box - GPAC version 2.3-DEV-rev605-gfc9e29089-master (c) 2000-2023 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io Please cite our work in your research: GPAC Filters: https://doi.org/10.1145/3339825.3394929 GPAC: https://doi.org/10.1145/1291233.1291452 GPAC Configuration: Features: GPAC_CONFIG_LINUX GPAC_64_BITS GPAC_HAS_IPV6 GPAC_HAS_SSL GPAC_HAS_SOCK_UN GPAC_MINIMAL_ODF GPAC_HAS_QJS GPAC_HAS_JPEG GPAC_HAS_PNG GPAC_HAS_FFMPEG GPAC_HAS_VORBIS GPAC_HAS_LINUX_DVBASAN Log
./MP4Box -add self:hdr=none:videofmt=undef:asemode=v1-qt poc2gpac
AddressSanitizer:DEADLYSIGNAL ================================================================= ==3037856==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x7ffff67d35c7 bp 0x7ffffffec090 sp 0x7ffffffe29c0 T0) ==3037856==The signal is caused by a READ memory access. ==3037856==Hint: address points to the zero page. #0 0x7ffff67d35c7 in gf_avc_change_vui /afltest/gpac/src/media_tools/av_parsers.c:6872:55 #1 0x7ffff67d6ce5 in gf_avc_change_color /afltest/gpac/src/media_tools/av_parsers.c:6950:9 #2 0x7ffff677f62c in gf_media_change_color /afltest/gpac/src/media_tools/isom_tools.c:198:3 #3 0x54e165 in import_file /afltest/gpac/applications/mp4box/fileimport.c:1670:9 #4 0x4f7d1e in do_add_cat /afltest/gpac/applications/mp4box/mp4box.c #5 0x4f7d1e in mp4box_main /afltest/gpac/applications/mp4box/mp4box.c:6196:13 #6 0x7ffff58cc082 in __libc_start_main /build/glibc-BHL3KM/glibc-2.31/csu/../csu/libc-start.c:308:16 #7 0x42adad in _start (/afltest/gpac/bin/gcc/MP4Box+0x42adad) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /afltest/gpac/src/media_tools/av_parsers.c:6872:55 in gf_avc_change_vui ==3037856==ABORTINGReproduction
git clone https://github.com/gpac/gpac.git cd gpac ./configure --enable-sanitizer make -j24 ./bin/gcc/MP4Box -add self:hdr=none:videofmt=undef:asemode=v1-qt poc2gpacPoC
poc2gpac: https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/poc2gpac
Impact
This vulnerability is capable of causing crashes.
Reference
https://github.com/gpac/gpac
Environment
Credit
Zeng Yunxiang
Song Jiaxuan
The text was updated successfully, but these errors were encountered: