You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
2.Program Output
[iso file] Parsing a top-level box at position 0
[iso file] Read Box type ftyp size 32 start 0
[iso file] Parsing a top-level box at position 32
[iso file] Read Box type mv@d size 108 start 32
[iso file] Unknown top-level box type mv@d
[iso file] Parsing a top-level box at position 140
[iso file] Read Box type av1C size 363 start 140
[AV1] parsed AV1 OBU type=7 size=99 at position 152.
[AV1] AV1 unexpected OBU type=152 size=0 found at position 140056310360544. Forwarding.
[AV1] parsed AV1 OBU type=1 size=12 at position 251.
[AV1] parsed AV1 OBU type=1 size=12 at position 263.
[AV1] parsed AV1 OBU type=1 size=12 at position 275.
[AV1] parsed AV1 OBU type=1 size=12 at position 287.
[AV1] parsed AV1 OBU type=2 size=25 at position 299.
[AV1] AV1 unexpected OBU type=299 size=0 found at position 140056310360544. Forwarding.
[AV1] parsed AV1 OBU type=2 size=52 at position 324.
[AV1] AV1 unexpected OBU type=324 size=0 found at position 140056310360544. Forwarding.
[AV1] parsed AV1 OBU type=1 size=12 at position 376.
[AV1] parsed AV1 OBU type=1 size=12 at position 388.
[AV1] parsed AV1 OBU type=1 size=12 at position 400.
[AV1] parsed AV1 OBU type=1 size=12 at position 412.
[AV1] parsed AV1 OBU type=1 size=12 at position 424.
[AV1] parsed AV1 OBU type=1 size=12 at position 436.
[AV1] parsed AV1 OBU type=1 size=12 at position 448.
[AV1] parsed AV1 OBU type=1 size=12 at position 460.
[AV1] parsed AV1 OBU type=1 size=12 at position 472.
[AV1] parsed AV1 OBU type=1 size=12 at position 484.
[BS] Attempt to overread bitstream
1.Version
MP4Box - GPAC version 2.3-DEV-rev636-gfbd7e13aa-master
(c) 2000-2023 Telecom Paris distributed under LGPL v2.1+ - https://gpac.io
Please cite our work in your research:
GPAC Filters: https://doi.org/10.1145/3339825.3394929
GPAC: https://doi.org/10.1145/1291233.1291452
GPAC Configuration: --static-bin --enable-sanitizer
Features: GPAC_CONFIG_LINUX GPAC_64_BITS GPAC_HAS_IPV6 GPAC_HAS_SOCK_UN GPAC_MINIMAL_ODF GPAC_HAS_QJS GPAC_HAS_LINUX_DVB GPAC_DISABLE_3D
2.Program Output
[iso file] Parsing a top-level box at position 0
[iso file] Read Box type ftyp size 32 start 0
[iso file] Parsing a top-level box at position 32
[iso file] Read Box type mv@d size 108 start 32
[iso file] Unknown top-level box type mv@d
[iso file] Parsing a top-level box at position 140
[iso file] Read Box type av1C size 363 start 140
[AV1] parsed AV1 OBU type=7 size=99 at position 152.
[AV1] AV1 unexpected OBU type=152 size=0 found at position 140056310360544. Forwarding.
[AV1] parsed AV1 OBU type=1 size=12 at position 251.
[AV1] parsed AV1 OBU type=1 size=12 at position 263.
[AV1] parsed AV1 OBU type=1 size=12 at position 275.
[AV1] parsed AV1 OBU type=1 size=12 at position 287.
[AV1] parsed AV1 OBU type=2 size=25 at position 299.
[AV1] AV1 unexpected OBU type=299 size=0 found at position 140056310360544. Forwarding.
[AV1] parsed AV1 OBU type=2 size=52 at position 324.
[AV1] AV1 unexpected OBU type=324 size=0 found at position 140056310360544. Forwarding.
[AV1] parsed AV1 OBU type=1 size=12 at position 376.
[AV1] parsed AV1 OBU type=1 size=12 at position 388.
[AV1] parsed AV1 OBU type=1 size=12 at position 400.
[AV1] parsed AV1 OBU type=1 size=12 at position 412.
[AV1] parsed AV1 OBU type=1 size=12 at position 424.
[AV1] parsed AV1 OBU type=1 size=12 at position 436.
[AV1] parsed AV1 OBU type=1 size=12 at position 448.
[AV1] parsed AV1 OBU type=1 size=12 at position 460.
[AV1] parsed AV1 OBU type=1 size=12 at position 472.
[AV1] parsed AV1 OBU type=1 size=12 at position 484.
[BS] Attempt to overread bitstream
3.Reproduction
./MP4Box -v $poc
4.PoC
https://www.mediafire.com/file/fspsarzrcbfceha/hangPoC/file
5.Impact
This vulnerability can result in an infinite loop or lead to a denial-of-service (DoS) condition.
6.Env
Linux ubuntu 5.4.0-84-generic #94~18.04.1-Ubuntu SMP Thu Aug 26 23:17:46 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
7.Credit
hu1y40
The text was updated successfully, but these errors were encountered: