You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
root@a71b82b5d288:~/dataset/flvmeta-1.2.1/obj-bc/src# ./flvmeta_asan flvmeta_memory-allocation-failure_dumpxml271
AddressSanitizer:DEADLYSIGNAL
=================================================================
==30124==ERROR: AddressSanitizer: SEGV on unknown address (pc 0x000000489d7b bp 0x7fff17e62cb0 sp 0x7fff17e62440 T0)
==30124==The signal is caused by a READ memory access.
==30124==Hint: this fault was caused by a dereference of a high value address (see register values below). Disassemble the provided pc to learn which register was used.
#0 0x489d7b in __interceptor_strcmp.part.298 /root/LLVM/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:444
#1 0x4fe908 in xml_on_metadata_tag_only /root/dataset/flvmeta-1.2.1/src/dump_xml.c:271:14
#2 0x502563 in flv_parse /root/dataset/flvmeta-1.2.1/src/flv.c:506:26
#3 0x4fd491 in dump_metadata /root/dataset/flvmeta-1.2.1/src/dump.c:160:14
#4 0x502855 in main /root/dataset/flvmeta-1.2.1/src/flvmeta.c:385:50
#5 0x7f8aa5304c86 in __libc_start_main /build/glibc-CVJwZb/glibc-2.27/csu/../csu/libc-start.c:310
#6 0x41b819 in _start (/root/dataset/flvmeta-1.2.1/obj-bc/src/flvmeta_asan+0x41b819)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /root/LLVM/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:444 in __interceptor_strcmp.part.298
==30124==ABORTING
The text was updated successfully, but these errors were encountered:
Could you please check this against the HEAD version of flvmeta? A very similar bug has been reported some time ago and has been fixed in commit 7b91e56.
Thank you very much for your reply.
I am using the latest submitted version of the software and the vulnerability has been tested and fixed.
The latest version executes as follows:
Memory allocation failure in xml_on_metadata_tag_only() at dump_xml.c:271
Memory allocation failure in the flvmeta at function xml_on_metadata_tag_only in dump_xml.c:271.
Environment
Ubuntu 18.04, 64 bit
FLVMeta 1.2.1
Steps to reproduce
Download poc:
flvmeta_memory-allocation-failure_dumpxml271.zip
ASAN report
The text was updated successfully, but these errors were encountered: