gpac application crashes on read
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gpac (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
The is a null pointer bug.
GPAC version 0.5.2-426-
System info: Ubuntu 20.04.1 LTS, x64 , gcc 9.3.0
Run Command:
$ MP4Box -def poc.mp4
gdb info:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff73b0ed5 in MergeTrack (trak=<optimized out>, traf=<optimized out>, moof_box=<optimized out>, moof_offset=
compressed_
1086 if (size > key_info[3])
(gdb) bt
#0 0x00007ffff73b0ed5 in MergeTrack (trak=<optimized out>, traf=<optimized out>, moof_box=<optimized out>, moof_offset=
compressed_
#1 0x00007ffff72f4226 in MergeFragment (moof=0x4b8580, mov=<optimized out>) at isomedia/
#2 0x00007ffff72f8071 in gf_isom_
progressive
#3 gf_isom_
at isomedia/
#4 0x00007ffff72f91da in gf_isom_open_file (
fileName=
OpenMode=
#5 0x000000000042b599 in mp4boxMain (argc=<optimized out>, argv=<optimized out>) at main.c:5670
#6 0x00007ffff6d750b3 in __libc_start_main (main=0x4362a0 <main>, argc=3, argv=0x7fffffff
fini=<optimized out>, rtld_fini=
#7 0x000000000040e98e in _start ()
ASAN info:
AddressSanitize
=======
==3432849==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000038 (pc 0x7f13f563a3da bp 0x7fff8e5d0fa0 sp 0x7fff8e5d0c80 T0)
==3432849==The signal is caused by a WRITE memory access.
==3432849==Hint: address points to the zero page.
#0 0x7f13f563a3da in MergeTrack /home/topsec/
#1 0x7f13f54db5c8 in MergeFragment /home/topsec/
#2 0x7f13f54e190f in gf_isom_
#3 0x7f13f54e190f in gf_isom_
#4 0x7f13f54e3dea in gf_isom_open_file /home/topsec/
#5 0x4f0f92 in mp4boxMain /home/topsec/
#6 0x7f13f46b70b2 in __libc_start_main /build/
#7 0x4289ed in _start (/home/
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/topsec/
==3432849==ABORTING
edit by github address: https:/
CVE References
affects: | launchpad → gpac (Ubuntu) |
information type: | Private Security → Public Security |
Thanks for taking the time to report this bug and helping to make Ubuntu better. If you haven't already, could you please apply for a CVE for the issue?
Given the public github bug, can I make this bug report public?
Since the package referred to in this bug is in universe, it is community maintained. If you are able, I suggest posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https:/ /wiki.ubuntu. com/SecurityTea m/UpdateProcedu res
It looks like this has been fixed upstream: https:/ /github. com/gpac/ gpac/commit/ c4a5109dad73abe 25ad12d8d529a72 8ae98d78ca