Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The binary mp4decrypt has a memory leak vulnerability #771

Open
mi1ko opened this issue Sep 23, 2022 · 0 comments
Open

The binary mp4decrypt has a memory leak vulnerability #771

mi1ko opened this issue Sep 23, 2022 · 0 comments
Labels
fuzzing

Comments

@mi1ko
Copy link

mi1ko commented Sep 23, 2022

Hi, I use my fuzzer for fuzzing binary mp4decrypt, and a crash incurred shows that.

=================================================================
==1732==ERROR: LeakSanitizer: detected memory leaks

Indirect leak of 512 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5c2959 in AP4_Array<AP4_SttsTableEntry>::EnsureCapacity(unsigned int) /Bento4/Source/C++/Core/Ap4Array.h:172:25
    #2 0x5c2959 in AP4_Array<AP4_SttsTableEntry>::Append(AP4_SttsTableEntry const&) /Bento4/Source/C++/Core/Ap4Array.h:252:29
    ......
    #14 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #15 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 240 byte(s) in 3 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5315ca in AP4_ContainerAtom::Create(unsigned int, unsigned long long, bool, bool, AP4_ByteStream&, AP4_AtomFactory&) /Bento4/Source/C++/Core/Ap4ContainerAtom.cpp:88:16
    #2 0x4fb6ff in AP4_AtomFactory::CreateAtomFromStream(AP4_ByteStream&, unsigned int, unsigned int, unsigned long long, AP4_Atom*&) /Bento4/Source/C++/Core/Ap4AtomFactory.cpp:816:20
    ......
    #6 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #7 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 216 byte(s) in 9 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x53232c in AP4_List<AP4_Atom>::Add(AP4_Atom*) /Bento4/Source/C++/Core/Ap4List.h:160:16
    #2 0x53232c in AP4_ContainerAtom::ReadChildren(AP4_AtomFactory&, AP4_ByteStream&, unsigned long long) /Bento4/Source/C++/Core/Ap4ContainerAtom.cpp:197:20
    ......
    #9 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #10 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 152 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x4fb7cf in AP4_AtomFactory::CreateAtomFromStream(AP4_ByteStream&, unsigned int, unsigned int, unsigned long long, AP4_Atom*&) /Bento4/Source/C++/Core/Ap4AtomFactory.cpp:319:20
    ......
    #14 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #15 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 128 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x4fff21 in AP4_AvccAtom::Create(unsigned int, AP4_ByteStream&) /Bento4/Source/C++/Core/Ap4AvccAtom.cpp:95:12
    ......
    #5 0x5ada04 in AP4_VisualSampleEntry::AP4_VisualSampleEntry(unsigned int, unsigned int, AP4_ByteStream&, AP4_AtomFactory&) /Bento4/Source/C++/Core/Ap4SampleEntry.cpp:884:5
    #6 0x5ada04 in AP4_AvcSampleEntry::AP4_AvcSampleEntry(unsigned int, unsigned int, AP4_ByteStream&, AP4_AtomFactory&) /Bento4/Source/C++/Core/Ap4SampleEntry.cpp:1136:5

Indirect leak of 104 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5bc445 in AP4_StsdAtom::Create(unsigned int, AP4_ByteStream&, AP4_AtomFactory&) /Bento4/Source/C++/Core/Ap4StsdAtom.cpp:57:12
   ......
    #11 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #12 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 88 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5515a3 in AP4_HdlrAtom::Create(unsigned int, AP4_ByteStream&) /Bento4/Source/C++/Core/Ap4HdlrAtom.cpp:52:12
    ......
    #16 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #17 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 80 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x548f14 in AP4_DrefAtom::Create(unsigned int, AP4_ByteStream&, AP4_AtomFactory&) /Bento4/Source/C++/Core/Ap4DrefAtom.cpp:50:12
    ......
    #11 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #12 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 80 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5315ca in AP4_ContainerAtom::Create(unsigned int, unsigned long long, bool, bool, AP4_ByteStream&, AP4_AtomFactory&) /Bento4/Source/C++/Core/Ap4ContainerAtom.cpp:88:16
    ......
    #22 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #23 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 80 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5c2573 in AP4_SttsAtom::Create(unsigned int, AP4_ByteStream&) /Bento4/Source/C++/Core/Ap4SttsAtom.cpp:52:12
    ......
    #11 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #12 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 80 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5315ca in AP4_ContainerAtom::Create(unsigned int, unsigned long long, bool, bool, AP4_ByteStream&, AP4_AtomFactory&) /Bento4/Source/C++/Core/Ap4ContainerAtom.cpp:88:16
    ......
    #16 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #17 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 80 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5319ec in AP4_ContainerAtom::Create(unsigned int, unsigned long long, bool, bool, AP4_ByteStream&, AP4_AtomFactory&) /Bento4/Source/C++/Core/Ap4ContainerAtom.cpp:86:16
    ......
    #11 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #12 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 73 byte(s) in 3 object(s) allocated from:
    #0 0x4f4688 in operator new[](unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:102
    #1 0x545fc2 in AP4_DataBuffer::ReallocateBuffer(unsigned int) /Bento4/Source/C++/Core/Ap4DataBuffer.cpp:210:28
    #2 0x545fc2 in AP4_DataBuffer::SetData(unsigned char const*, unsigned int) /Bento4/Source/C++/Core/Ap4DataBuffer.cpp:169:33

Indirect leak of 72 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5c0d43 in AP4_StszAtom::Create(unsigned int, AP4_ByteStream&) /Bento4/Source/C++/Core/Ap4StszAtom.cpp:52:12
    ......
    #11 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #12 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 72 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x533d57 in AP4_CttsAtom::Create(unsigned int, AP4_ByteStream&) /Bento4/Source/C++/Core/Ap4CttsAtom.cpp:52:12
    ......
    #11 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #12 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 72 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5bfb73 in AP4_StssAtom::Create(unsigned int, AP4_ByteStream&) /Bento4/Source/C++/Core/Ap4StssAtom.cpp:52:12
    ......
    #11 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #12 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5f44b7 in AP4_MetaDataAtomTypeHandler::CreateAtom(unsigned int, unsigned int, AP4_ByteStream&, unsigned int, AP4_Atom*&) /Bento4/Source/C++/MetaData/Ap4MetaData.cpp:424:20
    ......
    #27 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #28 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5b7d73 in AP4_StcoAtom::Create(unsigned int, AP4_ByteStream&) /Bento4/Source/C++/Core/Ap4StcoAtom.cpp:52:12
    ......
    #11 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #12 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5d8913 in AP4_UrlAtom::Create(unsigned int, AP4_ByteStream&) /Bento4/Source/C++/Core/Ap4UrlAtom.cpp:47:12
    ......
    #15 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #16 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 48 byte(s) in 2 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x53232c in AP4_List<AP4_Atom>::Add(AP4_Atom*) /Bento4/Source/C++/Core/Ap4List.h:160:16
    ......
    #14 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #15 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 48 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5fd5c2 in AP4_DataAtom::AP4_DataAtom(unsigned int, AP4_ByteStream&) /Bento4/Source/C++/MetaData/Ap4MetaData.cpp:1446:16
    ......
    #28 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #29 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 48 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x534051 in AP4_Array<AP4_CttsTableEntry>::EnsureCapacity(unsigned int) /Bento4/Source/C++/Core/Ap4Array.h:172:25
    ......
    #14 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #15 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 48 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5ff89f in AP4_StdcFileByteStream::Create(AP4_FileByteStream*, char const*, AP4_FileByteStream::Mode, AP4_ByteStream*&) /Bento4/Source/C++/System/StdC/Ap4StdCFileByteStream.cpp:279:14

Indirect leak of 32 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x501c33 in AP4_Array<AP4_DataBuffer>::EnsureCapacity(unsigned int) /Bento4/Source/C++/Core/Ap4Array.h:172:25
    ......
    #7 0x5ada04 in AP4_VisualSampleEntry::AP4_VisualSampleEntry(unsigned int, unsigned int, AP4_ByteStream&, AP4_AtomFactory&) /Bento4/Source/C++/Core/Ap4SampleEntry.cpp:884:5
    #8 0x5ada04 in AP4_AvcSampleEntry::AP4_AvcSampleEntry(unsigned int, unsigned int, AP4_ByteStream&, AP4_AtomFactory&) /Bento4/Source/C++/Core/Ap4SampleEntry.cpp:1136:5

Indirect leak of 32 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x501f85 in AP4_Array<AP4_DataBuffer>::EnsureCapacity(unsigned int) /Bento4/Source/C++/Core/Ap4Array.h:172:25
   ......
    #7 0x5ada04 in AP4_VisualSampleEntry::AP4_VisualSampleEntry(unsigned int, unsigned int, AP4_ByteStream&, AP4_AtomFactory&) /Bento4/Source/C++/Core/Ap4SampleEntry.cpp:884:5
    #8 0x5ada04 in AP4_AvcSampleEntry::AP4_AvcSampleEntry(unsigned int, unsigned int, AP4_ByteStream&, AP4_AtomFactory&) /Bento4/Source/C++/Core/Ap4SampleEntry.cpp:1136:5

Indirect leak of 24 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x53232c in AP4_List<AP4_Atom>::Add(AP4_Atom*) /Bento4/Source/C++/Core/Ap4List.h:160:16
    ......
    #25 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #26 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 24 byte(s) in 1 object(s) allocated from:
    #0 0x4f4688 in operator new[](unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:102
    #1 0x5b7fef in AP4_StcoAtom::AP4_StcoAtom(unsigned int, unsigned char, unsigned int, AP4_ByteStream&) /Bento4/Source/C++/Core/Ap4StcoAtom.cpp:86:17

Indirect leak of 24 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5c1207 in AP4_Array<unsigned int>::EnsureCapacity(unsigned int) /Bento4/Source/C++/Core/Ap4Array.h:172:25
    ......
    #14 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #15 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 24 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5495a0 in AP4_List<AP4_Atom>::Add(AP4_Atom*) /Bento4/Source/C++/Core/Ap4List.h:160:16
    ......
    #13 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #14 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 24 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5bd2e8 in AP4_List<AP4_Atom>::Add(AP4_Atom*) /Bento4/Source/C++/Core/Ap4List.h:160:16
    ......
    #13 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #14 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 24 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x53232c in AP4_List<AP4_Atom>::Add(AP4_Atom*) /Bento4/Source/C++/Core/Ap4List.h:160:16
    ......
    #19 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #20 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 24 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x53232c in AP4_List<AP4_Atom>::Add(AP4_Atom*) /Bento4/Source/C++/Core/Ap4List.h:160:16
    ......
    #4 0x5ada04 in AP4_AvcSampleEntry::AP4_AvcSampleEntry(unsigned int, unsigned int, AP4_ByteStream&, AP4_AtomFactory&) /Bento4/Source/C++/Core/Ap4SampleEntry.cpp:1136:5

Indirect leak of 20 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5b9ea7 in AP4_Array<AP4_StscTableEntry>::EnsureCapacity(unsigned int) /Bento4/Source/C++/Core/Ap4Array.h:172:25
   ......
    #14 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #15 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5bd4ea in AP4_Array<AP4_SampleDescription*>::EnsureCapacity(unsigned int) /Bento4/Source/C++/Core/Ap4Array.h:172:25
    ......
    #13 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #14 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 4 byte(s) in 1 object(s) allocated from:
    #0 0x4f4528 in operator new(unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:99
    #1 0x5bff41 in AP4_Array<unsigned int>::EnsureCapacity(unsigned int) /Bento4/Source/C++/Core/Ap4Array.h:172:25
    ......
    #14 0x4f894a in main /Bento4/Source/C++/Apps/Mp4Decrypt/Mp4Decrypt.cpp:258:29
    #15 0x7f1c98501c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 2 byte(s) in 2 object(s) allocated from:
    #0 0x4f4688 in operator new[](unsigned long) /llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:102
    #1 0x5b93f5 in AP4_String::Assign(char const*, unsigned int) /Bento4/Source/C++/Core/Ap4String.cpp:165:15
    #2 0x5b93f5 in AP4_String::operator=(char const*) /Bento4/Source/C++/Core/Ap4String.cpp:123:9

SUMMARY: AddressSanitizer: 2827 byte(s) leaked in 51 allocation(s).

System Details

Test Machine: Ubuntu 18.04 (docker)
Project Name: mp4decrypt (Bento4-master)

Commit ID

5b7cc25

Poc

mp4decrypt_Poc.zip

Command

./mp4decrypt mp4decrypt_Poc /dev/null

Credit

Wanying Cao (NCNIPC of China)
Xudong Cao (NCNIPC of China)
Hao Zhang (NCNIPC of China)
Xiaotong Jiao (NCNIPC of China)
Han Zheng (NCNIPC of China, Hexhive)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
fuzzing
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@barbibulle @mi1ko