heap_buffer_overflow in MP4_ReadLengthDescriptor

 + **Describe the bug**
   We (School of Cyber Science and Technology, Shandong University) found that `MP4_ReadLengthDescriptor` can cause buffer overflow when it processes malformed messages.

+ **Expected behavior**
  If Asan is enabled at compile time, the `MP4_ReadLengthDescriptor` crashes and displays ASAN information.

+ **Actual Behavior**

  If Asan is enabled at compile time, the `MP4_ReadLengthDescriptor` crashes and displays ASAN information, which can cause DOS.

  ![image-20230414160355578](https://img2023.cnblogs.com/blog/2723796/202304/2723796-20230414172931166-258299040.png)

+ **To Reproduce**

  Similarly, we will upload a vulnerability POC to https://drive.google.com/file/d/1yArMfsdR7ttT4grdHwC_IHCazacY-aCC/view?usp=share_link  to help developers fix this vulnerability.

+ **Environment Details**

  + Version: master branch
  + Operating system and version：Ubuntu 20.04
  + Compiler and language used：gcc 9.4.0

  



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

heap_buffer_overflow in MP4_ReadLengthDescriptor #89

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

heap_buffer_overflow in MP4_ReadLengthDescriptor #89

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions