search

MediaArea / MediaInfoLib

Convenient unified display of the most relevant technical and tag data for video and audio files.
https://mediaarea.net/MediaInfo
BSD 2-Clause "Simplified" License
630 stars 171 forks source link

allocate memory error #2108

Open SuyueGuo opened 1 month ago

SuyueGuo commented 1 month ago

Hello, maintainers of MediaInfo,

A bug was found in MediaInfo, which tries to allocate a memory that is too large.

Poc

allocate_error.zip

command to run

mediainfo ./allocate_error

Details

ASAN output:

=================================================================
==1922581==ERROR: AddressSanitizer: requested allocation size 0x10000000000004f (0x100000000001050 after adjustments for alignment, red zones etc.) exceeds maximum supported size of 0x10000000000 (thread T0)
    #0 0x7f7f5a68a1e7 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cpp:99
    #1 0x7f7f5a4d80bd in std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_mutate(unsigned long, unsigned long, char const*, unsigned long) (/lib/x86_64-linux-gnu/libstdc++.so.6+0x14c0bd)

==1922581==HINT: if you don't care about these errors you may set allocator_may_return_null=1
SUMMARY: AddressSanitizer: allocation-size-too-big ../../../../src/libsanitizer/asan/asan_new_delete.cpp:99 in operator new(unsigned long)
==1922581==ABORTING