561,execs:24973,op:havoc,rep:2
Info: version 'v367-13cafed' using ffmpeg '4.4.2-0ubuntu0.22.04.1' Lavc58.134.100
Info: reading ./out/default/crashes/id:000009,sig:11,src:000003,time:649561,execs:24973,op:havoc,rep:2
Info: parsing healthy moov atom ...
Composition time offset atom found. Out of order samples possible.
[mov,mp4,m4a,3gp,3g2,mj2 @ 0x61b000000080] STSC entry 13 is invalid (first=-1777 count=1 id=1)
[mov,mp4,m4a,3gp,3g2,mj2 @ 0x61b000000080] STSC entry 12 is invalid (first=14 count=2 id=0)
[mov,mp4,m4a,3gp,3g2,mj2 @ 0x61b000000080] wrong sample count
AddressSanitizer:DEADLYSIGNAL
==3975365==ERROR: AddressSanitizer: SEGV on unknown address 0x61cffffffe58 (pc 0x5d5489f2b1a6 bp 0x7ffc7bc21810 sp 0x7ffc7bc216e0 T0)
==3975365==The signal is caused by a WRITE memory access.
0 0x5d5489f2b1a6 in Track::parseSampleToChunk() /home/sheep/Desktop/fuzz/untrunc/src/track.cpp:384:28
#1 0x5d5489f270d0 in Track::parseOk() /home/sheep/Desktop/fuzz/untrunc/src/track.cpp:89:2
#2 0x5d5489e6ceaf in Mp4::parseTracksOk() /home/sheep/Desktop/fuzz/untrunc/src/mp4.cpp:179:9
#3 0x5d5489e682f2 in Mp4::parseHealthy() /home/sheep/Desktop/fuzz/untrunc/src/mp4.cpp:67:2
#4 0x5d5489e6f9e0 in Mp4::parseOk(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, bool) /home/sheep/Desktop/fuzz/untrunc/src/mp4.cpp:161:3
#5 0x5d5489e600ba in main /home/sheep/Desktop/fuzz/untrunc/src/main.cpp:206:7
#6 0x7c2aa5a29d8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#7 0x7c2aa5a29e3f in __libc_start_main csu/../csu/libc-start.c:392:3
#8 0x5d5489d4c1f4 in _start (/home/sheep/Desktop/fuzz/untrunc/untrunc+0x651f4) (BuildId: f34bb497b760a82b3977f75bc17586e910e078ca)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/sheep/Desktop/fuzz/untrunc/src/track.cpp:384:28 in Track::parseSampleToChunk()
==3975365==ABORTING
Describe the bug
AddressSanitizer: SEGV on unknown address in untrunc
To Reproduce
./untrunc -sv -dyn -dcc -dyn -dst ./out/1.mp4 ./out/default/crashes/2
ASAN Output
561,execs:24973,op:havoc,rep:2 Info: version 'v367-13cafed' using ffmpeg '4.4.2-0ubuntu0.22.04.1' Lavc58.134.100 Info: reading ./out/default/crashes/id:000009,sig:11,src:000003,time:649561,execs:24973,op:havoc,rep:2 Info: parsing healthy moov atom ... Composition time offset atom found. Out of order samples possible. [mov,mp4,m4a,3gp,3g2,mj2 @ 0x61b000000080] STSC entry 13 is invalid (first=-1777 count=1 id=1) [mov,mp4,m4a,3gp,3g2,mj2 @ 0x61b000000080] STSC entry 12 is invalid (first=14 count=2 id=0) [mov,mp4,m4a,3gp,3g2,mj2 @ 0x61b000000080] wrong sample count AddressSanitizer:DEADLYSIGNAL
==3975365==ERROR: AddressSanitizer: SEGV on unknown address 0x61cffffffe58 (pc 0x5d5489f2b1a6 bp 0x7ffc7bc21810 sp 0x7ffc7bc216e0 T0) ==3975365==The signal is caused by a WRITE memory access.
0 0x5d5489f2b1a6 in Track::parseSampleToChunk() /home/sheep/Desktop/fuzz/untrunc/src/track.cpp:384:28
AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/sheep/Desktop/fuzz/untrunc/src/track.cpp:384:28 in Track::parseSampleToChunk() ==3975365==ABORTING
Environment info
ubuntu20.04 untrunc version 'v367-13cafed'
crashing file
segv-on-unknown-address.zip