Hello, I recently discovered three heap-use-after-free vulnerabilities during fuzz testing of Bento4 using AFL++. They can be triggered by both mp42ts and mp42hls. The environment I use and the crash summary are as follows. Due to the large amount of content, POC and ASAN details will be provided in the link.
Envrionment
Ubuntu 22.04.2 LTS
gcc version 11.4.0 (Ubuntu 11.4.0-1ubuntu1~22.04)
Ubuntu clang version 14.0.0-1ubuntu1.1
Affected Version
(Bento4 Version 1.6.0.0)
MP4 To MPEG2-TS File Converter - Version 1.3
MP4 To HLS File Converter - Version 1.2
crash SUMMARY
AddressSanitizer: heap-use-after-free /root/fuzzing_Bento4/Bento4/Source/C++/Core/Ap4ByteStream.cpp:428:17 in AP4_SubStream::~AP4_SubStream()
AddressSanitizer:heap-use-after-free /root/fuzzing_Bento4/Bento4/Source/C++/Core/Ap4Atom.cpp:408:25 in AP4_UnknownAtom::~AP4_UnknownAtom()
AddressSanitizer: heap-use-after-free /root/fuzzing_Bento4/Bento4/Source/C++/Core/Ap4Sample.h:99:48 in AP4_Sample::GetOffset() const
Hello, I recently discovered three heap-use-after-free vulnerabilities during fuzz testing of Bento4 using AFL++. They can be triggered by both mp42ts and mp42hls. The environment I use and the crash summary are as follows. Due to the large amount of content, POC and ASAN details will be provided in the link.
Envrionment
Affected Version
crash SUMMARY
details
https://github.com/40ngx/Bento4-crash