Open QWeiheng opened 7 months ago
Hello,
I find that in the AP4_Stz2Atom::AP4_Stz2Atom function, the sample_count obtained through stream.ReadUI08 may lack proper range validation. This can lead to a heap out-of-bounds read when calling AP4_BytesToUInt16BE, triggering a segment fault.
./mp42aac poc out
poc.zip
Hello,
I find that in the AP4_Stz2Atom::AP4_Stz2Atom function, the sample_count obtained through stream.ReadUI08 may lack proper range validation. This can lead to a heap out-of-bounds read when calling AP4_BytesToUInt16BE, triggering a segment fault.
./mp42aac poc out
poc.zip