search

bbc / bmx

Library and utilities to read and write broadcasting media files. Primarily supports the MXF file format
BSD 3-Clause "New" or "Revised" License
62 stars 17 forks source link

MXFDump: fix index out of bounds error #76

Closed philipnbbc closed 4 months ago

philipnbbc commented 4 months ago

Issue #74 was (partially) replicated by building libMXF on Debian 11 with address sanitizer options as suggested for GCC here. However, no global-buffer-overflow error was reported; only a segmentation fault (e.g. shown when using just CXXFLAGS="-fsanitize=address").

Additional installs required: apt install libasan8 libubsan1 Build: CXXFLAGS="-fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all -fsanitize=float-divide-by-zero -fsanitize=float-cast-overflow -fno-sanitize=null -fno-sanitize=alignment" cmake -DCMAKE_BUILD_TYPE=Debug ../bmx/deps/libMXF

Running MXFDump on poc.mxf (provided in #74) results in 

...
  47.01     :    06.0e.2b.34.01.01.01.02.06.01.01.04.02.03.00.00
  06.01     :    ea.0e.2b.34.01.01.01.02.05.30.04.04.01.00.00.00
  ff.ff     :    06.0e.2b.34.01.01.01.09.06.01.01.04.02.0d.00.00
MXFDump : Warning : Cannot remap static local key as specified by Primer Pack (property "EditUnitByteCount" has local key 3f05 in the MXF dictionary and 0000 in the Primer)
/build/bmx/deps/libMXF/tools/MXFDump/MXFDump.cpp:3320:42: runtime error: index 321 out of bounds for type 'MXFLocalKey [188]'

Fixes #74

philipnbbc commented 4 months ago

However, no global-buffer-overflow error was reported; only a segmentation fault (e.g. shown when using just CXXFLAGS="-fsanitize=address").

Changing Debug to Release (see issue comment) exposed the buffer overflow error