Stack buffer overflow in read_block()

[0xdd96]

version: master (commit https://github.com/cisco/thor/commit/18de8f9f0762c3a542b1122589edb8af859d9813) poc: poc command: ./Thordec poc out.yuv

user@c3ae4d510abb:$ ./Thordec poc out.yuv
Warning: short read*** stack smashing detected ***: terminated
Aborted (core dumped)

Here is the backtrace in GDB:

pwndbg> backtrace
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x00007ffff7c9f859 in __GI_abort () at abort.c:79
#2  0x00007ffff7d0a29e in __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x7ffff7e3408f "*** %s ***: terminated\n") at ../sysdeps/posix/libc_fatal.c:155
#3  0x00007ffff7dacaea in __GI___fortify_fail (msg=msg@entry=0x7ffff7e34077 "stack smashing detected") at fortify_fail.c:26
#4  0x00007ffff7dacab6 in __stack_chk_fail () at stack_chk_fail.c:24
#5  0x000055555555d8ae in read_block (decoder_info=decoder_info@entry=0x7fffffff7070, stream=<optimized out>, block_info=block_info@entry=0x7ffffffed160, frame_type=<optimized out>) at dec/read_bits.c:134
#6  0x000055555555883f in decode_block (decoder_info=decoder_info@entry=0x7fffffff7070, size=size@entry=8, ypos=ypos@entry=0, xpos=xpos@entry=24, sub=sub@entry=31) at dec/decode_block.c:287
#7  0x0000555555559d26 in process_block_dec_lbd (decoder_info=0x7fffffff7070, size=8, yposY=0, xposY=24, sub=31) at dec/decode_block.c:661
#8  0x000055555555dd60 in decode_frame (decoder_info=0x7fffffff7070, rec_buffer=<optimized out>) at dec/decode_frame.c:163
#9  0x00005555555556b4 in main (argc=argc@entry=3, argv=argv@entry=0x7fffffffe468) at dec/maindec.c:179
#10 0x00007ffff7ca10b3 in __libc_start_main (main=0x5555555552c0 <main>, argc=3, argv=0x7fffffffe468, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe458) at ../csu/libc-start.c:308
#11 0x000055555555714e in _start () at /usr/include/x86_64-linux-gnu/bits/stdio2.h:100