Describe the bug
We (School of Cyber Science and Technology, Shandong University) found that MP4_ReadBox_sample_video can cause memory leaks when it processes malformed messages.
Expected behavior
If Asan is enabled at compile time, the MP4_ReadBox_sample_video crashes and displays ASAN information.
Actual Behavior
If Asan is enabled at compile time, the MP4_ReadBox_sample_video crashes and displays ASAN information, which can cause memory leaks.
MP4_ReadBox_sample_video
can cause memory leaks when it processes malformed messages.Expected behavior If Asan is enabled at compile time, the
MP4_ReadBox_sample_video
crashes and displays ASAN information.Actual Behavior
If Asan is enabled at compile time, the
MP4_ReadBox_sample_video
crashes and displays ASAN information, which can cause memory leaks.To Reproduce
Similarly, we will upload a vulnerability POC to https://drive.google.com/file/d/14CP_REpo6tKo-PjyeA2gpTEjWBGQJtVq/view?usp=share_link to help developers fix this vulnerability.
Environment Details