Describe the bug
We (School of Cyber Science and Technology, Shandong University) found that MP4_ReadLengthDescriptor can cause buffer overflow when it processes malformed messages.
Expected behavior
If Asan is enabled at compile time, the MP4_ReadLengthDescriptor crashes and displays ASAN information.
Actual Behavior
If Asan is enabled at compile time, the MP4_ReadLengthDescriptor crashes and displays ASAN information, which can cause DOS.
MP4_ReadLengthDescriptor
can cause buffer overflow when it processes malformed messages.Expected behavior If Asan is enabled at compile time, the
MP4_ReadLengthDescriptor
crashes and displays ASAN information.Actual Behavior
If Asan is enabled at compile time, the
MP4_ReadLengthDescriptor
crashes and displays ASAN information, which can cause DOS.To Reproduce
Similarly, we will upload a vulnerability POC to https://drive.google.com/file/d/1yArMfsdR7ttT4grdHwC_IHCazacY-aCC/view?usp=share_link to help developers fix this vulnerability.
Environment Details