tsMuxer is a transport stream muxer for remuxing/muxing elementary streams, EVO/VOB/MPG, MKV/MKA, MP4/MOV, TS, M2TS to TS to M2TS. Supported video codecs H.264/AVC, H.265/HEVC, VC-1, MPEG2. Supported audio codecs AAC, AC3 / E-AC3(DD+), DTS/ DTS-HD.
Apache License 2.0
829
stars
140
forks
source link
stack buffer over-read is found in TS_program_map_section::extractPMTDescriptors #859
Our fuzzer found stack buffer over-read in tsDemuxer. in the current master(75c9cb3). PoC is here.
Folloing is an output of ASAN. vuln22.ts is in poc22.zip
It is caused by these line. https://github.com/justdan96/tsMuxer/blob/5f43ab2a45482ad448524dc61a1ab7204ca8849d/tsMuxer/tsPacket.cpp#L293-L295
Ricerca Security, Inc.