Heap-based Buffer Overflow in strukturag/libde265


Reported on

May 13th 2021

✍️ Description

heap-buffer-overflow of decctx.cc in function read_sps_NAL

🕵️‍♂️ Proof of Concept

Verification steps: 1.Get the source code of Bento4 2.Compile the Bento4

$ ./autogen.sh
$ export CFLAGS="-g -lpthread -fsanitize=address"
$ export CXXFLAGS="-g -lpthread -fsanitize=address"
$ CC=clang CXX=clang++ ./configure --disable-shared
$ make -j 32


$./dec265 poc

💥 Impact

This vulnerability is capable of DDOS or code execution

Dirk Farin
2 months ago


Fixed in 8e89fe0e175d2870c39486fdd09250b230ec10b8

Jamie Slome
2 months ago


@farindk - thanks for the information. Would you be able to approve and confirm the fix using the action buttons in the drop-down section above?

Dirk Farin validated this vulnerability 2 months ago
RouX has been awarded the disclosure bounty
The fix bounty is now up for grabs
Dirk Farin confirmed that a fix has been merged on 8e89fe 2 months ago
Dirk Farin has been awarded the fix bounty
to join this conversation