NULL Pointer Dereference in axiomatic-systems/bento4

Valid

Reported on

May 12th 2021


✍️ Description

NULL pointer dereference of Ap4StszAtom.cpp in function GetSampleSize

🕵️‍♂️ Proof of Concept

Verification steps: 1.Get the source code of Bento4 2.Compile the Bento4

$ cd Bento4
$ mkdir check_build && cd check_build
$ cmake ../ -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ -DCMAKE_C_FLAGS="-fsanitize=address" -DCMAKE_CXX_FLAGS="-fsanitize=address"
$ make -j 32

3.run mp42aac

$ ./mp42aac poc.mp4 /dev/null

💥 Impact

This vulnerability is capable of DDos

References :

https://github.com/axiomatic-systems/Bento4/issues/602
Jamie Slome
7 months ago

Admin


Duplicate to https://huntr.dev/bounties/1-other-axiomatic-systems/Bento4/ ?

Dimitry Ishenko
7 months ago

@Jamie No this is not duplicate. I've submitted fixes for both. Thanks for reporting.

Jamie Slome
7 months ago

Admin


@Super - thanks for the heads up. Feel free to confirm the fix when you are happy. You will only be able to select a single one, so I would recommend just making sure when you confirm the fix, that you select the commit SHA that reflects both fixes in your repository.

Dimitry Ishenko confirmed that a fix has been merged on f69a9c 4 months ago
Dimitry Ishenko has been awarded the fix bounty