Stack-overflow in function xml_sax_parse at src/utils/xml_parser.c in gpac/gpac
Valid
Reported on
May 17th 2023
Description
Stack-overflow in MP4Box.
Version
MP4Box - GPAC version 2.3-DEV-rev263-g2afa05f4d-master
(c) 2000-2023 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io
Please cite our work in your research:
GPAC Filters: https://doi.org/10.1145/3339825.3394929
GPAC: https://doi.org/10.1145/1291233.1291452
GPAC Configuration: --enable-sanitizer --prefix=../bin_asan
Features: GPAC_CONFIG_LINUX GPAC_64_BITS GPAC_HAS_IPV6 GPAC_HAS_SSL GPAC_HAS_SOCK_UN GPAC_MINIMAL_ODF GPAC_HAS_QJS GPAC_HAS_PNG GPAC_HAS_LINUX_DVB GPAC_DISABLE_3D
Reproduce
complie and run
./configure --enable-sanitizer
make
Proof of Concept
./MP4Box -bin poc
poc is here!
ASAN
==3553706==ERROR: AddressSanitizer: stack-overflow on address 0x7ffca1f90ff8 (pc 0x7fbaf3ef760d bp 0x00000000001e sp 0x7ffca1f91000 T0)
#0 0x7fbaf3ef760c in __sanitizer::StackDepotBase<__sanitizer::StackDepotNode, 1, 20>::Put(__sanitizer::StackTrace, bool*) ../../../../src/libsanitizer/sanitizer_common/sanitizer_stackdepotbase.h:105
#1 0x7fbaf3ef724b in __sanitizer::StackDepotPut(__sanitizer::StackTrace) ../../../../src/libsanitizer/sanitizer_common/sanitizer_stackdepot.cc:110
#2 0x7fbaf3df5151 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) ../../../../src/libsanitizer/asan/asan_allocator.cc:508
#3 0x7fbaf3df154a in __asan::asan_malloc(unsigned long, __sanitizer::BufferedStackTrace*) ../../../../src/libsanitizer/asan/asan_allocator.cc:874
#4 0x7fbaf3ed68ce in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:145
#5 0x7fbaf04617d1 in gf_list_new (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x19ec7d1)
#6 0x7fbaf049ed96 in on_dom_text_content (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a29d96)
#7 0x7fbaf04a43cd in xml_sax_flush_text (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a2f3cd)
#8 0x7fbaf04a9ebb in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a34ebb)
#9 0x7fbaf04ab0e8 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a360e8)
#10 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#11 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#12 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#13 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#14 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#15 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#16 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#17 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#18 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#19 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#20 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#21 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#22 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#23 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#24 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#25 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#26 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#27 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#28 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#29 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#30 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#31 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#32 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#33 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#34 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#35 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#36 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#37 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#38 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#39 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#40 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#41 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#42 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#43 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#44 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#45 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#46 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#47 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#48 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#49 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#50 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#51 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#52 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#53 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#54 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#55 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#56 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#57 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#58 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#59 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#60 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#61 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#62 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#63 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#64 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#65 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#66 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#67 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#68 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#69 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#70 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#71 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#72 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#73 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#74 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#75 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#76 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#77 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#78 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#79 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#80 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#81 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#82 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#83 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#84 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#85 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#86 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#87 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#88 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#89 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#90 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#91 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#92 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#93 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#94 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#95 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#96 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#97 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#98 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#99 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#100 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#101 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#102 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#103 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#104 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#105 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#106 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#107 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#108 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#109 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#110 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#111 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#112 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#113 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#114 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#115 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#116 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#117 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#118 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#119 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#120 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#121 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#122 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#123 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#124 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#125 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#126 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#127 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#128 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#129 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#130 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#131 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#132 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#133 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#134 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#135 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#136 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#137 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#138 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#139 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#140 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#141 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#142 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#143 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#144 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#145 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#146 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#147 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#148 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#149 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#150 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#151 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#152 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#153 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#154 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#155 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#156 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#157 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#158 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#159 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#160 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#161 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#162 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#163 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#164 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#165 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#166 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#167 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#168 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#169 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#170 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#171 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#172 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#173 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#174 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#175 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#176 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#177 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#178 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#179 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#180 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#181 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#182 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#183 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#184 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#185 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#186 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#187 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#188 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#189 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#190 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#191 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#192 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#193 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#194 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#195 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#196 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#197 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#198 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#199 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#200 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#201 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#202 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#203 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#204 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#205 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#206 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#207 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#208 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#209 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#210 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#211 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#212 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#213 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#214 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#215 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#216 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#217 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#218 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#219 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#220 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#221 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#222 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#223 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#224 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#225 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#226 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#227 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#228 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#229 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#230 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#231 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#232 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#233 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#234 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#235 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#236 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#237 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#238 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#239 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#240 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#241 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#242 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#243 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#244 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#245 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#246 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
#247 0x7fbaf04aafe3 in gf_xml_sax_parse_intern (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a35fe3)
#248 0x7fbaf04aa07b in xml_sax_parse (/home/hack/ohhh/bin_asan/lib/libgpac.so.12+0x1a3507b)
SUMMARY: AddressSanitizer: stack-overflow ../../../../src/libsanitizer/sanitizer_common/sanitizer_stackdepotbase.h:105 in __sanitizer::StackDepotBase<__sanitizer::StackDepotNode, 1, 20>::Put(__sanitizer::StackTrace, bool*)
==3553706==ABORTING
Impact
This is capable of causing crashes.
References
We are processing your report and will contact the
gpac
team within 24 hours.
8 days ago
We have contacted a member of the
gpac
team and are waiting to hear back
7 days ago
Can we get a CVE for this report? I think the previous report on stack overflow seems to be unable to receive CVE.
Can I receive CVE for this report? I saw that the previous report about stack overflow seems to be unable to receive CVE. [Sorry, I'll repeat it again because I typed the wrong word just now]
7resp4ss modified the report
6 days ago
7resp4ss modified the report
6 days ago
7resp4ss modified the report
6 days ago
A gpac/gpac maintainer
commented
6 days ago
https://github.com/gpac/gpac/issues/2473
We've always been open to CVE reports. However due to recent discussions with Linux distribution maintainers, we need to understand high CVSS. Could you elaborate how you computed your score?
Sorry, when I first discovered this vulnerability, I thought it was a stack overflow vulnerability, which could hijack the program flow, but after analyzing it last night, I found that it was a stack overflow vulnerability, which exhausted the stack space, but forgot to change the cvss score of my report
I have now changed my report according to cvss3.0, but the specific quantification is too complicated. I just refer to other cve reports, and I can’t explain how I calculated it in detail. @gpac
7resp4ss modified the report
5 days ago
The researcher's credibility has increased: +7
to join this conversation