Headline
CVE-2022-46490: Memory leak in afrt_box_read function of box_code_adobe.c:706:35 · Issue #2327 · gpac/gpac
GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c.
A memory leak has occurred when running program MP4Box, this can reproduce on the lattest commit.
Version
$ ./MP4Box -version
MP4Box - GPAC version 2.1-DEV-rev505-gb9577e6ad-master
(c) 2000-2022 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io
Please cite our work in your research:
GPAC Filters: https://doi.org/10.1145/3339825.3394929
GPAC: https://doi.org/10.1145/1291233.1291452
GPAC Configuration: --static-build --extra-cflags=-fsanitize=address -g --extra-ldflags=-fsanitize=address -g
Features: GPAC_CONFIG_LINUX GPAC_64_BITS GPAC_HAS_IPV6 GPAC_HAS_SSL GPAC_HAS_SOCK_UN GPAC_MINIMAL_ODF GPAC_HAS_QJS GPAC_HAS_FREETYPE GPAC_HAS_JPEG GPAC_HAS_PNG GPAC_HAS_LINUX_DVB
git log
commit b9577e6ad91ef96decbcd369227ab02b2842c77f (HEAD -> master, origin/master, origin/HEAD)
Author: jeanlf <[email protected]>
Date: Fri Nov 25 16:53:55 2022 +0100
Verification steps
export CFLAGS='-fsanitize=address -g'
export CC=/usr/bin/clang
export CXX=/usr/bin/clang++
git clone https://github.com/gpac/gpac.git
cd gpac
./configure --static-build --extra-cflags="${CFLAGS}" --extra-ldflags="${CFLAGS}"
make
cd bin/gcc
./MP4Box -info $poc
POC file
https://github.com/HotSpurzzZ/testcases/blob/main/gpac/gpac_Direct_leak_afrt_box_read.mp4
AddressSanitizer output
$ ./MP4Box -info gpac_Direct_leak_afrt_box_read.mp4
[isom] not enough bytes in box afrt: 0 left, reading 1 (file isomedia/box_code_adobe.c, line 713)
[iso file] Read Box "afrt" (start 0) failed (Invalid IsoMedia File) - skipping
Error opening file gpac_Direct_leak_afrt_box_read.mp4: Invalid IsoMedia File
=================================================================
==10525==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 24 byte(s) in 1 object(s) allocated from:
#0 0x4a186d in malloc (/root/Desktop/gpac/bin/gcc/MP4Box+0x4a186d)
#1 0x902c18 in afrt_box_read /root/Desktop/gpac/src/isomedia/box_code_adobe.c:706:35
SUMMARY: AddressSanitizer: 24 byte(s) leaked in 1 allocation(s).
Related news
Gentoo Linux Security Advisory 202408-21
Gentoo Linux Security Advisory 202408-21 - Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.2.0 are affected.