Headline

CVE-2023-48090: memory leaks in extract_attributes media_tools/m3u8.c:329 · Issue #2680 · gpac/gpac

GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes media_tools/m3u8.c:329.

10 months ago

1.Version
./MP4Box -version
MP4Box - GPAC version 2.3-DEV-rev617-g671976fcc-master
© 2000-2023 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io/

Please cite our work in your research:
GPAC Filters: https://doi.org/10.1145/3339825.3394929
GPAC: https://doi.org/10.1145/1291233.1291452

GPAC Configuration:
Features: GPAC_CONFIG_LINUX GPAC_64_BITS GPAC_HAS_IPV6 GPAC_HAS_SSL GPAC_HAS_SOCK_UN GPAC_MINIMAL_ODF GPAC_HAS_QJS GPAC_HAS_JPEG GPAC_HAS_PNG GPAC_HAS_LINUX_DVB GPAC_DISABLE_3D

2.ASAN
[M3U8] Unsupported directive #EXT-X-VERSION:
[M3U8] Attribute SEQUENCE:1 not supported
[M3U8] Invalid #EXT-X-MEDIA: TYPE is missing. Ignoring the line.
[M3U8] Invalid URI (URI=") in EXT-X-MAP
[M3U8] Failed to parse root playlist './crashes/crash4’, error = BitStream Not Compliant
[DASH] Error - cannot connect service: MPD creation problem BitStream Not Compliant
[DASHDmx] Error - cannot initialize DASH Client for ./crashes/crash4: BitStream Not Compliant
Failed to connect filter fin PID crash4 to filter dashin: BitStream Not Compliant
Blacklisting dashin as output from fin and retrying connections
Failed to find any filter for URL ./crashes/crash4, disabling destination filter fout
Filter fin failed to setup: Filter not found for the desired type
Filters not connected:
fout (dst=crash4_dash.mpd:gpac:segdur=500000/1000:profile=full:!sap:buf=1500:!check_dur:pssh=v:subs_sidx=0) (idx=1)
Arg segdur set but not used
Arg profile set but not used
Arg !sap set but not used
Arg buf set but not used
Arg !check_dur set but not used
Arg pssh set but not used
Arg subs_sidx set but not used
Error DASHing file: Filter not found for the desired type

=================================================================
==150880==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 120 byte(s) in 1 object(s) allocated from:
#0 0x7f7fcaf3ca57 in __interceptor_calloc …/…/…/…/src/libsanitizer/asan/asan_malloc_linux.cpp:154
#1 0x7f7fc9d73286 in extract_attributes media_tools/m3u8.c:329

Indirect leak of 11 byte(s) in 1 object(s) allocated from:
#0 0x7f7fcaf3ca57 in __interceptor_calloc …/…/…/…/src/libsanitizer/asan/asan_malloc_linux.cpp:154
#1 0x7f7fc9d7385b in extract_attributes media_tools/m3u8.c:345

SUMMARY: AddressSanitizer: 131 byte(s) leaked in 2 allocation(s)…

3.Reproduction
./MP4Box -dash 500000 $poc

4.POC file
crash.00.zip

5.Impact
Memory leaks can cause program performance degradation, system crashes, or unpredictable behavior