Distributor ID: Debian
Description: Debian GNU/Linux bookworm/sid
I checked against the latest release as of 10/08/23 the current master branch at commit50c2ab06f45a3101d73d6f317e98f041809f4923 .
This AddressSanitizer output is indicating an OOB read of invalid heap memory. This exception occurred in the function ac3dmx_process at line 489 in the filesrc/filters/reframe_ac3.c. This error being an OOB read indicates that the error is related to the source calculation here.
src/filters/reframe_ac3.c:line 489
memcpy(output, sync, ctx->hdr.framesize);
./MP4Box -dash 1000 ./POC5_min
[BS] Attempt to overread bitstream
[Dasher] No template assigned, using $File$_dash$FS$$Number$
=================================================================
==1037600==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60300000293c at pc 0x5555563f1b57 bp 0x7fffffff6670 sp 0x7fffffff5e40
READ of size 98 at 0x60300000293c thread T0
#0 0x5555563f1b56 in __asan_memcpy (/path/gpac/build/bin/gcc/MP4Box+0xe9db56) (BuildId: 1b19b3f64554102b121e6b611467f4f8dd9b5747)
#1 0x55555787b067 in ac3dmx_process /path/gpac/src/filters/reframe_ac3.c:489:4
#2 0x555557276bc7 in gf_filter_process_task /path/gpac/src/filter_core/filter.c:2971:7
#3 0x55555722b99e in gf_fs_thread_proc /path/gpac/src/filter_core/filter_session.c:2105:3
#4 0x55555722985d in gf_fs_run /path/gpac/src/filter_core/filter_session.c:2405:3
#5 0x555556dd7a39 in gf_dasher_process /path/gpac/src/media_tools/dash_segmenter.c:1236:6
#6 0x55555646143c in do_dash /path/gpac/applications/mp4box/mp4box.c:4831:15
#7 0x555556451064 in mp4box_main /path/gpac/applications/mp4box/mp4box.c:6245:7
#8 0x7ffff6fe11c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#9 0x7ffff6fe1284 in __libc_start_main csu/../csu/libc-start.c:360:3
#10 0x55555636f9e0 in _start (/path/gpac/build/bin/gcc/MP4Box+0xe1b9e0) (BuildId: 1b19b3f64554102b121e6b611467f4f8dd9b5747)
0x60300000293c is located 0 bytes to the right of 28-byte region [0x603000002920,0x60300000293c)
allocated by thread T0 here:
#0 0x5555563f2c56 in __interceptor_realloc (/path/gpac/build/bin/gcc/MP4Box+0xe9ec56) (BuildId: 1b19b3f64554102b121e6b611467f4f8dd9b5747)
#1 0x55555787a567 in ac3dmx_process /path/gpac/src/filters/reframe_ac3.c:399:22
#2 0x555557276bc7 in gf_filter_process_task /path/gpac/src/filter_core/filter.c:2971:7
#3 0x55555722b99e in gf_fs_thread_proc /path/gpac/src/filter_core/filter_session.c:2105:3
#4 0x55555722985d in gf_fs_run /path/gpac/src/filter_core/filter_session.c:2405:3
#5 0x555556dd7a39 in gf_dasher_process /path/gpac/src/media_tools/dash_segmenter.c:1236:6
#6 0x55555646143c in do_dash /path/gpac/applications/mp4box/mp4box.c:4831:15
#7 0x555556451064 in mp4box_main /path/gpac/applications/mp4box/mp4box.c:6245:7
#8 0x7ffff6fe11c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
SUMMARY: AddressSanitizer: heap-buffer-overflow (/path/gpac/build/bin/gcc/MP4Box+0xe9db56) (BuildId: 1b19b3f64554102b121e6b611467f4f8dd9b5747) in __asan_memcpy
Shadow bytes around the buggy address:
0x0c067fff84d0: fd fd fd fd fa fa 00 00 01 fa fa fa fd fd fd fd
0x0c067fff84e0: fa fa fd fd fd fa fa fa 00 00 01 fa fa fa 00 00
0x0c067fff84f0: 01 fa fa fa 00 00 00 00 fa fa 00 00 00 00 fa fa
0x0c067fff8500: 00 00 01 fa fa fa fd fd fd fd fa fa fd fd fd fd
0x0c067fff8510: fa fa 00 00 01 fa fa fa 00 00 00 fa fa fa 00 00
=>0x0c067fff8520: 00 fa fa fa 00 00 00[04]fa fa 00 00 00 00 fa fa
0x0c067fff8530: 00 00 02 fa fa fa 00 00 00 fa fa fa 00 00 01 fa
0x0c067fff8540: fa fa 00 00 00 00 fa fa 00 00 01 fa fa fa 00 00
0x0c067fff8550: 01 fa fa fa 00 00 05 fa fa fa 00 00 04 fa fa fa
0x0c067fff8560: 00 00 06 fa fa fa 00 00 00 fa fa fa 00 00 00 00
0x0c067fff8570: fa fa 00 00 02 fa fa fa 00 00 00 01 fa fa fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==1037600==ABORTING