Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huntrJanette88E0FDEEE5-7909-446E-9BD0-DB80FD80E8DD
HistoryNov 15, 2022 - 12:49 p.m.

Stack-Based Buffer Overflow in gf_sg_proto_field_is_sftime_offset

2022-11-1512:49:54
janette88
www.huntr.dev
11
buffer overflow
stack-based
gf_sg_proto_field_is_sftime_offset
vrml
gf_node_get_field
gpac
mp4box

0.001 Low

EPSS

Percentile

23.8%

JSON

Description

Stack-Based Buffer Overflow in gf_sg_proto_field_is_sftime_offset at vrml_proto.c:1295.

version

git log
commit 05eaac875354682942b70c790bcd62cb5f4cc825 (grafted, HEAD -> master, origin/master, origin/HEAD)
Author: Jean Le Feuvre <jeanlf@gpac.io>
Date:   Mon Nov 14 18:07:45 2022 +0100

    fixed msvc warnings

./MP4Box -version
MP4Box - GPAC version 2.1-DEV-revUNKNOWN-master
(c) 2000-2022 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io

reference: possible root cause

1) recursive call

code1:gf_node_get_field scenegraph/base_scenegraph.c:2043

GF_Err gf_node_get_field(GF_Node *node, u32 FieldIndex, GF_FieldInfo *info)
{
	assert(node);
	assert(info);
	memset(info, 0, sizeof(GF_FieldInfo));                //here sizeof(GF_FieldInfo)=0x28
	info->fieldIndex = FieldIndex;

	if (node->sgprivate->tag==TAG_UndefinedNode) return GF_BAD_PARAM;
#ifndef GPAC_DISABLE_VRML
	else if (node->sgprivate->tag == TAG_ProtoNode) return gf_sg_proto_get_field(NULL, node, info);
	else if (node->sgprivate->tag == TAG_MPEG4_Script)
		return gf_sg_script_get_field(node, info);

 code 2:gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1293

Bool gf_sg_proto_field_is_sftime_offset(GF_Node *node, GF_FieldInfo *field)
{
	u32 i;
	GF_Route *r;
	GF_ProtoInstance *inst;
	GF_FieldInfo inf;
	if (node->sgprivate->tag != TAG_ProtoNode) return 0;
	if (field->fieldType != GF_SG_VRML_SFTIME) return 0;

	inst = (GF_ProtoInstance *) node;
	/*check in interface if this is ISed */
	i=0;
	while ((r = (GF_Route*)gf_list_enum(inst->proto_interface->sub_graph->Routes, &i))) {
		if (!r->IS_route) continue;
		/*only check eventIn/field/exposedField*/
		if (r->FromNode || (r->FromField.fieldIndex != field->fieldIndex)) continue;

		gf_node_get_field(r->ToNode, r->ToField.fieldIndex, &inf);   //  0x100
		/*IS to another proto*/
		if (r->ToNode->sgprivate->tag == TAG_ProtoNode) return gf_sg_proto_field_is_sftime_offset(r->ToNode, &inf);   // Recursive call triggered SIGSEGV
		/*IS to a startTime/stopTime field*/
		if (!stricmp(inf.name, "startTime") || !stricmp(inf.name, "stopTime")) return 1;
	}
	return 0;
}

2when stack size of programe stack is too small , it triggered stack overflow and  caused segmentation fault (core dumped).
Hope it's helpful for fix it.

Proof of Concept

poc download url:
https://github.com/Janette88/test_pocs/blob/main/sbo2

./MP4Box -bt  sbo2 
[iso file] Unknown box type dCCf in parent minf
[iso file] Missing DataInformationBox
[iso file] extra box maxr found in hinf, deleting
[iso file] extra box maxr found in hinf, deleting
[iso file] Unknown box type 80rak in parent moov
[ODF] Descriptor size on more than 4 bytes
[iso file] Incomplete box mdat - start 11495 size 853093
[iso file] Incomplete file while reading for dump - aborting parsing
[iso file] Unknown box type dCCf in parent minf
[iso file] Missing DataInformationBox
[iso file] extra box maxr found in hinf, deleting
[iso file] extra box maxr found in hinf, deleting
[iso file] Unknown box type 80rak in parent moov
[ODF] Descriptor size on more than 4 bytes
[iso file] Incomplete box mdat - start 11495 size 853093
[iso file] Incomplete file while reading for dump - aborting parsing
MPEG-4 BIFS Scene Parsing
[ODF] Reading bifs config: shift in sizes (invalid descriptor)
AddressSanitizer:DEADLYSIGNAL
=================================================================
==6667==ERROR: AddressSanitizer: stack-overflow on address 0x7fff20958f18 (pc 0x7efda5e75e49 bp 0x7fff209597a0 sp 0x7fff20958f20 T0)
    #0 0x7efda5e75e48 in __interceptor_memset ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:762
    #1 0x7efda26e7f7a in memset /usr/include/x86_64-linux-gnu/bits/string_fortified.h:71
    #2 0x7efda26e7f7a in gf_node_get_field scenegraph/base_scenegraph.c:2043
    #3 0x7efda2858b22 in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1293
    #4 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #5 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #6 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #7 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #8 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #9 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #10 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #11 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #12 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #13 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #14 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #15 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #16 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #17 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #18 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #19 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #20 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #21 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #22 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #23 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #24 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #25 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #26 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #27 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #28 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #29 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #30 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #31 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #32 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #33 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #34 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #35 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #36 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #37 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #38 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #39 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #40 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #41 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #42 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #43 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #44 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #45 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #46 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #47 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #48 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #49 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #50 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #51 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #52 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #53 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #54 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #55 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #56 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #57 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #58 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #59 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #60 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #61 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #62 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #63 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #64 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #65 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #66 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #67 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #68 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #69 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #70 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #71 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #72 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #73 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #74 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #75 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #76 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #77 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #78 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #79 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #80 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #81 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #82 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #83 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #84 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #85 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #86 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #87 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #88 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #89 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #90 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #91 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #92 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #93 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #94 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #95 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #96 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #97 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #98 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #99 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #100 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #101 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #102 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #103 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #104 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #105 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #106 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #107 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #108 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #109 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #110 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #111 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #112 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #113 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #114 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #115 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #116 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #117 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #118 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #119 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #120 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #121 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #122 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #123 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #124 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #125 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #126 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #127 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #128 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #129 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #130 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #131 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #132 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #133 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #134 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #135 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #136 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #137 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #138 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #139 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #140 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #141 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #142 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #143 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #144 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #145 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #146 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #147 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #148 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #149 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #150 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #151 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #152 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #153 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #154 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #155 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #156 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #157 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #158 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #159 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #160 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #161 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #162 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #163 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #164 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #165 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #166 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #167 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #168 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #169 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #170 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #171 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #172 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #173 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #174 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #175 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #176 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #177 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #178 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #179 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #180 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #181 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #182 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #183 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #184 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #185 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #186 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #187 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #188 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #189 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #190 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #191 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #192 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #193 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #194 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #195 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #196 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #197 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #198 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #199 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #200 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #201 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #202 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #203 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #204 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #205 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #206 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #207 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #208 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #209 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #210 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #211 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #212 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #213 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #214 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #215 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #216 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #217 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #218 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #219 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #220 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #221 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #222 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #223 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #224 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #225 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #226 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #227 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #228 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #229 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #230 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #231 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #232 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #233 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #234 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #235 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #236 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #237 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #238 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #239 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #240 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #241 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #242 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #243 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #244 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #245 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #246 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #247 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #248 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295
    #249 0x7efda2858c1f in gf_sg_proto_field_is_sftime_offset scenegraph/vrml_proto.c:1295

SUMMARY: AddressSanitizer: stack-overflow ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:762 in __interceptor_memset
==6667==ABORTING

Related

cvelist 1
nvd 1
veracode 1
osv 2
cve 1
debiancve 1
ubuntucve 1
prion 1
debian 1
nessus 1
openvas 1
cvelist
cvelist
CVE-2023-0770 Stack-based Buffer Overflow in gpac/gpac
2023-02-09 00:00:00
nvd
nvd
CVE-2023-0770
2023-02-09 22:15:11
veracode
veracode
Denial Of Service (DoS)
2023-02-17 04:22:59
osv
osv
CVE-2023-0770
2023-02-09 22:15:11
gpac - security update
2023-05-26 00:00:00
cve
cve
CVE-2023-0770
2023-02-09 22:15:11
debiancve
debiancve
CVE-2023-0770
2023-02-09 22:15:11
ubuntucve
ubuntucve
CVE-2023-0770
2023-02-09 00:00:00
prion
prion
Stack overflow
2023-02-09 22:15:00
debian
debian
[SECURITY] [DSA 5411-1] gpac security update
2023-05-26 14:00:08
nessus
nessus
Debian DSA-5411-1 : gpac - security update
2023-05-27 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5411-1)
2023-05-29 00:00:00

0.001 Low

EPSS

Percentile

23.8%

JSON
Related for E0FDEEE5-7909-446E-9BD0-DB80FD80E8DD
cvelist1nvd1veracode1osv2cve1debiancve1ubuntucve1prion1debian1nessus1openvas1