Menu
▾
▴
#170 buffer overflow when compile with -D_FORTIFY_SOURCE=2
closed-fixed
nobody
None
5
2009-08-25
2009-02-22
Anonymous
No
Hi,
On Ubuntu, when gpac is compile with -D_FORTIFY_SOURCE=2 (which is the default), there is buffer overflow.
You can see details on this 2 bugs :
https://bugs.launchpad.net/ubuntu/+source/gpac/+bug/273075
https://bugs.launchpad.net/ubuntu/+source/gpac/+bug/278961
Could it be the memset(tmp, 0, sizeof(GF_CopyrightBox)); call in chpl_New() and sizeof(GF_ChapterListBox) != sizeof(GF_CopyrightBox)?
Yes, seems very likely.
diff -urNad gpac-0.4.4~/src/isomedia/box_code_base.c gpac-0.4.4/src/isomedia/box_code_base.c
--- gpac-0.4.4~/src/isomedia/box_code_base.c 2007-04-20 09:11:19.000000000 -0700
+++ gpac-0.4.4/src/isomedia/box_code_base.c 2009-03-05 10:41:24.000000000 -0800
@@ -108,7 +108,7 @@
tmp = (GF_ChapterListBox *) malloc(sizeof(GF_ChapterListBox));
if (tmp == NULL) return NULL;
- memset(tmp, 0, sizeof(GF_CopyrightBox));
+ memset(tmp, 0, sizeof(GF_ChapterListBox));
tmp->list = gf_list_new();
gf_isom_full_box_init((GF_Box *)tmp);
tmp->type = GF_ISOM_BOX_TYPE_CHPL;
this should be fixed on CVS - thanks for reporting