Unofficial XVid with added custom native Visual Studio project build tools. Xvid: A high performance and high quality MPEG-4 video de-/encoding solution.
Home Page: https://labs.xvid.com/
License: GNU General Public License v2.0
Hi, I am reporting a bug found by xvid libfuzzer.
*This bug was found by Arash Aleebrahim of fuzzcoin project (https://fuzzcoin.kr)
Following is the address sanitizer report (oob memory read while decoding a frame).
I also attached the testcase and libfuzzer binary for reproduction.
test environment: Ubuntu 16.04, x64.
INFO: Seed: 2794480831
INFO: Loaded 1 modules (9113 inline 8-bit counters): 9113 [0x8dc380, 0x8de719),
INFO: Loaded 1 PC tables (9113 PCs): 9113 [0x8de720,0x9020b0),
./target.bin: Running 1 inputs 1 time(s) each.
Running: ../crashes/cb6f986b840fc0440737ee29ea2e8932413e4173
AddressSanitizer:DEADLYSIGNAL
=================================================================
==32232==ERROR: AddressSanitizer: SEGV on unknown address 0x62e100000d5f (pc 0x00000058097f bp 0x7ffbffffa630 sp 0x7ffbffffa5b0 T0)
==32232==The signal is caused by a READ memory access.
#0 0x58097f in image_setedges /src/trunk/xvidcore/build/generic/../../src/image/image.c:202:43
#1 0x5f4351 in decoder_pframe /src/trunk/xvidcore/build/generic/../../src/decoder.c:957:5
#2 0x5f13cb in decoder_decode /src/trunk/xvidcore/build/generic/../../src/decoder.c
#3 0x5529ce in xvid_decore /src/trunk/xvidcore/build/generic/../../src/xvid.c:853:10
#4 0x5508e5 in LLVMFuzzerTestOneInput /src/oss-fuzz-fuzzers/xvid/fuzzer.cpp:72:32
#5 0x4584b4 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:563:15
#6 0x443972 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:293:6
#7 0x4492e6 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:783:9
#8 0x472902 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
#9 0x7efbfe526b96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
#10 0x41e1a8 in _start (/home/daehee/masters/xvid/targets/xvid/docker/target.bin+0x41e1a8)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /src/trunk/xvidcore/build/generic/../../src/image/image.c:202:43 in image_setedges
==32232==ABORTING
cb6f986b840fc0440737ee29ea2e8932413e4173.zip
xvidlibfuzzer.zip
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.