Fixed
Status Update
Comments
vi...@google.com <vi...@google.com> #2
We’ve shared this with our product and engineering teams and will continue to provide updates as more information becomes available.
No update yet.
We’ve shared this with our product and engineering teams and will continue to provide updates as more information becomes available.
Description
short description
There is a memcpy-param-overlap in function impeg2_mc_fullx_fully_8x8 in the libmpeg2, can be triggered via mpeg2_dec_fuzzer (oss-fuzz driver) + ASan
A security Bug?
Yes, a denial of service
how to reproduce
Compile the libmpeg2using the instruction with sanitizer, and build corresponding fuzzer, run mpeg2_dec_fuzzer via command ./mpeg2_dec_fuzzer $POC
ASan output
what should happen
It should run normally
Environment
Ubuntu 21.10 clang 13.0.0-2 libmpeg latest commit 33be8ea9ce8f051f52240f931644a14e23ccedb4
POC
As shown in the attachment.