Enviar #736541: gpac v2.4.0 NULL Pointer Dereferenceinformación

Títulogpac v2.4.0 NULL Pointer Dereference
DescripciónA NULL pointer dereference vulnerability exists in the gf_media_export_webvtt_metadata() function in src/media_tools/media_export.c. When processing a crafted MP4 file containing a track whose handler box (hdlr) has no name field, the handler pointer (nameUTF8) is NULL and is passed directly to gf_fprintf() with the %s format specifier, resulting in undefined behavior.
Fuente⚠️ https://github.com/gpac/gpac/issues/3428
Usuario
 Kery Qi (UID 94424)
Sumisión2026-01-12 13:47 (hace 3 meses)
Moderación2026-01-25 10:53 (13 days later)
EstadoAceptado
Entrada de VulDB342804 [GPAC hasta 2.4.0 media_export.c gf_media_export_webvtt_metadata Nombre denegación de servicio]
Puntos19

AnteriorVisión De ConjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!