<p>There is no fixed version for <code>GPAC4iOS</code>.</p>

Buffer Overflow Affecting gpac4ios package, versions >=0.0.0

Snyk CVSS

Attack Complexity Low

Availability High

Threat Intelligence

EPSS 0.16% (52^nd percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-COCOAPODS-GPAC4IOS-1567337
published 19 Aug 2021
disclosed 19 Aug 2021
credit Cisco Talos

Report a new vulnerability Found a mistake?

Introduced: 19 Aug 2021

CVE-2021-21854 Open this link in a new tab CWE-119 Open this link in a new tab CWE-120 Open this link in a new tab

How to fix?

There is no fixed version for GPAC4iOS.

Overview

GPAC4iOS is a GPAC4iOS is the libgpac library packaged for iOS as a Pod. It is preconfigured and tested to do a single task: create a MP4 file from a raw H.264 and an audio track.

Affected versions of this package are vulnerable to Buffer Overflow. When parsing an atom with the rtp FOURCC code when its parent atom is using the hnti FOURCC code, the following function will be used. This function take the 64-bit size for the atom, and then truncate it to a 32-bit integer at line 19. This size will then be used to allocate memory at line 20 after adding 1 to it. When the 32-bit size is set to UINT_MAX, this addition will result in an integer overflow. As this length is then passed to the gf_malloc function, a zero-sized buffer will be allocated. Later at line 21, the library will then use the 32-bit length prior to the addition of 1, and then read data from the input into the undersized buffer. This and the null termination will write outside the bounds of the undersized buffer, corrupting memory due to a buffer overflow and a relative write.

References

Talos Vulnerability Report