NULL Pointer Dereference in gain_file() at wav_gain.c:33

Question

NULL Pointer Dereference in gain_file() at wav_gain.c:33

Marsman1996 opened this issue 5 years ago · 0 comments

Marsman1996 commented 5 years ago

Tested in Ubuntu 14.04, 64bit, libwav (master 5cc8746)

Triggered by
$ ./wav_gain $POC /dev/null

POC file:
https://github.com/Marsman1996/pocs/blob/master/libwav/poc18-gain_file-SEGV

ASAN info:

ASAN:SIGSEGV
=================================================================
==21704== ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7faf08a8ce02 sp 0x7ffc93c70b50 bp 0xac4400020001 T0)
AddressSanitizer can not provide additional info.
    #0 0x7faf08a8ce01 (/usr/lib/x86_64-linux-gnu/libasan.so.0+0x7e01)
    #1 0x7faf08a9a367 (/usr/lib/x86_64-linux-gnu/libasan.so.0+0x15367)
    #2 0x400d80 in gain_file /home/aota10/MARS_fuzzcompare/test/wav_gain/build_asan/wav_gain.c:33
    #3 0x400d80 in main /home/aota10/MARS_fuzzcompare/test/wav_gain/build_asan/wav_gain.c:43
    #4 0x7faf086ddf44 (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)
    #5 0x400e24 in _start (/home/aota10/MARS_fuzzcompare/test/wav_gain/bin_asan/bin/wav_gain+0x400e24)
SUMMARY: AddressSanitizer: SEGV ??:0 ??
==21704== ABORTING