Use of uninitialised value in function DtsCheckSync()

Previous title: Segmentation fault in function DtsCheckSync()

Describe the bug

We found a SEGV caused by a use-of-uninitialised-value bug in function DtsCheckSync() after testing one of the harnesses provided on the OSS-Fuzz repository (vlc-demux-dec-libfuzzer).

To Reproduce

In the attached archive you will find:

the executable on which we performed our tests
the input file that caused the bug
the output of Valgrind as additional info

To reproduce the errors, simply run the given binary with the testcase files with a command like ./vlc-demux-dec-libfuzzer /path_to_testcases/input

The program has been tested on the standard Docker image provided on OSS-Fuzz using Ubuntu 20.04, providing AFL++ as fuzzing engine and build flag --sanitizer=none.

The hash commit used to perform the tests is fb18df8.

Environment

OS: Linux
Version/Distribution: Ubuntu 20.04
Architecture: x86_64

Edited Sep 11, 2024 by Thomas Guillem

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information