[oss-fuzz 6375667064438784] short busyloop, then leak in webvtt
Ref:
- https://oss-fuzz.com/testcase-detail/6375667064438784
- https://oss-fuzz.com/testcase-detail/6087372602408960
xeon ~/work/git/vlc/build-asan $ V=2 VLC_TARGET=webvtt ./test/vlc-demux-dec-run /home/tom/Downloads/clusterfuzz-testcase-vlc-demux-dec-libfuzzer-webvtt-6375667064438784
[000050d000000040] main libvlc debug: VLC media player - 4.0.0-dev Otto Chriek
[000050d000000040] main libvlc debug: Copyright © 1996-2025 the VideoLAN team
[000050d000000040] main libvlc debug: revision 4.0.0-dev-34647-ga89e30a4d2c
[000050d000000040] main libvlc debug: configured with ../configure '--disable-nls' '--prefix=/home/tom/work/out/' '--disable-optimizations' '--with-sanitizer=address' '--disable-spatialaudio' '--disable-nvdec' '--disable-qt' '--disable-smb2' '--disable-sout' 'CFLAGS=-g -Og' 'LDFLAGS=-lasan' 'CXXFLAGS=-g -Og' 'PKG_CONFIG_PATH=/home/tom/work/out/lib/pkgconfig:/home/tom/work/out/lib/x86_64-linux-gnu/pkgconfig'
[000050d000000040] main libvlc debug: searching plug-in modules
[000050d000000040] main libvlc debug: loading plugins cache file /home/tom/work/git/vlc/build-asan/src/.libs/vlc/plugins/plugins.dat
[000050d000000040] main libvlc warning: cannot read /home/tom/work/git/vlc/build-asan/src/.libs/vlc/plugins/plugins.dat: No such file or directory
[000050d000000040] main libvlc debug: recursively browsing `/home/tom/work/git/vlc/build-asan/src/.libs/vlc/plugins'
[000050d000000040] main libvlc debug: loading plugins cache file /home/tom/work/git/vlc/build-asan/modules/plugins.dat
[000050d000000040] main libvlc debug: recursively browsing `/home/tom/work/git/vlc/build-asan/modules'
[000050d000000040] main libvlc debug: plug-ins loaded: 605 modules
[00007f0af3373960] main generic debug: looking for logger module matching "any": 4 candidates
[00007f0af3373960] main generic debug: using logger module "console"
[00007f0af3378560] main generic debug: looking for tracer module matching "none": 0 candidates
[00007f0af3378560] main generic debug: no tracer modules matched with name none
[000050d000000040] main libvlc debug: translation test: code is "C"
[00007f0af3378660] main generic debug: looking for keystore module matching "memory": 1 candidates
[00007f0af3378660] main generic debug: using keystore module "memory"
[000050d000000040] main libvlc debug: CPU has capabilities SSE2 SSE3 SSSE3 SSE4.1 AVX AVX2 FPU
[0000511000007200] main access debug: creating access: file:///home/tom/Downloads/clusterfuzz-testcase-vlc-demux-dec-libfuzzer-webvtt-6375667064438784
[0000511000007200] main access debug: (path: /home/tom/Downloads/clusterfuzz-testcase-vlc-demux-dec-libfuzzer-webvtt-6375667064438784)
[00007f0af3379460] main generic debug: looking for access module matching "file": 4 candidates
[00007f0af3379460] main generic debug: using access module "filesystem"
[0000511000007200] main access debug: creating demux "webvtt", URL: vlc://nop, path: (null)
[00007f0af3380c60] main generic debug: looking for demux module matching "webvtt": 2 candidates
[00007f0af3383860] main generic debug: looking for spu packetizer module matching "any": 4 candidates
[00007f0af3383860] main generic debug: using spu packetizer module "copy"
[00007f0af3387c60] main generic debug: looking for spu decoder module matching "any": 20 candidates
[00007f0af3387c60] main generic debug: using spu decoder module "webvtt"
[00007f0af3380c60] main generic debug: using demux module "webvtt"
[0000511000007ac0] main demux debug: removing "demux" module "webvtt"
[0000511000007200] main access debug: removing "access" module "filesystem"
[0000516000008480] main generic debug: removing "spu packetizer" module "copy"
[0000516000008780] main generic debug: removing "spu decoder" module "webvtt"
[000050d000000040] main libvlc debug: exiting
[000050d000000040] main libvlc debug: no exit handler
[000050d000000040] main libvlc debug: removing all interfaces
[0000506000046280] main keystore debug: removing "keystore" module "memory"
=================================================================
==1794005==ERROR: LeakSanitizer: detected memory leaks
Indirect leak of 128 byte(s) in 2 object(s) allocated from:
#0 0x7f0af5cf4610 in calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:77
#1 0x7f0af2f13872 in webvtt_dom_tag_New ../../modules/codec/webvtt/subsvtt.c:520
#2 0x7f0af2f153ba in CreateDomNodes ../../modules/codec/webvtt/subsvtt.c:1287
#3 0x7f0af2f158a9 in ProcessCue ../../modules/codec/webvtt/subsvtt.c:1354
#4 0x7f0af2f162e1 in ProcessISOBMFF ../../modules/codec/webvtt/subsvtt.c:1993
#5 0x7f0af2f1bf56 in DecodeBlock ../../modules/codec/webvtt/subsvtt.c:2166
#6 0x55695ec27710 in test_decoder_process ../../test/src/input/decoder.c:253
#7 0x55695ec25b8f in EsOutSend ../../test/src/input/demux-run.c:115
#8 0x7f0af2f2004e in es_out_Send ../../include/vlc_es_out.h:157
#9 0x7f0af2f2004e in Demux ../../modules/demux/webvtt.c:584
#10 0x7f0af5717867 in demux_Demux ../../src/input/demux.c:223
#11 0x55695ec26425 in demux_process_stream ../../test/src/input/demux-run.c:312
#12 0x55695ec266e4 in vlc_demux_process_url ../../test/src/input/demux-run.c:354
#13 0x55695ec26783 in vlc_demux_process_path ../../test/src/input/demux-run.c:368
#14 0x55695ec25569 in main ../../test/vlc-demux-run.c:50
#15 0x7f0af5433ca7 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Indirect leak of 32 byte(s) in 1 object(s) allocated from:
#0 0x7f0af5cf4610 in calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:77
#1 0x7f0af2f1380a in webvtt_dom_text_New ../../modules/codec/webvtt/subsvtt.c:509
#2 0x7f0af2f15127 in CreateDomNodes ../../modules/codec/webvtt/subsvtt.c:1275
#3 0x7f0af2f158a9 in ProcessCue ../../modules/codec/webvtt/subsvtt.c:1354
#4 0x7f0af2f162e1 in ProcessISOBMFF ../../modules/codec/webvtt/subsvtt.c:1993
#5 0x7f0af2f1bf56 in DecodeBlock ../../modules/codec/webvtt/subsvtt.c:2166
#6 0x55695ec27710 in test_decoder_process ../../test/src/input/decoder.c:253
#7 0x55695ec25b8f in EsOutSend ../../test/src/input/demux-run.c:115
#8 0x7f0af2f2004e in es_out_Send ../../include/vlc_es_out.h:157
#9 0x7f0af2f2004e in Demux ../../modules/demux/webvtt.c:584
#10 0x7f0af5717867 in demux_Demux ../../src/input/demux.c:223
#11 0x55695ec26425 in demux_process_stream ../../test/src/input/demux-run.c:312
#12 0x55695ec266e4 in vlc_demux_process_url ../../test/src/input/demux-run.c:354
#13 0x55695ec26783 in vlc_demux_process_path ../../test/src/input/demux-run.c:368
#14 0x55695ec25569 in main ../../test/vlc-demux-run.c:50
#15 0x7f0af5433ca7 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Indirect leak of 5 byte(s) in 1 object(s) allocated from:
#0 0x7f0af5cf4c57 in malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x7f0af5c7e6ed in strndup ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:416
#2 0x7f0af2f14f8d in NDuplicateUnescaped ../../modules/codec/webvtt/subsvtt.c:1246
#3 0x7f0af2f154b8 in CreateDomNodes ../../modules/codec/webvtt/subsvtt.c:1295
#4 0x7f0af2f158a9 in ProcessCue ../../modules/codec/webvtt/subsvtt.c:1354
#5 0x7f0af2f162e1 in ProcessISOBMFF ../../modules/codec/webvtt/subsvtt.c:1993
#6 0x7f0af2f1bf56 in DecodeBlock ../../modules/codec/webvtt/subsvtt.c:2166
#7 0x55695ec27710 in test_decoder_process ../../test/src/input/decoder.c:253
#8 0x55695ec25b8f in EsOutSend ../../test/src/input/demux-run.c:115
#9 0x7f0af2f2004e in es_out_Send ../../include/vlc_es_out.h:157
#10 0x7f0af2f2004e in Demux ../../modules/demux/webvtt.c:584
#11 0x7f0af5717867 in demux_Demux ../../src/input/demux.c:223
#12 0x55695ec26425 in demux_process_stream ../../test/src/input/demux-run.c:312
#13 0x55695ec266e4 in vlc_demux_process_url ../../test/src/input/demux-run.c:354
#14 0x55695ec26783 in vlc_demux_process_path ../../test/src/input/demux-run.c:368
#15 0x55695ec25569 in main ../../test/vlc-demux-run.c:50
#16 0x7f0af5433ca7 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Indirect leak of 3 byte(s) in 1 object(s) allocated from:
#0 0x7f0af5cf4c57 in malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x7f0af5c7e6ed in strndup ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:416
#2 0x7f0af2f14f8d in NDuplicateUnescaped ../../modules/codec/webvtt/subsvtt.c:1246
#3 0x7f0af2f15151 in CreateDomNodes ../../modules/codec/webvtt/subsvtt.c:1278
#4 0x7f0af2f158a9 in ProcessCue ../../modules/codec/webvtt/subsvtt.c:1354
#5 0x7f0af2f162e1 in ProcessISOBMFF ../../modules/codec/webvtt/subsvtt.c:1993
#6 0x7f0af2f1bf56 in DecodeBlock ../../modules/codec/webvtt/subsvtt.c:2166
#7 0x55695ec27710 in test_decoder_process ../../test/src/input/decoder.c:253
#8 0x55695ec25b8f in EsOutSend ../../test/src/input/demux-run.c:115
#9 0x7f0af2f2004e in es_out_Send ../../include/vlc_es_out.h:157
#10 0x7f0af2f2004e in Demux ../../modules/demux/webvtt.c:584
#11 0x7f0af5717867 in demux_Demux ../../src/input/demux.c:223
#12 0x55695ec26425 in demux_process_stream ../../test/src/input/demux-run.c:312
#13 0x55695ec266e4 in vlc_demux_process_url ../../test/src/input/demux-run.c:354
#14 0x55695ec26783 in vlc_demux_process_path ../../test/src/input/demux-run.c:368
#15 0x55695ec25569 in main ../../test/vlc-demux-run.c:50
#16 0x7f0af5433ca7 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Indirect leak of 3 byte(s) in 2 object(s) allocated from:
#0 0x7f0af5cf4c57 in malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x7f0af5c7e6ed in strndup ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:416
#2 0x7f0af2f14f8d in NDuplicateUnescaped ../../modules/codec/webvtt/subsvtt.c:1246
#3 0x7f0af2f15425 in CreateDomNodes ../../modules/codec/webvtt/subsvtt.c:1293
#4 0x7f0af2f158a9 in ProcessCue ../../modules/codec/webvtt/subsvtt.c:1354
#5 0x7f0af2f162e1 in ProcessISOBMFF ../../modules/codec/webvtt/subsvtt.c:1993
#6 0x7f0af2f1bf56 in DecodeBlock ../../modules/codec/webvtt/subsvtt.c:2166
#7 0x55695ec27710 in test_decoder_process ../../test/src/input/decoder.c:253
#8 0x55695ec25b8f in EsOutSend ../../test/src/input/demux-run.c:115
#9 0x7f0af2f2004e in es_out_Send ../../include/vlc_es_out.h:157
#10 0x7f0af2f2004e in Demux ../../modules/demux/webvtt.c:584
#11 0x7f0af5717867 in demux_Demux ../../src/input/demux.c:223
#12 0x55695ec26425 in demux_process_stream ../../test/src/input/demux-run.c:312
#13 0x55695ec266e4 in vlc_demux_process_url ../../test/src/input/demux-run.c:354
#14 0x55695ec26783 in vlc_demux_process_path ../../test/src/input/demux-run.c:368
#15 0x55695ec25569 in main ../../test/vlc-demux-run.c:50
#16 0x7f0af5433ca7 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
SUMMARY: AddressSanitizer: 171 byte(s) leaked in 7 allocation(s).Samples:
Edited by Thomas Guillem