Bento4 Segmentation Fault and Memory Leak Vulnerabilities in Mp4Encrypt

A segmentation fault vulnerability has been identified in Bento4 version 1.6.0-641. This issue occurs in the 'Ap4Atom.cpp' file, specifically within the 'AP4_AtomParent::RemoveChild' function. The vulnerability is triggered when 'mp4encrypt' is executed with a specially crafted MP4 input file, leading to a segmentation fault and a crash. Additionally, this version of Bento4 also has a memory leak vulnerability in the 'Ap4Marlin.cpp' and 'Ap4Processor.cpp' files. This issue arises in the 'AP4_MarlinIpmpEncryptingProcessor::Initialize' and 'AP4_Processor::Process' functions, during the processing of MP4 files with similar crafted input. The memory leak vulnerability has been demonstrated to cause a significant amount of memory to be improperly released, according to the GitHub user k3ppf0r.

Impact

Exploitation of the segmentation fault vulnerability causes a crash, while the memory leak vulnerability leads to improper memory management, causing potential performance issues or exhaustion of system resources.

Reproduction

The segmentation fault vulnerability can be reproduced by running the 'mp4encrypt' application with the 'MARLIN-IPMP-ACBC' encryption method, using the crafted MP4 file 'encrypt-1' as input. This triggers a segmentation fault, as indicated by the AddressSanitizer error message, which shows a segmentation fault caused by a read memory access violation, with the address pointing to the zero page, a common indicator of a null pointer dereference. The memory leak vulnerability can be reproduced by the same 'mp4encrypt' command, but with the 'encrypt-2' file, which causes a memory leak of 793 bytes, as reported by the LeakSanitizer.