rust-ffmpeg Null Pointer Dereference Vulnerability in Input Constructor Allows Denial-of-Service

A null pointer dereference vulnerability has been identified in rust-ffmpeg version 0.3.0 (after commit 5ac0527). This vulnerability arises in the input() constructor function, where a failure in the avio_alloc_context() call is not properly handled. When avio_alloc_context() returns NULL, this NULL pointer is stored and later dereferenced by the Io struct's Drop implementation, leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes an immediate denial-of-service condition by crashing the program when the Io object is dropped, due to the NULL pointer being dereferenced.

Reproduction

The vulnerability can be reproduced by creating an Io object using the input() method with a value that triggers avio_alloc_context() to return NULL, such as a memory-exhausting condition. This can be done by, for example, allocating a large amount of memory until the system is low on resources, and then calling the input() method with a value that would normally be valid but is now in a resource-constrained environment.

Remediation

The input() method should be modified to check the return value of avio_alloc_context() for NULL before storing the pointer in the Io struct. If NULL is returned, the method should handle the error appropriately, such as by returning a Result indicating the failure.