GPAC Buffer Overflow Vulnerability in SVG Parser Leading to Denial-of-Service

A buffer overflow vulnerability has been identified in GPAC, specifically in the SVG parsing functionality. This issue is present in versions prior to the commit that addresses it. The vulnerability allows an attacker to cause a denial-of-service by crafting a specific SVG file that, when processed by the GPAC SVG parser, leads to a heap-buffer-overflow. This out-of-bounds read can be exploited, causing a crash in the application.

Impact

Exploitation of this vulnerability causes a heap-buffer-overflow, leading to a crash of the GPAC application. Such heap-overflow vulnerabilities can often be exploited to execute arbitrary code under certain conditions.

Reproduction

The vulnerability can be reproduced by using a crafted SVG file with the GPAC SVG parser. This can be done by building GPAC with the AddressSanitizer enabled, which will detect the heap-buffer-overflow when the crafted SVG file is parsed. The issue can be reproduced using the file-based SVG loader path, which is the normal method for loading SVG files in GPAC.

Remediation

Users can update to the latest version of GPAC, where this vulnerability has been fixed.