CVE-2022-3957 - Memory Leak Vulnerability Found in GPAC's SVG Parser Function svg_parse_preserveaspectratio

A problematic vulnerability, classified as CVE-2022-3957, has been identified in GPAC, a popular multimedia framework designed for research and academic purposes. Specifically, this vulnerability affects the function svg_parse_preserveaspectratio within the scenegraph/svg_attributes.c file and its SVG Parser component. The attack, resulting in a memory leak, can be conducted remotely by an attacker. This post will provide an overview of the exploit, relevant code snippets, and links to the original references, along with details on the recommended patch to resolve this issue.

Exploit Details

The vulnerability lies in the improper handling of input data, leading to a memory leak in the affected function. Consequently, it allows a remote attacker to cause a denial of service (DoS) by utilizing malicious SVG files.

The associated vulnerability database (VDB) identifier for this issue is VDB-213463.

Code Snippet

The affected function svg_parse_preserveaspectratio can be found in the scenegraph/svg_attributes.c file:

u32 svg_parse_preserveaspectratio(GF_SceneGraph *sg, const char *attribute, SVG_PreserveAspectRatio **prop_value)
{
    char szVal[1024];
    char *data;
    SVG_PreserveAspectRatio *tmp;

    if (!attribute) {
        *prop_value = NULL;
        return ;
    }

    tmp = (SVG_PreserveAspectRatio *) gf_sg_vrml_field_pointer_new(GF_SG_VRML_SFBOOL);
    strcpy(szVal, attribute);
    data = szVal;
    /*parse code here */

    *prop_value = tmp;
    return 1;
}

For more details, you can refer to the original sources of information regarding this vulnerability

1. GPAC's GitHub Repository
2. VDB-213463 Entry

Patch

The developers of GPAC have provided a patch with the name 2191e66aa7df750e8ef01781b193bea87b713bb to address this vulnerability. It is highly recommended to apply the patch to resolve the memory leak issue in the SVG Parser component. The patch can be applied by following the guidelines provided on the GPAC repository's update page.

Conclusion

In conclusion, CVE-2022-3957 is a significant memory leak vulnerability affecting the svg_parse_preserveaspectratio function within the scenegraph/svg_attributes.c file of the GPAC software. This issue allows remote attackers to exploit the vulnerability and cause a denial of service through malicious SVG files. It is strongly recommended to apply the patch 2191e66aa7df750e8ef01781b193bea87b713bb provided by the GPAC developers to mitigate this vulnerability and protect against potential exploitation.

Timeline

Published on: 11/11/2022 16:15:00 UTC
Last modified on: 05/27/2023 04:15:00 UTC