Program received signal SIGSEGV, Segmentation fault. at fbitstr_flush in bitstr.c #64
Description
Desctiption
When I used the bitstr_tell function to handle a specific input, a segmentation fault (SEGV) was triggered at fbitstr_flush in bitstr.c
Lines 321 to 335 in caade60
Lines 156 to 169 in caade60
Test Environment
Ubuntu 22.04.1, 64bit
ffjpeg(master caade60)
program source file
How to trigger
Download the poc file , program and run the following cmd:
$ ./bitstr_flush ./poc
Detail
GDB report
(gdb) r
Starting program: /data/ambrose/output/ffjpeg_temperature_test/ffjpeg_deepseek/crashes/bitstr.c/fbitstr_flush/bitstr_flush/bitstr_flush output/default/crashes/id:000000,sig:11,src:000000,time:25,execs:32,op:flip1,pos:0
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7c7f141 in __GI__IO_fflush (fp=0x156b2a0000005555) at ./libio/iofflush.c:39
39 ./libio/iofflush.c: No such file or directory.
(gdb) bt
#0 0x00007ffff7c7f141 in __GI__IO_fflush (fp=0x156b2a0000005555) at ./libio/iofflush.c:39
#1 0x000055555555599d in fbitstr_flush ()
#2 0x0000555555555eda in bitstr_flush ()
#3 0x0000555555555438 in main (argc=2, argv=0x7fffffffdc78)
at /home/ambrose/vsproject/HIMFuzz/harness/output/ffjpeg_deepseek/harness/code/bitstr.c/fbitstr_flush/bitstr_flush.c:40