Many crashes found in Bento4 through fuzzing

[40ngx]

Hello, I was recently using afl++ to test the latest version of Bento4 and found a lot of crashes. They come from different tools, and some require specified parameters to trigger. The summary report of AddressSanitizer is as follows. One of them is considered exploitable by casr.

heap-buffer-overflow(read): /root/fuzzing_Bento4/Bento4/Source/C++/Codecs/Ap4Mp4AudioInfo.cpp:66:56
heap-buffer-overflow(write): /root/fuzzing_Bento4/Bento4/Source/C++/Core/Ap4ByteStream.cpp:785:5（ casrep: EXPLOITABLE:）
heap-buffer-overflow(read): /root/fuzzing_Bento4/Bento4/Source/C++/Core/Ap4Utils.h:114:22
heap-buffer-overflow(read): /root/fuzzing_Bento4/Bento4/Source/C++/Apps/Mp4Info/Mp4Info.cpp:1196:17
heap-buffer-overflow(read): /root/fuzzing_Bento4/Bento4/Source/C++/Codecs/Ap4BitStream.cpp:133:9
SourceAvNearNull: /root/fuzzing_Bento4/Bento4/Source/C++/Core/Ap4MovieFragment.cpp
SourceAv: /root/fuzzing_Bento4/Bento4/Source/C++/Core/Ap4TrunAtom.h:80:80
SourceAvNearNull: /root/fuzzing_Bento4/Bento4/Source/C++/Core/Ap4Atom.cpp:567:16
SourceAvNearNull: /root/fuzzing_Bento4/Bento4/Source/C++/Core/Ap4Processor.cpp:192:56
SourceAvNearNull: /root/fuzzing_Bento4/Bento4/Source/C++/Core/Ap4Processor.cpp:211:56

Detailed casr reports and poc here:https://github.com/40ngx/Bento4-report