Cythzzzz

processConstraints函数中无法获取ConditionKSet

3

processConstraints()中只传入了inOutEnv，当conditionVarnode是tmp变量时，无法从inOutEnv中获取相应的值集。或许应该把tmpEnv传进函数，然后调用KSet conditionKSet = getKSet(conditionVarnode,inOutEnv,tmpEnv,pcode);？

[POC](https://github.com/CythZ/fuzzpoc/raw/main/poc-gpac-mergetrack) **Description:** heap-buffer-overflow in function MergeTrack; ```c for (i = 0; i < saiz->sample_count; i++) { GF_CENCSampleAuxInfo *sai; const u8 *key_info=NULL; u32 key_info_size, samp_num; u64 cur_position; if (nb_saio != 1)...