You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Stack-buffer-overflow was discovered in unzzip_cat_file function in src/bins/unzzipcat-zip.c, as distributed in zziplib 0.13.69. A crafted Compressed file can cause segment faults and I have confirmed them with address sanitizer too.
Here are the POC files. Please use "./unzzip $POC" to reproduce the error. POC.zip
Hi, there.
Stack-buffer-overflow was discovered in unzzip_cat_file function in src/bins/unzzipcat-zip.c, as distributed in zziplib 0.13.69. A crafted Compressed file can cause segment faults and I have confirmed them with address sanitizer too.
Here are the POC files. Please use "./unzzip $POC" to reproduce the error.
POC.zip
git log
commit b7747bc40a66ccdfa4860957e989db6dd8f0eb92
The ASAN dumps the stack trace as follows:
The text was updated successfully, but these errors were encountered: