You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Just tested my code (the code uses ZipUtilities 1.9.0) using address sanitizer checkbox and find out a read access to wrong address.
Please see attached screenshot to get additional details.
The problem is next: the function uses array with length=pageSize, and it reads array element by buffer[pageSize] in for-loop below. I see it's just a read operations and it doesn't have a big impact, but I'm curious, could it be a reason for crash in production code without address sanitizer option?
.
The text was updated successfully, but these errors were encountered:
Can you indicate what file this is happening in? Also, can you run the same test on the latest in master to see if it reproduce with the freshest code?
The issue is preserved in latest master. And it is risen only with AddressSanitiser checkbox (without it everything is ok).
The key lines are in file NOZUnzipper.m:
444: size_t sizeToRead = sizeof(buffer);
461: for (off_t i = (off_t)(sizeToRead - 3); i >= 0; i--) {
462: if (buffer[i + 3] == sig[3]) {
So the code tries to read buffer[sizeof(buffer)] in last line. As result it leads to out of range error.
The possible solution is starting for-loop from i=(off_t)(sizeToRead - 2). But I am not sure about possible side effects.
it was an off by 1 error (like you pointed out) but I needed "sizeToRead - 4" instead of "sizeToRead - 3". "sizeToRead - 2" would have just hit the same issue twice :)
Hi guys,
Just tested my code (the code uses ZipUtilities 1.9.0) using address sanitizer checkbox and find out a read access to wrong address.
Please see attached screenshot to get additional details.
The problem is next: the function uses array with length=pageSize, and it reads array element by buffer[pageSize] in for-loop below. I see it's just a read operations and it doesn't have a big impact, but I'm curious, could it be a reason for crash in production code without address sanitizer option?
.
The text was updated successfully, but these errors were encountered: