Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
zstd crashes on decoding invalid archives #11
Hi. It seems that zstd will read illegal pointers and crash when presented with mangled archives. Here's one such example file (GitHub doesn't allow binary attachments, so I'm providing a hex dump):
Here's what gdb has to say about this problem:
This is with zstd as of commit 00f9507; the crash is located over here. The problem is that
Not completely though. Here's another example file:
If you'll run
BTW, I'm using this fuzzer to find these crashes; I fully recommend you to use it too.
added a commit
Aug 24, 2015
Thanks for the link. AFL is really an excellent fuzzer tool.
After a few hours, it did not found any new bug, so I guess we are starting to see a relatively robust release ...