New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
There are memory leaks in zziplib <=v0.13.69 which is trigged in __zzip_parse_root_directory(in zzip/zip.c:427) #58
Comments
|
This was assigned CVE-2018-16548 |
|
I seem to be unable to reproduce the issue with the latest sources. Maybe the bug is already fixed? There IS a free(dir->hdr0) in zzip_dir_free()! |
|
I tried with valgrind and it says(latest sources and old version) You can try again with the code I post above,and input file https://github.com/Kingkingyoung/fuzz_test/blob/poc/zzip-memory-leak |
|
Valgrind said 'a memory error detector' as you post. |
|
Yes, it was early morning ;-) |
|
@jmoellers are those the complete commits, to fix the reported issue? |
|
On 04.10.2018 23:14, carnil wrote:
@jmoellers <https://github.com/jmoellers> are those the complete
commits, to fix the reported issue?
0e1dadb
<0e1dadb>,
d2e5d5c
<d2e5d5c>
and 9411bde
<9411bde>
Yes.
Josef
|
Ack, thanks for confirming. Possibly so this issue can be closed. |
There are memory leaks in zziplib <=v0.13.69 which is trigged in __zzip_parse_root_directory(in zzip/zip.c:427)
I wrote a demo based on the documentation.
when i use https://github.com/Kingkingyoung/fuzz_test/blob/poc/zzip-memory-leak
memory leak happened
It seems hdr0(zzip/zip.c:427) doesn't free correctly in some cases.
The text was updated successfully, but these errors were encountered: