New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A crafted bz3 archive hangs the process #95
Comments
|
Will take a look later. |
|
Hangs in |
|
Based on the statement here IlyaGrebnov/libsais#13 (comment) can you clarify if this is an issue in bzip3 and if bfa5bf8 is the fix? |
|
Yes. There was an extra I/O issue that needed addressing in 56c24ca. |
|
This issue was assigned CVE-2023-29415. (I did not assign the CVE, I just noticed it while triaging new CVEs.) |
|
@stevebeattie The CVE description is just plain wrong:
The libsais documentation never states that it expects a zeroed temporary array. |
|
I agree. Looking at the (bottom of the) NVD page it seems it was allocated by MITRE, likely from a submission through their webform. You can request to update the description through the same form (though as a piece of advice, keep a record for yourself of what you send them as their ticketing response does not send you a copy of what you submitted, and there can be a delay on when they respond to you). |
|
https://www.cve.org/CVERecord?id=CVE-2023-29417 is also hilarious to me, as Because it appears to me that these two CVEs were filed with more attention seeking and less reasonable thinking, I think that I will not bother to ask for them to be updated, because everyone who knows C to some extent and bothers to read libsais documentation will know that they're plain invalid. |
Hello,
the attached testcase is able to hang the process:
I can reproduce the issue on both v1.2.2 and v1.2.2.r21-ge17c8da (e17c8da)
I can also reproduce with a binary not compiled with Asan.
To reproduce:
Testcase:
4.crashes.bz3.zip
The text was updated successfully, but these errors were encountered: