New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
malformed cab segfaults bsdtar #505
Comments
|
Comment #1 originally posted by kientzle on 2015-02-07T07:29:44.000Z: |
|
Some header fields are not checked which could prevent this crash Additionally
http://download.microsoft.com/download/4/D/A/4DA14F27-B4EF-4170-A6E6-5B1EF85B1BAA/[MS-CAB].pdf The real problem though is that the filename in the cabinet is set to 0x97. This single character is not a valid utf8 character and therefore the conversion fails. A possibility would be to return something like "INVALID FILENAME" as filename if the original filename is not properly formatted. |
|
Deferring further work on this to 3.2.1. |
|
According to https://security-tracker.debian.org/tracker/CVE-2015-8917 this is a security issue with ID CVE-2015-8917. I tested and it affect version 3.1.2 too. |
|
@dosomder @petterreinholdtsen @kientzle this issue seems to be fixed, I cannot reproduce with the provided archive (without the protected tar of course) |
Original issue 397 created by Google Code user
hanno@hboeck.deon 2015-02-03T03:55:02.000Z:See attachment: segf.cab
See attachment: segf.cab.asan.txt
See attachment: segf.cab.valgrind.log
The text was updated successfully, but these errors were encountered: