Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Malformed ar file causes invalid read / stack underflow #511

kwrobot opened this issue Apr 11, 2015 · 1 comment


None yet
1 participant
Copy link

commented Apr 11, 2015

Original issue 403 created by Google Code user on 2015-02-07T11:14:08.000Z:

bsdtar -xf bsdtar-invalid-read-stack.a
will segfault.

Address Sanitizer trace:
==30882==ERROR: AddressSanitizer: stack-buffer-underflow on address 0x7ffff58ae12f at pc 0x4df51b bp 0x7ffff58ae0d0 sp 0x7ffff58ae0c0
READ of size 1 at 0x7ffff58ae12f thread T0
    #0 0x4df51a in _ar_read_header libarchive/archive_read_support_format_ar.c:242
    #1 0x4df51a in archive_read_format_ar_read_header libarchive/archive_read_support_format_ar.c:437
    #2 0x46c4d2 in _archive_read_next_header2 libarchive/archive_read.c:645
    #3 0x46c4d2 in _archive_read_next_header libarchive/archive_read.c:685
    #4 0x41b0b2 in read_archive tar/read.c:252
    #5 0x41d243 in tar_mode_x tar/read.c:104
    #6 0x40d78f in main tar/bsdtar.c:805
    #7 0x7fe341554f9f in __libc_start_main (/lib64/
    #8 0x412d81 (/mnt/ram/libarchive/bsdtar+0x412d81)

Full asan output attached.

See attachment: bsdtar-invalid-read-stack.a
See attachment: bsdtar-invalid-read-stack.a.asan.txt


This comment has been minimized.

Copy link

commented Apr 11, 2015

Comment #1 originally posted by kientzle on 2015-02-07T20:51:42.000Z:

I believe this is completely fixed in git commit 97f964e.

While I was looking at this code, I also tightened up some other error checks around filename parsing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.