Malformed ar file causes invalid read / stack underflow #511

Closed
kwrobot opened this Issue Apr 11, 2015 · 1 comment

Comments

Projects
None yet
1 participant
@kwrobot

kwrobot commented Apr 11, 2015

Original issue 403 created by Google Code user hanno@hboeck.de on 2015-02-07T11:14:08.000Z:

bsdtar -xf bsdtar-invalid-read-stack.a
will segfault.

Address Sanitizer trace:
==30882==ERROR: AddressSanitizer: stack-buffer-underflow on address 0x7ffff58ae12f at pc 0x4df51b bp 0x7ffff58ae0d0 sp 0x7ffff58ae0c0
READ of size 1 at 0x7ffff58ae12f thread T0
    #0 0x4df51a in _ar_read_header libarchive/archive_read_support_format_ar.c:242
    #1 0x4df51a in archive_read_format_ar_read_header libarchive/archive_read_support_format_ar.c:437
    #2 0x46c4d2 in _archive_read_next_header2 libarchive/archive_read.c:645
    #3 0x46c4d2 in _archive_read_next_header libarchive/archive_read.c:685
    #4 0x41b0b2 in read_archive tar/read.c:252
    #5 0x41d243 in tar_mode_x tar/read.c:104
    #6 0x40d78f in main tar/bsdtar.c:805
    #7 0x7fe341554f9f in __libc_start_main (/lib64/libc.so.6+0x1ff9f)
    #8 0x412d81 (/mnt/ram/libarchive/bsdtar+0x412d81)

Full asan output attached.

See attachment: bsdtar-invalid-read-stack.a
See attachment: bsdtar-invalid-read-stack.a.asan.txt

@kwrobot

This comment has been minimized.

Show comment
Hide comment
@kwrobot

kwrobot Apr 11, 2015

Comment #1 originally posted by kientzle on 2015-02-07T20:51:42.000Z:

I believe this is completely fixed in git commit 97f964e.

While I was looking at this code, I also tightened up some other error checks around filename parsing.

kwrobot commented Apr 11, 2015

Comment #1 originally posted by kientzle on 2015-02-07T20:51:42.000Z:

I believe this is completely fixed in git commit 97f964e.

While I was looking at this code, I also tightened up some other error checks around filename parsing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment