Closed
Description
Original issue 406 created by Google Code user hanno@hboeck.de on 2015-02-07T23:04:41.000Z:
I'm attaching these all to one bug, although I'm not sure if this is all the same bug. All three attached files will cause a segfault in the function process_extra. But the call traces are different.
variant3 doesn't segfault without address sanitizer.
I've attached the crashing files and address sanitizer output. All found with american fuzzy lop.
See attachment: bsdtar-zip-crash-variant1.zip
See attachment: bsdtar-zip-crash-variant1.zip.asan.txt
See attachment: bsdtar-zip-crash-variant2.zip
See attachment: bsdtar-zip-crash-variant2.zip.asan.txt
See attachment: bsdtar-zip-crash-variant3.zip
See attachment: bsdtar-zip-crash-variant3.zip.asan.txt