Segfault on malformed zip files #514

Closed
kwrobot opened this Issue Apr 11, 2015 · 1 comment

Comments

Projects
None yet
1 participant
@kwrobot

kwrobot commented Apr 11, 2015

Original issue 406 created by Google Code user hanno@hboeck.de on 2015-02-07T23:04:41.000Z:

I'm attaching these all to one bug, although I'm not sure if this is all the same bug. All three attached files will cause a segfault in the function process_extra. But the call traces are different.
variant3 doesn't segfault without address sanitizer.

I've attached the crashing files and address sanitizer output. All found with american fuzzy lop.

See attachment: bsdtar-zip-crash-variant1.zip
See attachment: bsdtar-zip-crash-variant1.zip.asan.txt
See attachment: bsdtar-zip-crash-variant2.zip
See attachment: bsdtar-zip-crash-variant2.zip.asan.txt
See attachment: bsdtar-zip-crash-variant3.zip
See attachment: bsdtar-zip-crash-variant3.zip.asan.txt

@kwrobot

This comment has been minimized.

Show comment
Hide comment
@kwrobot

kwrobot Apr 11, 2015

Comment #1 originally posted by kientzle on 2015-02-08T20:51:59.000Z:

I believe this is completely fixed in git commit 9e0689c

Thank you again for your help!

kwrobot commented Apr 11, 2015

Comment #1 originally posted by kientzle on 2015-02-08T20:51:59.000Z:

I believe this is completely fixed in git commit 9e0689c

Thank you again for your help!

@kwrobot kwrobot closed this Apr 11, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment