Skip to content

Segfault on malformed zip files #514

Closed
@kwrobot

Description

@kwrobot

Original issue 406 created by Google Code user hanno@hboeck.de on 2015-02-07T23:04:41.000Z:

I'm attaching these all to one bug, although I'm not sure if this is all the same bug. All three attached files will cause a segfault in the function process_extra. But the call traces are different.
variant3 doesn't segfault without address sanitizer.

I've attached the crashing files and address sanitizer output. All found with american fuzzy lop.

See attachment: bsdtar-zip-crash-variant1.zip
See attachment: bsdtar-zip-crash-variant1.zip.asan.txt
See attachment: bsdtar-zip-crash-variant2.zip
See attachment: bsdtar-zip-crash-variant2.zip.asan.txt
See attachment: bsdtar-zip-crash-variant3.zip
See attachment: bsdtar-zip-crash-variant3.zip.asan.txt

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions