Closed
Description
Original issue 407 created by Google Code user hanno@hboeck.de on 2015-02-09T00:21:38.000Z:
One more malformed tar file that causes an invalid memory access in bsdtar (latest git):
==3220==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60300000e9ac at pc 0x742282 bp 0x7fff35ba0fd0 sp 0x7fff35ba0fc0
READ of size 4 at 0x60300000e9ac thread T0
#0 0x742281 in archive_read_format_tar_read_header libarchive/archive_read_support_format_tar.c:520
#1 0x4b3c63 in _archive_read_next_header2 libarchive/archive_read.c:645
#2 0x4b3c63 in _archive_read_next_header libarchive/archive_read.c:685
#3 0x42a29a in read_archive tar/read.c:252
#4 0x42d6d2 in tar_mode_x tar/read.c:104
#5 0x414a3f in main tar/bsdtar.c:805
#6 0x7fdaeb660f9f in __libc_start_main (/lib64/libc.so.6+0x1ff9f)
#7 0x41a5cd (/mnt/ram/libarchive/bsdtar+0x41a5cd)
See attachment: tar-heap-overflow.tar
See attachment: tar-heap-overflow.tar.asan.txt