Skip to content

malformed tar file causes heap read overflow #515

Closed
@kwrobot

Description

@kwrobot

Original issue 407 created by Google Code user hanno@hboeck.de on 2015-02-09T00:21:38.000Z:

One more malformed tar file that causes an invalid memory access in bsdtar (latest git):

==3220==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60300000e9ac at pc 0x742282 bp 0x7fff35ba0fd0 sp 0x7fff35ba0fc0
READ of size 4 at 0x60300000e9ac thread T0
    #0 0x742281 in archive_read_format_tar_read_header libarchive/archive_read_support_format_tar.c:520
    #1 0x4b3c63 in _archive_read_next_header2 libarchive/archive_read.c:645
    #2 0x4b3c63 in _archive_read_next_header libarchive/archive_read.c:685
    #3 0x42a29a in read_archive tar/read.c:252
    #4 0x42d6d2 in tar_mode_x tar/read.c:104
    #5 0x414a3f in main tar/bsdtar.c:805
    #6 0x7fdaeb660f9f in __libc_start_main (/lib64/libc.so.6+0x1ff9f)
    #7 0x41a5cd (/mnt/ram/libarchive/bsdtar+0x41a5cd)

See attachment: tar-heap-overflow.tar
See attachment: tar-heap-overflow.tar.asan.txt

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions