Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

memory leak in __archive_read_get_extract #517

Closed
kwrobot opened this issue Apr 11, 2015 · 3 comments

Comments

Projects
None yet
2 participants
@kwrobot
Copy link

commented Apr 11, 2015

Original issue 409 created by Google Code user hanno@hboeck.de on 2015-02-13T19:36:08.000Z:

The latest git code of libarchive (not reproducible in latest release) has a memory leak. It seems the variable extract (line 100, archive_read_extract2.c) is never free'd.

Seems to happen independent of the archive used, just bsdtar -xf on a random file.

valgrind output:
==6850== HEAP SUMMARY:
==6850==     in use at exit: 24 bytes in 1 blocks
==6850==   total heap usage: 91 allocs, 90 frees, 133,036 bytes allocated
==6850== 
==6850== 24 bytes in 1 blocks are definitely lost in loss record 1 of 1
==6850==    at 0x4C29F80: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==6850==    by 0x416E1C: __archive_read_get_extract (archive_read_extract2.c:53)
==6850==    by 0x417070: archive_read_extract_set_progress_callback (archive_read_extract2.c:100)
==6850==    by 0x408425: read_archive (read.c:226)
==6850==    by 0x408666: tar_mode_x (read.c:104)
==6850==    by 0x4067B3: main (bsdtar.c:805)

@kwrobot

This comment has been minimized.

Copy link
Author

commented Apr 11, 2015

Comment #1 originally posted by kientzle on 2015-02-14T04:23:13.000Z:

Thank you!

I believe this is fixed in git commit d24e79e

@petterreinholdtsen

This comment has been minimized.

Copy link

commented Jul 1, 2016

According to https://security-tracker.debian.org/tracker/CVE-2015-8929 this is a security problem with ID CVE-2015-8929.

@petterreinholdtsen

This comment has been minimized.

Copy link

commented Jul 1, 2016

Just for the record for others investigating this CVE. As far as I can tell from looking at the git history, this leak was introduced in commit 77b2efc when get_extract() was refactored and the fix in commit d24e79e depend on commit 9025047 as the code was moved from archive_read_extract.c to archive_read_extract2.c. The first tag with the leak is v3.1.900a.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.