Original issue 409 created by Google Code user hanno@hboeck.de on 2015-02-13T19:36:08.000Z:
The latest git code of libarchive (not reproducible in latest release) has a memory leak. It seems the variable extract (line 100, archive_read_extract2.c) is never free'd.
Seems to happen independent of the archive used, just bsdtar -xf on a random file.
valgrind output:
==6850== HEAP SUMMARY:
==6850== in use at exit: 24 bytes in 1 blocks
==6850== total heap usage: 91 allocs, 90 frees, 133,036 bytes allocated
==6850==
==6850== 24 bytes in 1 blocks are definitely lost in loss record 1 of 1
==6850== at 0x4C29F80: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==6850== by 0x416E1C: __archive_read_get_extract (archive_read_extract2.c:53)
==6850== by 0x417070: archive_read_extract_set_progress_callback (archive_read_extract2.c:100)
==6850== by 0x408425: read_archive (read.c:226)
==6850== by 0x408666: tar_mode_x (read.c:104)
==6850== by 0x4067B3: main (bsdtar.c:805)
The text was updated successfully, but these errors were encountered:
Just for the record for others investigating this CVE. As far as I can tell from looking at the git history, this leak was introduced in commit 77b2efc when get_extract() was refactored and the fix in commit d24e79e depend on commit 9025047 as the code was moved from archive_read_extract.c to archive_read_extract2.c. The first tag with the leak is v3.1.900a.
Original issue 409 created by Google Code user
hanno@hboeck.deon 2015-02-13T19:36:08.000Z:The text was updated successfully, but these errors were encountered: