Skip to content

Segfault when unpacking invalid rar archive with bsdtar #518

Closed
@kwrobot

Description

@kwrobot

Original issue 410 created by Google Code user hanno@hboeck.de on 2015-02-13T20:05:02.000Z:

Attached file will cause a segfault in bsdtar. Latest git code.

Address Sanitizer output:

==21177==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000003 (pc 0x7fa3390860ef bp 0x7fff1b3cff30 sp 0x7fff1b3cf1c8 T0)
    #0 0x7fa3390860ee in crc32 (/lib64/libz.so.1+0x30ee)
    #1 0x8db25b in read_data_compressed /mnt/ram/libarchive-asan/libarchive/archive_read_support_format_rar.c:2045:25
    #2 0x8c14fd in archive_read_format_rar_read_data /mnt/ram/libarchive-asan/libarchive/archive_read_support_format_rar.c:1025:11
    #3 0x5dc586 in _archive_read_data_block /mnt/ram/libarchive-asan/libarchive/archive_read.c:969:9
    #4 0xae29a2 in archive_read_data_block /mnt/ram/libarchive-asan/libarchive/archive_virtual.c:161:10
    #5 0x66080a in copy_data /mnt/ram/libarchive-asan/libarchive/archive_read_extract2.c:120:7
    #6 0x65feb0 in archive_read_extract2 /mnt/ram/libarchive-asan/libarchive/archive_read_extract2.c:82:7
    #7 0x4edcbf in read_archive /mnt/ram/libarchive-asan/tar/read.c:361:9
    #8 0x4ef665 in tar_mode_x /mnt/ram/libarchive-asan/tar/read.c:104:2
    #9 0x4d647f in main /mnt/ram/libarchive-asan/tar/bsdtar.c:805:3
    #10 0x7fa3381cdf9f in __libc_start_main /var/tmp/portage/sys-libs/glibc-2.20-r1/work/glibc-2.20/csu/libc-start.c:289
    #11 0x4c46ac in _start (/mnt/ram/libarchive-asan/bsdtar+0x4c46ac)

Found with american fuzzy lop.

See attachment: segfault.rar
See attachment: segfault.rar.asan.txt

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions