Join GitHub today
undefined behaviour / invalid shiftleft in compress_bidder_init #547
This file will trigger a shiftleft of 31 bytes of a signed 32 bit integer:
A shiftleft of the full size of a variable type is undefined in c. This can be seen by compiling libarchive with -fsanitize=undefined and trying to unpack the file (bsdtar -xf).
Here's the error message / crash dump:
SUMMARY: AddressSanitizer: undefined-behavior libarchive/archive_read_support_filter_compress.c:244
According to https://security-tracker.debian.org/tracker/CVE-2015-8932 this is a security issue with ID CVE-2015-8932.