Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Integer overflow checking filename size for ISO9660 #711

Closed
kientzle opened this issue May 28, 2016 · 3 comments
Closed

Integer overflow checking filename size for ISO9660 #711

kientzle opened this issue May 28, 2016 · 3 comments
Milestone

Comments

@kientzle
Copy link
Contributor

Reported by: Christian Wressnegger, Alwin Maier, and Fabian Yamaguchi

The ISO9660 writer is subject to integer overflows when verifying the filename size. This can lead to a crash when writing ISO9660 images with 2GB or 4GB filenames.

@kientzle
Copy link
Contributor Author

I believe that commit 3014e19 completely addresses this issue.

@kientzle kientzle added this to the 3.2.1 milestone Jun 1, 2016
@kientzle kientzle closed this as completed Jun 1, 2016
@chwress
Copy link

chwress commented Jun 2, 2016

I can confirm that this fixes the issue. Thanks.

For the sake of completeness I've attached the original report sent to Tim via email
libarchiveOverflow.txt

@fgeek
Copy link

fgeek commented Jul 20, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants