search

pombreda / libarchive

Automatically exported from code.google.com/p/libarchive
Other
0 stars 0 forks source link

malformed tar file causes heap read overflow #407

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
One more malformed tar file that causes an invalid memory access in bsdtar 
(latest git):

==3220==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60300000e9ac 
at pc 0x742282 bp 0x7fff35ba0fd0 sp 0x7fff35ba0fc0
READ of size 4 at 0x60300000e9ac thread T0
    #0 0x742281 in archive_read_format_tar_read_header libarchive/archive_read_support_format_tar.c:520
    #1 0x4b3c63 in _archive_read_next_header2 libarchive/archive_read.c:645
    #2 0x4b3c63 in _archive_read_next_header libarchive/archive_read.c:685
    #3 0x42a29a in read_archive tar/read.c:252
    #4 0x42d6d2 in tar_mode_x tar/read.c:104
    #5 0x414a3f in main tar/bsdtar.c:805
    #6 0x7fdaeb660f9f in __libc_start_main (/lib64/libc.so.6+0x1ff9f)
    #7 0x41a5cd (/mnt/ram/libarchive/bsdtar+0x41a5cd)

Original issue reported on code.google.com by hanno@hboeck.de on 9 Feb 2015 at 12:21

Attachments:

GoogleCodeExporter commented 9 years ago 
I believe this is fixed in

[master bb9b157] Issue 407: Tar reader tries to examine last character of an 
empty filename

Original comment by kientzle@gmail.com on 21 Feb 2015 at 5:38