Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 2 Nov 2014 19:06:40 +0100
From: Jakub Wilk <jwilk@...lk.net>
To: oss-security@...ts.openwall.com
Subject: unzip -t crasher

Latest American fuzzy lop[0] tarball[1] contains a zip file that crashes 
unzip -t:

$ unzip -qt afl-0.43b/docs/samples/unzip_t_malloc.zip
foo/:  mismatching "local" filename (™/UT),
         continuing with "central" filename version
*** Error in `unzip': free(): corrupted unsorted chunks: 0x00000000015d0170 ***

I'm not sure if inclusion of said zip file was intentional, but since 
the cat is already out of the bag, I thought I'll let you know.

[0] https://code.google.com/p/american-fuzzy-lop/
[1] http://lcamtuf.coredump.cx/afl.tgz

-- 
Jakub Wilk

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.