Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 19 Sep 2016 12:59:40 +0200
From: Agostino Sarubbo <>
Subject: Re: Libarchive/bsdtar: multiple crashes

On Thursday 15 September 2016 17:52:52 Agostino Sarubbo wrote:
> Hello all.
> I'd like to make people aware of the following crashes in 
> found by fuzzing (all issues are public on github):
> The most dangerous, an out of bounds stack write (which is also fixed 
> upstream):
> -overflow-in-bsdtar_expand_char-util-c/ 
> The following are buffer over read of 1 (all are unfixed upstream ATM):
>> overflow-in-detect_form-archive_read_support_format_mtree-c/ 
> -overflow-in-read_header-archive_read_support_format_7zip-c/
> unknown-crash-in-bid_entry-archive_read_support_format_mtree-c/
> -overflow-in-bid_entry-archive_read_support_format_mtree-c/
> As stated in the posts, the two latest bug could be the same, but I 
> have an upstream response about, so I posted both stacktrace to 
> track  the issues.
> The following are use-after-free (all are unfixed upstream ATM):
>> bid_entry-archive_read_support_format_mtree-c/
> -detect_form-archive_read_support_format_mtree-c/
> As stated in the posts, they could be the same.
> I didn't have an upstream response too for those.

All issues mentioned in the previous posts, are now fixed in git.
I updated all posts with the git commit.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.