oss-security - Re: Fwd: [FD] zlib v1.3.1.2 Global Buffer Overflow in TGZfname() of zlib untgz Utility via Unbounded strcpy() on User-Supplied Archive Name

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Message-ID: <ef2d3568-0f9a-4758-a232-ed1f3a0918d4@oracle.com>
Date: Thu, 15 Jan 2026 15:14:55 -0800
From: Alan Coopersmith <alan.coopersmith@...cle.com>
To: oss-security@...ts.openwall.com
Subject: Re: Fwd: [FD] zlib v1.3.1.2 Global Buffer Overflow in
 TGZfname() of zlib untgz Utility via Unbounded strcpy() on User-Supplied
 Archive Name

On 1/6/26 09:31, Alan Coopersmith wrote:
> I didn't see any mention of this in https://github.com/madler/zlib so
> I filed https://github.com/madler/zlib/issues/1142 .
> 
> Note once again, this is in a utility in the contrib directory, not the main
> zlib library itself.  (And 1.3.1.2 is not an actual release, but a git tag being
> used for other purposes - see https://github.com/madler/zlib/discussions/1128 .)

The bug has been closed now that untgz has been removed from the zlib contrib
directory so that people stop harassing the zlib maintainers about code they
don't maintain:

https://github.com/madler/zlib/commit/1a40058a92d525aa49a6eac698cfde500fc9b92f

-- 
         -Alan Coopersmith-                 alan.coopersmith@...cle.com
          Oracle Solaris Engineering - https://blogs.oracle.com/solaris

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.