Re: [Bug-cpio] Segfault when updating newc archives

bug-cpio

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-cpio] Segfault when updating newc archives

From:	Burton, Ross
Subject:	Re: [Bug-cpio] Segfault when updating newc archives
Date:	Thu, 29 Nov 2018 09:57:43 +0000

That fixes it for me, thanks, and is slightly more elegant than my patch. :)

Attached is a test suite I wrote to exercise the append code.  Please
consider merging this.

Ross
On Thu, 29 Nov 2018 at 06:22, Pavel Raiskup <address@hidden> wrote:
>
> Thanks for the report.
>
> On Wednesday, November 28, 2018 3:18:13 PM CET Burton, Ross wrote:
> > Using current git master of cpio, and introduced with the
> > CVE-2016-2037 out-of-bounds patch, I can trivially crash cpio.  For
> > example from the top of the cpio git clone:
> >
> > $ find gnulib/ | ./src/cpio -o -H newc >foo.cpio
> > 70240 blocks
> > $ echo NEWS | ./src/cpio  -oA  -H newc -F foo.cpio
> > Segmentation fault (core dumped)
>
> Please have a look at the attached patch.
>
> Pavel

0001-tests-add-test-for-archive-append.patch
Description: Binary data

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-cpio] Segfault when updating newc archives, Burton, Ross, 2018/11/28
- Re: [Bug-cpio] Segfault when updating newc archives, Burton, Ross, 2018/11/28
  - Re: [Bug-cpio] Segfault when updating newc archives, Burton, Ross, 2018/11/28
- Re: [Bug-cpio] Segfault when updating newc archives, Pavel Raiskup, 2018/11/29
  - Re: [Bug-cpio] Segfault when updating newc archives, Burton, Ross <=

Prev by Date: [Bug-cpio] Subscribe
Previous by thread: Re: [Bug-cpio] Segfault when updating newc archives
Next by thread: [Bug-cpio] Subscribe
Index(es):
- Date
- Thread