libzip is a C library for reading, creating, and modifying zip archives. A partial list of projects using libzip include: Plex Home Theater, MySQL Workbench, ckmame, fuse-zip, lua-zip, php zip extension, zipruby, Endeavour2, FreeDink, DeaDBeeF (vfs_zip plugin), OpenLierox, ebook-tools, PDF Expert, ReaddleDocs, simple basic C++ wrapper for libzip, libzip++ - safe and modern c++14 wrapper around libzip,Adobe (e.g., in Edge), PureBasic (ZipPacker), freebasic (ExtLibZip), Mercedes (S-Class), Kerkythea, G3D Innovation Engine, D’Fusion Studio, odt2tex - Libre/OpenOffice to LaTeX converter, Kobo eReader, Kchmviewer,Yubikey NEO CCID Manager C Library,Veracrypt, InstantZip, OpenRCT2 (RollerCoaster Tycoon 2 re-implementation)
==19825==ERROR: AddressSanitizer: heap-use-after-free on address 0x60300000ece1 at pc 0x0000004fbbe9 bp 0x7ffd4ed8f250 sp 0x7ffd4ed8f248
READ of size 1 at 0x60300000ece1 thread T0
#0 0x4fbbe8 in _zip_buffer_free /root/libzip/lib/zip_buffer.c:53:9
#1 0x4ccdc5 in _zip_dirent_read /root/libzip/lib/zip_dirent.c:477:17
#2 0x4dd766 in _zip_checkcons /root/libzip/lib/zip_open.c:469:6
#3 0x4dc511 in _zip_find_central_dir /root/libzip/lib/zip_open.c:612:28
#4 0x4dc511 in _zip_open /root/libzip/lib/zip_open.c:194
#5 0x4da5d7 in zip_open_from_source /root/libzip/lib/zip_open.c:148:11
#6 0x4d9a10 in zip_open /root/libzip/lib/zip_open.c:74:15
#7 0x4bfa32 in list_zip /root/libzip/src/zipcmp.c:396:13
#8 0x4bfa32 in compare_zip /root/libzip/src/zipcmp.c:225
#9 0x4bfa32 in main /root/libzip/src/zipcmp.c:193
#10 0x7fab6f292b44 in __libc_start_main /build/glibc-KShDyh/glibc-2.19/csu/libc-start.c:287
#11 0x4bf29c in _start (/root/libzip/src/zipcmp+0x4bf29c)
0x60300000ece1 is located 1 bytes inside of 32-byte region [0x60300000ece0,0x60300000ed00)
freed by thread T0 here:
#0 0x4a199b in free (/root/libzip/src/zipcmp+0x4a199b)
#1 0x4fbbc0 in _zip_buffer_free /root/libzip/lib/zip_buffer.c:57:5
#2 0x4dd766 in _zip_checkcons /root/libzip/lib/zip_open.c:469:6
#3 0x4dc511 in _zip_find_central_dir /root/libzip/lib/zip_open.c:612:28
#4 0x4dc511 in _zip_open /root/libzip/lib/zip_open.c:194
#5 0x4da5d7 in zip_open_from_source /root/libzip/lib/zip_open.c:148:11
#6 0x4d9a10 in zip_open /root/libzip/lib/zip_open.c:74:15
#7 0x4bfa32 in list_zip /root/libzip/src/zipcmp.c:396:13
#8 0x4bfa32 in compare_zip /root/libzip/src/zipcmp.c:225
#9 0x4bfa32 in main /root/libzip/src/zipcmp.c:193
#10 0x7fab6f292b44 in __libc_start_main /build/glibc-KShDyh/glibc-2.19/csu/libc-start.c:287
previously allocated by thread T0 here:
#0 0x4a1c1b in __interceptor_malloc (/root/libzip/src/zipcmp+0x4a1c1b)
#1 0x4fd07b in _zip_buffer_new /root/libzip/lib/zip_buffer.c:168:35
#2 0x4fd07b in _zip_buffer_new_from_source /root/libzip/lib/zip_buffer.c:190
#3 0x514487 in _fini (/root/libzip/src/zipcmp+0x514487)
SUMMARY: AddressSanitizer: heap-use-after-free /root/libzip/lib/zip_buffer.c:53 _zip_buffer_free