libarchive: Heap-buffer-overflow in archive_read_format_cpio_read_header

2017-01-31T13:59:14
ID OSSFUZZ-504
Type ossfuzz
Reporter Google
Modified 2017-03-09T21:53:16

Description

Project: https://github.com/libarchive/libarchive.git

Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5205694638718976

Project: libarchive Fuzzer: libFuzzer_libarchive_fuzzer Fuzz target binary: libarchive_fuzzer Job Type: libfuzzer_asan_libarchive Platform Id: linux

Crash Type: Heap-buffer-overflow READ 11 Crash Address: 0x615000000780 Crash State: archive_read_format_cpio_read_header _archive_read_next_header2 _archive_read_next_header

Sanitizer: address (ASAN)

Recommended Security Severity: Medium

Regressed: https://clusterfuzz-external.appspot.com/revisions?job=libfuzzer_asan_libarchive&range=201701251730:201701252247

Reproducer Testcase: https://clusterfuzz-external.appspot.com/download/AMIfv970HHtM9B1K00LlKq3mKozqdkW6d5nYFr6EnxhfuVVXYdfo0Osog3upFKCvW-HjkTbftko9WjKu8Z6IODmBM-dJmwmSu19KGOo0BZ8Mc0bLmrPMf3Aj6gw0s4MGNHicDxXuAqARZHH7rxUR9ZhIWrE6qvcrzyyHFimksEr-7J0Vtw86Sbi7v5c22GXLwdR0fS_5nQZV9TWz5V-Pj9txTsggwgsEulBSI5ci5wl9fJvzny_kKKuhXn7_MhRtjo6_02o90l3eHar-61GC2UnwzrcqgaeidSYBgboVDcnbesMVLShWOaliABOp79DXx0Hg745YxPipPnkm5bXMPTIOUBp008yN8a-zQBm4QduDo0fBWzebo7Gwd5xN3HTZOkZYFwjkRDIH?testcase_id=5205694638718976

Issue filed automatically.

See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse without an upstream patch, then the bug report will automatically become visible to the public.