libarchive: Heap-buffer-overflow in _warc_rdlen

2017-02-05T20:59:55
ID OSSFUZZ-552
Type ossfuzz
Reporter Google
Modified 2017-03-09T21:53:16

Description

Project: https://github.com/libarchive/libarchive.git

Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=4606991431368704

Project: libarchive Fuzzer: libFuzzer_libarchive_fuzzer Fuzz target binary: libarchive_fuzzer Job Type: libfuzzer_asan_libarchive Platform Id: linux

Crash Type: Heap-buffer-overflow READ 5 Crash Address: 0x616000000b82 Crash State: _warc_rdlen _warc_rdhdr _archive_read_next_header2

Sanitizer: address (ASAN)

Recommended Security Severity: Medium

Regressed: https://clusterfuzz-external.appspot.com/revisions?job=libfuzzer_asan_libarchive&range=201605271739:201605281739

Reproducer Testcase: https://clusterfuzz-external.appspot.com/download/AMIfv95tL1YRiELtO_eenWCWqhTUNmTTh6VhIAH1c4uqK1DDLjMBVUGRy7egLwQukgSY0zVUpdqJ6an9OwQFnVUCjKmH1J-i8YjOLs_dl9LXEzR3rCoHsf4K9iNt8YsRsSsmxgaVt0TMUQ5WAOgkDquGRdFhGb7MMzAoqIY6Hth9uGBG5BD7WnMsm4Uk6XRnYZlKgZ1ReDNqLgsA9neDryK_XOMR-gJVI6XsDM92cpMHTUN55DdwPvef7nzYIVLLgugsPc4xs3b4k6RkIeK8mZltFM5noVUhpHmFEw26a7CYX9tQP2O2ljymr5u6W2jYaQz5QlyFvZ_ekT-eMRlXie43BFBhTFM4NyMiPF8Umh_ydp7omayND1Gtiq5iUekEgzVCuKVpECblO321a_KpiAldXPUD3_WQA0Eb_FxGNgK_WMSGjkykSR0?testcase_id=4606991431368704

Issue filed automatically.

See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse without an upstream patch, then the bug report will automatically become visible to the public.