Hi All,
I'd like to report a defect in tar v1.30.
Execution of the following command will cause a heap-based buffer overflow:
-- cut --
$ ~/tar-asan/src/tar --pax-option==
=
==28267==ERROR: AddressSanitizer: heap-buffer-overflow on
Hi All,
I'd like to report a defect in tar v1.30.
Execution of the following command will cause a heap-based buffer overflow:
-- cut --
$ ~/tar-asan/src/tar --transform="s///"
=
==4615==ERROR: AddressSanitizer: heap-buffer-overflow
Hi All,
I'd like to report a defect in tar v1.30.
Execution of the following command will cause a NULL pointer dereference:
-- cut --
$ /home/s1m0n/tar/tar-asan/src/tar --update -f ./emptyfile
--pax-option=listopt=""
AddressSanitizer:DEADLYSIGNAL
=
Hi All,
I'd like to report a defect in tar v1.30.
Execution of the following command with the attached test-case will
cause a use-after-free:
-- cut --
$ ~/tar-asan/src/tar -d -f none -g ./uaf_2.tar
/home/s1m0n/tar/tar-asan/src/tar: ./uaf_2.tar:1: Invalid time stamp:
Invalid argument
/home/s1m0n
Hi All,
I'd like to report a defect in tar v1.30.
Execution of the following command will cause a heap-based buffer overflow:
-- cut --
$ ~/tar-asan/src/tar -f .bz2 --one-top-level
=
==31469==ERROR: AddressSanitizer: heap-buffer-ove
Hi All,
I'd like to report a defect in tar v1.30.
Execution of the following command will cause a use-after-free:
-- cut --
$ touch none ; tar -cf bla.tar . ; /home/s1m0n/tar/tar-asan/src/tar -d
-f bla.tar -K ./none
=
==15682==ERROR
Hi All,
I'd like to report a defect in tar v1.30.
Execution of the following command will cause a heap-based buffer overflow:
-- cut --
$ ~/tar-asan/src/tar -c -f none --add-file= -g none
=
==7359==ERROR: AddressSanitizer: heap-buff
Hi All,
I'd like to report a defect in tar v1.30.
Execution of the following commands will cause a heap-based buffer overflows:
-- cut --
$ ~/tar-asan/src/tar -c -f none
--pax-option=globexthdr.name="%%",listopt="" none
SUMMARY: AddressSanitizer: heap-buffer-overflow
/home/s1m0n/tar/tar-asan
