diff options
author | Jim Meyering <meyering@fb.com> | 2018-04-07 08:41:46 -0700 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2018-04-13 11:05:01 +0300 |
commit | b531801d6f49d64a126720e6004aae7c800764b2 (patch) | |
tree | f2b4ab04b54877518b8f1e0dcbb5e4dbc89e1e7d /NEWS | |
parent | f563b896cca6e5d629f0336403438f9aaa944416 (diff) | |
download | tar-b531801d6f49d64a126720e6004aae7c800764b2.tar.gz |
--one-top-level: avoid a heap-buffer-overflow
* NEWS: Mention this.
* src/suffix.c (strip_compression_suffix): Fix string comparison guard.
Without this change, some ASAN-enabled test runs would fail with the
following. Also, strip an additional .tar suffix only if the just-
stripped suffix did not match /^\.t/".
==30815==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000002ed at pc 0x00000049d1f4 bp 0x7ffeb5906d50 sp 0x7ffeb5906500
READ of size 1 at 0x6020000002ed thread T0
SCARINESS: 12 (1-byte-read-heap-buffer-overflow)
#0 0x49d1f3 in __interceptor_strncmp /j/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:407
#1 0x5670f3 in strip_compression_suffix /j/tar/src/suffix.c:107
#2 0x575788 in decode_options /j/tar/src/tar.c:2545
#3 0x5760c0 in main /j/tar/src/tar.c:2708
#4 0x7f105090df29 in __libc_start_main ../csu/libc-start.c:308
#5 0x408629 in _start (/j/tar/src/tar+0x408629)
0x6020000002ed is located 3 bytes to the left of 6-byte region [0x6020000002f0,0x6020000002f6)
allocated by thread T0 here:
#0 0x4d0710 in __interceptor_malloc /j/gcc/libsanitizer/asan/asan_malloc_linux.cc:86
#1 0x4908ad in __interceptor_strndup /j/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:326
#2 0x5cbcbd in xstrndup /j/tar/gnu/xstrndup.c:32
#3 0x5a325b in base_name /j/tar/gnu/basename.c:57
#4 0x575772 in decode_options /j/tar/src/tar.c:2544
#5 0x5760c0 in main /j/tar/src/tar.c:2708
#6 0x7f105090df29 in __libc_start_main ../csu/libc-start.c:308
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 7 |
1 files changed, 5 insertions, 2 deletions
@@ -1,9 +1,12 @@ -GNU tar NEWS - User visible changes. 2018-03-18 +GNU tar NEWS - User visible changes. 2018-04-07 Please send GNU tar bug reports to <bug-tar@gnu.org> version 1.30.90 (Git) +* Fix heap-buffer-overrun with --one-top-level. +Bug introduced with the addition of that option in 1.28. + * Support for zstd compression New option '--zstd' instructs tar to use zstd as compression program. @@ -53,7 +56,7 @@ causing subsequent link extractions in that directory to fail. This new warning control option suppresses warning messages about unreadable files and directories. It has effect only if used together -with the --ignore-failed-read option. +with the --ignore-failed-read option. * The --warnings=none option now suppresses all warnings |