Package: arj Version: 3.10.22-12 Usertags: afl ARJ crashes on the attached (slightly corrupted) ARJ file:
$ arj t crash.arj
ARJ32 v 3.10, Copyright (c) 1998-2004, ARJ Software Russia. [08 Aug 2014]
Processing archive: crash.arj
Archive created: 2014-12-27 10:40:05, modified: 2014-12-27 10:40:05
Testing limerick Bad file data, CRC error!
1 file(s)
Found 1 error(s)!
*** Error in `arj': free(): invalid pointer: 0x00000000017e3200 ***
Aborted
This bug was found using American fuzzy lop:
https://packages.debian.org/experimental/afl
-- System Information:
Debian Release: 8.0
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages arj depends on:
ii libc6 2.19-13
--
Jakub Wilk
crash.arj
Description: Binary data
