Package: libarchive13 Version: 3.2.2-3.1 $ gzip -d oob.iso.gz $ valgrind --quiet -- bsdtar -xOf oob.iso ==2945== Invalid read of size 1 ==2945== at 0x4891EAA: parse_file_info (archive_read_support_format_iso9660.c:1767) ==2945== by 0x48934D7: choose_volume (archive_read_support_format_iso9660.c:1115) ==2945== by 0x48934D7: archive_read_format_iso9660_read_header (archive_read_support_format_iso9660.c:1181) ==2945== by 0x4873A54: _archive_read_next_header2 (archive_read.c:649) ==2945== by 0x4873B5B: _archive_read_next_header (archive_read.c:687) ==2945== by 0x10D384: read_archive (read.c:261) ==2945== by 0x10DCAC: tar_mode_x (read.c:112) ==2945== by 0x10C2BB: main (bsdtar.c:809) ==2945== Address 0x6ca56c8 is 0 bytes after a block of size 65,536 alloc'd ==2945== at 0x482E2BC: malloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==2945== by 0x487ABEC: file_open (archive_read_open_filename.c:358) ==2945== by 0x4874DE9: archive_read_open1 (archive_read.c:479) ==2945== by 0x487B0F6: archive_read_open_filenames (archive_read_open_filename.c:152) ==2945== by 0x487B18C: archive_read_open_filename (archive_read_open_filename.c:109) ==2945== by 0x10D321: read_archive (read.c:223) ==2945== by 0x10DCAC: tar_mode_x (read.c:112) ==2945== by 0x10C2BB: main (bsdtar.c:809) ...
Found using American Fuzzy Lop: http://lcamtuf.coredump.cx/afl/ -- System Information: Architecture: i386 Versions of packages libarchive13 depends on: ii libacl1 2.2.52-3+b1 ii libbz2-1.0 1.0.6-8.1 ii libc6 2.24-17 ii liblz4-1 0.0~r131-2+b1 ii liblzma5 5.2.2-1.3 ii liblzo2-2 2.08-1.2+b2 ii libnettle6 3.3-2 ii libxml2 2.9.4+dfsg1-4 ii zlib1g 1:1.2.8.dfsg-5 -- Jakub Wilk
oob.iso.gz
Description: application/gzip
