Hi All, I'd like to report a defect in cpio v2.12 (3be097c12ec14a69b3f3df3e2138fa235a3154d7).
Execution of the following command with the attached test-case will
cause a NULL pointer dereference:
-- cut --
$ ~/cpio-git-asan/src/cpio -it -F ./nptr_1
ASAN:DEADLYSIGNAL
=================================================================
==10051==ERROR: AddressSanitizer: SEGV on unknown address
0x000000000000 (pc 0x7ff74c7f48e1 bp 0x7fff054ae130 sp 0x7fff054ad8b8
T0)
==10051==The signal is caused by a READ memory access.
==10051==Hint: address points to the zero page.
#0 0x7ff74c7f48e0 (/lib/x86_64-linux-gnu/libc.so.6+0x15a8e0)
#1 0x44fc5c in __interceptor_strlen.part.30
(/home/s1m0n/cpio/cpio-git-asan/src/cpio+0x44fc5c)
#2 0x564fa2 in cpio_set_c_name /home/s1m0n/cpio/cpio/src/util.c:1418:16
#3 0x514790 in read_name_from_file /home/s1m0n/cpio/cpio/src/copyin.c:1006:3
#4 0x514790 in read_in_binary /home/s1m0n/cpio/cpio/src/copyin.c:1142
#5 0x511327 in read_in_header /home/s1m0n/cpio/cpio/src/copyin.c:984:4
#6 0x51cd98 in process_copy_in /home/s1m0n/cpio/cpio/src/copyin.c:1282:7
#7 0x54650b in main /home/s1m0n/cpio/cpio/src/main.c:788:3
#8 0x7ff74c6bcb16 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x22b16)
#9 0x41e899 in _start (/home/s1m0n/cpio/cpio-git-asan/src/cpio+0x41e899)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x15a8e0)
==10051==ABORTING
-- cut --
Please let me know if you have any questions.
Thanks,
Filip Palian
nptr_1
Description: Binary data
