And additionally the results from an ASAN build: For the one related to the CVE-2017-15000 reproducer:
root@sid:~# extract -i extract-nsf_extract_method-nsf_extractor-164.crash Keywords for file extract-nsf_extract_method-nsf_extractor-164.crash: xm_extractor.c:80:7: runtime error: null pointer passed as argument 1, which is declared to never be null ASAN:DEADLYSIGNAL ================================================================= ==22442==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x7f916bdf6d06 bp 0x7ffd356d46c0 sp 0x7ffd356d4520 T0) ==22442==The signal is caused by a READ memory access. ==22442==Hint: address points to the zero page. #0 0x7f916bdf6d05 in EXTRACTOR_xm_extract_method (/usr/lib/x86_64-linux-gnu/libextractor/libextractor_xm.so+0x1d05) #1 0x7f917a6d709c (/usr/lib/x86_64-linux-gnu/libextractor.so.3+0x3209c) #2 0x7f917a6d85d3 in EXTRACTOR_extract (/usr/lib/x86_64-linux-gnu/libextractor.so.3+0x335d3) #3 0x403892 (/usr/bin/extract+0x403892) #4 0x7f91793fa560 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x20560) #5 0x404ce9 (/usr/bin/extract+0x404ce9) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/usr/lib/x86_64-linux-gnu/libextractor/libextractor_xm.so+0x1d05) in EXTRACTOR_xm_extract_method ==22442==ABORTING root@sid:~# for the one related to the CVE-2017-15602 reproducer: root@sid:~# extract -i bin_6iRW3tXve.bin Keywords for file bin_6iRW3tXve.bin: ================================================================= ==22470==ERROR: AddressSanitizer: negative-size-param: (size=-8) #0 0x7fb94e64279b (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x7679b) #1 0x7fb93ba7be6c (/usr/lib/x86_64-linux-gnu/libgme.so.0+0x8e6c) #2 0x7fb93ba7bc89 (/usr/lib/x86_64-linux-gnu/libgme.so.0+0x8c89) #3 0x7fb93ba9f231 (/usr/lib/x86_64-linux-gnu/libgme.so.0+0x2c231) #4 0x7fb93ba9f5f2 (/usr/lib/x86_64-linux-gnu/libgme.so.0+0x2c5f2) #5 0x7fb93ba7f94d (/usr/lib/x86_64-linux-gnu/libgme.so.0+0xc94d) #6 0x7fb93ba7eb7b in gme_load_data (/usr/lib/x86_64-linux-gnu/libgme.so.0+0xbb7b) #7 0x7fb93ba7ec33 in gme_open_data (/usr/lib/x86_64-linux-gnu/libgme.so.0+0xbc33) #8 0x7fb93f2be581 (/usr/lib/x86_64-linux-gnu/libavformat.so.57+0xbc581) #9 0x7fb93f3ad16f in avformat_open_input (/usr/lib/x86_64-linux-gnu/libavformat.so.57+0x1ab16f) #10 0x7fb93f8ece71 in EXTRACTOR_previewopus_extract_method (/usr/lib/x86_64-linux-gnu/libextractor/libextractor_previewopus.so+0x4e71) #11 0x7fb94e39b09c (/usr/lib/x86_64-linux-gnu/libextractor.so.3+0x3209c) #12 0x7fb94e39c5d3 in EXTRACTOR_extract (/usr/lib/x86_64-linux-gnu/libextractor.so.3+0x335d3) #13 0x403892 (/usr/bin/extract+0x403892) #14 0x7fb94d0be560 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x20560) #15 0x404ce9 (/usr/bin/extract+0x404ce9) 0x61600000789e is located 30 bytes inside of 482-byte region [0x616000007880,0x616000007a62) allocated by thread T0 here: #0 0x7fb94e6a6758 in __interceptor_posix_memalign (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xda758) #1 0x7fb93f68c782 in av_malloc (/usr/lib/x86_64-linux-gnu/libavutil.so.55+0x31782) SUMMARY: AddressSanitizer: negative-size-param (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x7679b) ==22470==ABORTING root@sid:~# Regards, Salvatore