Package: unace Version: 1.2b-13 Usertags: afl unace crashes while trying to test integrity of the attached file:
$ unace t crash UNACE v1.2 public version Processing archive: crash.ACE Authenticity Verification: created on 11.1.2015 by *UNREGISTĹRED VERSION* Segmentation fault GDB says it's an out-of-bounds read: Program received signal SIGSEGV, Segmentation fault. 0x0804b159 in dcpr_comm (comm_size=2022) at uac_dcpr.c:195 195 comm[dpos++] = comm[pos++]; (gdb) print pos $3 = -134377471 (gdb) print comm[pos] Cannot access memory at address 0x2a567 This bug was found using American fuzzy lop: http://lcamtuf.coredump.cx/afl/ -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (990, 'unstable'), (500, 'experimental') Architecture: i386 (x86_64) Foreign Architectures: amd64 Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages unace depends on: ii libc6 2.19-18 -- Jakub Wilk
crash.ACE
Description: Binary data