View Issue Details

IDProjectCategoryView StatusLast Update
0000459filegeneralpublic2015-06-10 00:58
ReporterFelix Bolte 
Assigned ToChristos Zoulas 
PrioritynormalSeveritycrashReproducibilityalways
Status resolvedResolutionfixed 
Platformx86_64 GNU/LinuxOSDebianOS Version8
Product Version5.22 
Target VersionFixed in Version5.23 
Summary0000459: segmentation fault when using crafted magic file
Descriptionafter another round of afl fuzzing (http://lcamtuf.coredump.cx/afl/) on current ^HEAD, the attached magic files will provoke segfaults in different code locations ...

please split the ticket if you think each issue/file should be handled separately :)
Steps To Reproducefile -m broken_magic /etc/services
TagsNo tags attached.

Relationships

Activities

Felix Bolte

Felix Bolte

2015-06-09 18:19

reporter  

broken_magic2 (4 bytes)
&(d
broken_magic2 (4 bytes)
Felix Bolte

Felix Bolte

2015-06-09 18:20

reporter  

broken_magic3 (9 bytes)
broken_magic3 (9 bytes)
CVS Commit

CVS Commit

2015-06-10 00:57

developer   ~0001002


Module Name: file
Committed By: christos
Date: Wed Jun 10 00:57:41 UTC 2015

Modified Files:
    file/src: apprentice.c

Log Message:
PR/459: Don't let invalid magic entries go through with warnings because
later the softmagic entry would need a lot of sanity checks which it does
not have.


Christos Zoulas

Christos Zoulas

2015-06-10 00:58

manager   ~0001003

Fixed, thanks!

Issue History

Date Modified Username Field Change
2015-06-09 18:19 Felix Bolte New Issue
2015-06-09 18:19 Felix Bolte File Added: broken_magic2
2015-06-09 18:20 Felix Bolte File Added: broken_magic3
2015-06-10 00:57 CVS Commit
2015-06-10 00:57 CVS Commit Note Added: 0001002
2015-06-10 00:57 CVS Commit Status new => confirmed
2015-06-10 00:57 CVS Commit Resolution open => fixed
2015-06-10 00:57 Christos Zoulas Assigned To => Christos Zoulas
2015-06-10 00:57 Christos Zoulas Status confirmed => assigned
2015-06-10 00:58 Christos Zoulas Note Added: 0001003
2015-06-10 00:58 Christos Zoulas Status assigned => resolved
2015-06-10 00:58 Christos Zoulas Fixed in Version => 5.23