-
Notifications
You must be signed in to change notification settings - Fork 742
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Segmentation fault while reading a RAR file #2087
Comments
I just ran into this issue last week as well. Making the change below to right after the expand()/if code seemed to fix crash: - rar->bytes_uncopied = end - start;
+ rar->bytes_uncopied = end > start ? end - start : 0; but I don't know if that has any unintended side effect. Would be good to get an "official" fix. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
On Linux and FreeBSD, while reading a specific "RAR archive data, v4, os: Win32" file, and while not reading all data in all files (hence skipping over with archive_read_data_skip). When reaching a specific file in a archive this crash occurres.
Important! If not skipping file < 141, and reading all data, it does not crash
Backtrace:
libarchive/libarchive/archive_read_support_format_rar.c
Lines 2183 to 2185 in 9ba8292
This expand() make the end go from
start = 1280 end = 1792
to
start = 1280 end = 425
Explaining the length=-855 from the gdb backtrace
The text was updated successfully, but these errors were encountered: