Ticket #3605 (closed defect: fixed)

Opened 4 years ago

Last modified 4 years ago

[patch] extfs.c: fix buffer overflow

Reported by: and Owned by: andrew_b
Priority: major Milestone: 4.8.17
Component: mc-vfs Version: master
Keywords: Cc:
Blocked By: Blocking:
Branch state: merged Votes for changeset: committed-master

Description

When handling with copy/move commands inside of archive we can lead into buffer overflow
steps to roproduce:

create simple 7z archive
open it
rename single filename
hit buffer overflow

found by clang/AddressSanitizer

Attachments

mc-3605-extfs.c-fix-buffer-overflow.patch (2.9 KB) - added by and 4 years ago.

Change History

Changed 4 years ago by and

comment:1 Changed 4 years ago by zaytsev

  • Milestone changed from Future Releases to 4.8.17

It would be great if you would attach tickets with fresh patches ready for review to the current milestone. Otherwise, I'm afraid, they will get lost among other hundreds of tickets. If we can't make it for this milestone, we can always move it to the next one. Thanks!

comment:2 Changed 4 years ago by andrew_b

  • Owner set to andrew_b
  • Status changed from new to accepted
  • Component changed from mc-core to mc-vfs
  • Branch state changed from no branch to on review

Branch:3605_extfs_buffer_overflow
changeset:e1ad66e90efe780a2426cb7fd079a630386ceb03

comment:3 Changed 4 years ago by andrew_b

  • Votes for changeset set to andrew_b
  • Branch state changed from on review to approved

comment:4 Changed 4 years ago by andrew_b

  • Status changed from accepted to testing
  • Votes for changeset changed from andrew_b to committed-master
  • Resolution set to fixed
  • Branch state changed from approved to merged

comment:5 Changed 4 years ago by andrew_b

  • Status changed from testing to closed
Note: See TracTickets for help on using tickets.