diff options
author | Denys Vlasenko | 2018-04-08 20:02:01 +0200 |
---|---|---|
committer | Denys Vlasenko | 2018-04-08 20:05:04 +0200 |
commit | 38ccd6af8abbafff98d458a1c62909acfc09a514 (patch) | |
tree | 1a4158db5c7e5e98111ff99d4a9078d93b4ccfcc /testsuite | |
parent | 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e (diff) | |
download | busybox-38ccd6af8abbafff98d458a1c62909acfc09a514.zip busybox-38ccd6af8abbafff98d458a1c62909acfc09a514.tar.gz |
bzip2: fix two crashes on corrupted archives
As it turns out, longjmp'ing into freed stack is not healthy...
function old new delta
unpack_usage_messages - 97 +97
unpack_bz2_stream 369 409 +40
get_next_block 1667 1677 +10
get_bits 156 155 -1
start_bunzip 212 183 -29
bb_show_usage 181 120 -61
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 2/3 up/down: 147/-91) Total: 56 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'testsuite')
-rwxr-xr-x | testsuite/bunzip2.tests | 16 | ||||
-rw-r--r-- | testsuite/bz2_issue_11.bz2 | bin | 0 -> 12000 bytes | |||
-rw-r--r-- | testsuite/bz2_issue_12.bz2 | bin | 0 -> 11000 bytes |
3 files changed, 16 insertions, 0 deletions
diff --git a/testsuite/bunzip2.tests b/testsuite/bunzip2.tests index fcfce1a..edb3327 100755 --- a/testsuite/bunzip2.tests +++ b/testsuite/bunzip2.tests @@ -552,6 +552,22 @@ if test "${0##*/}" = "bunzip2.tests"; then echo "FAIL: $unpack: pbzip_4m_zeros file" FAILCOUNT=$((FAILCOUNT + 1)) fi + + errout="`${bb}bunzip2 <bz2_issue_11.bz2 2>&1 >/dev/null`" + if test x"$errout:$?" = x"bunzip2: bunzip error -5:1"; then + echo "PASS: $unpack: bz2_issue_11.bz2 corrupted example" + else + echo "FAIL: $unpack: bz2_issue_11.bz2 corrupted example" + FAILCOUNT=$((FAILCOUNT + 1)) + fi + + errout="`${bb}bunzip2 <bz2_issue_12.bz2 2>&1 >/dev/null`" + if test x"$errout:$?" = x"bunzip2: bunzip error -3:1"; then + echo "PASS: $unpack: bz2_issue_12.bz2 corrupted example" + else + echo "FAIL: $unpack: bz2_issue_12.bz2 corrupted example" + FAILCOUNT=$((FAILCOUNT + 1)) + fi fi exit $((FAILCOUNT <= 255 ? FAILCOUNT : 255)) diff --git a/testsuite/bz2_issue_11.bz2 b/testsuite/bz2_issue_11.bz2 Binary files differnew file mode 100644 index 0000000..62b2520 --- /dev/null +++ b/testsuite/bz2_issue_11.bz2 diff --git a/testsuite/bz2_issue_12.bz2 b/testsuite/bz2_issue_12.bz2 Binary files differnew file mode 100644 index 0000000..4215f08 --- /dev/null +++ b/testsuite/bz2_issue_12.bz2 |