[Pkg-libburnia-devel] Bug#872372: libisofs6: null pointer dereference

Thomas Schmitt scdbackup at gmx.net
Thu Aug 17 07:15:37 UTC 2017


this AFL is such an insidious thing. :))

The test "ISO" is totally screwed up, except a narrow path that leads
to a root directory which bears a Rock Ridge entry "RE". Such an entry
marks a directory as relocated. I.e. its Rock Ridge path of directories
is not the ECMA-119 path which leads to that directory. A different
Rock Ridge path is supposed to exist which points to the directory.
But for the root directory, this is of course fatal, as no other path
can circumvent it.

I have put a patch on that particular pitfall.

The reaction of xorriso-1.4.7 is now:

  libisoburn: WARNING : ISO image size 808464432s larger than readable size 20s
  xorriso : NOTE : Loading ISO image tree from LBA 0
  libisofs: FATAL : Root directory is marked by RRIP RE as relocated
  libisofs: FATAL : Unable to obtain root directory
  xorriso : FAILURE : Cannot read ISO image tree

There is a small memory leak in xorriso_main.c. It is semi-intentional,
because the program is bailing out anyways.

It has to be expected that other similar crash opportunities exist.

Have a nice day :)


More information about the Pkg-libburnia-devel mailing list