This does not affect the current git head code, but it affects the release
4.13.0.1. It's been reported before to the red hat security team and publicly
here:
https://blog.fuzzing-project.org/52-Multiple-vulnerabilities-in-RPM-and-a-rant.html
[rpm-stackoverflow-glob.zip](https://github.com/rpm-software-management/rpm/files/782965/rpm-stackoverflow-glob.zip)
ASAN stack trace:
```
==16566==ERROR: AddressSanitizer: dynamic-stack-buffer-overflow on address
0x7ffe01660342 at pc 0x7fe28839a527 bp 0x7ffe01660310 sp 0x7ffe01660308
WRITE of size 1 at 0x7ffe01660342 thread T0
#0 0x7fe28839a526 in glob
/mnt/ram/rpm-rpm-4.13.0.1-release/rpmio/rpmglob.c:342:7
#1 0x7fe288393eec in rpmGlob
/mnt/ram/rpm-rpm-4.13.0.1-release/rpmio/rpmglob.c:875:7
#2 0x7fe2886bfe4a in rpmReadPackageManifest
/mnt/ram/rpm-rpm-4.13.0.1-release/lib/manifest.c:117:14
#3 0x7fe2887275e8 in tryReadManifest
/mnt/ram/rpm-rpm-4.13.0.1-release/lib/rpminstall.c:319:10
#4 0x7fe2887275e8 in rpmInstall
/mnt/ram/rpm-rpm-4.13.0.1-release/lib/rpminstall.c:537
#5 0x50b446 in main /mnt/ram/rpm-rpm-4.13.0.1-release/rpmqv.c:294:12
#6 0x7fe2860db1e0 in __libc_start_main
/var/tmp/portage/sys-libs/glibc-2.24-r1/work/glibc-2.24/csu/../csu/libc-start.c:289
#7 0x41a429 in _start (/mnt/ram/rpm-rpm-4.13.0.1-release/.libs/rpm+0x41a429)
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/156_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
