Public bug reported:
Running zip command with -T -TT arguments causes zip process to crash
due to buffer overflow. See below:
$ zip a.zip /etc/hosts -T -TT "ls"
adding: etc/hosts (deflated 35%)
*** buffer overflow detected ***: terminated
zip error: Interrupted (aborting)
free(): double free detected in tcache 2
$ lsb_release -rd
OS: Ubuntu 24.04.1 LTS
$ apt-cache policy zip
zip:
Installed: 3.0-13ubuntu0.1
Candidate: 3.0-13ubuntu0.1
Version table:
*** 3.0-13ubuntu0.1 500
500 http://pl.archive.ubuntu.com/ubuntu noble-updates/main amd64
Packages
100 /var/lib/dpkg/status
3.0-13build1 500
500 http://pl.archive.ubuntu.com/ubuntu noble/main amd64 Packages
In addition to that I tested various docker images - here are the results:
-
ubuntu:24.10@sha256:102bc1874fdb136fc2d218473f03cf84135cb7496fefdb9c026c0f553cfe1b6d
- zip 3.0-14ubuntu0.1 - issue occurs
-
ubuntu:24.04@sha256:80dd3c3b9c6cecb9f1667e9290b3bc61b78c2678c02cbdae5f0fea92cc6734ab
- zip 3.0-13ubuntu0.1 - issue occurs
-
ubuntu:20.04@sha256:8e5c4f0285ecbb4ead070431d29b576a530d3166df73ec44affc1cd27555141b
- zip 3.0-11build1 - issue does not occur
-
debian:bookworm@sha256:b877a1a3fdf02469440f1768cf69c9771338a875b7add5e80c45b756c92ac20a
- zip 3.0-13 - issue does not occur
** Affects: zip (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2093024
Title:
zip crashes when using options -T and -TT
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/zip/+bug/2093024/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
