Hi
I found this problem with p7zip 16.02 on Ubuntu. It is possible to get heap overflow when extracting squashfs files. In NWindows::NFile::NIO::CInFile::Read, it may write large amount of data to a buffer on heap, which causes heap overflow. In my example, bytesToRead is 402672052 but the size of buffer is only 131072.
I won't put the output for address sanitizer or example file here so please reply if you want the example file. Thanks a lot !
Yes, it was reported before.
I've fixed it for next 7-Zip.
Please change ticket to "private"