#222 Heap overflow in Squashfs Handler file

[Yu Han]

Hi

I found this problem with p7zip 16.02 on Ubuntu. It is possible to get heap overflow when extracting squashfs files. In NWindows::NFile::NIO::CInFile::Read, it may write large amount of data to a buffer on heap, which causes heap overflow. In my example, bytesToRead is 402672052 but the size of buffer is only 131072.

I won't put the output for address sanitizer or example file here so please reply if you want the example file. Thanks a lot !

[Igor Pavlov]

Yes, it was reported before.
I've fixed it for next 7-Zip.
Please change ticket to "private"