0000605: Uncontrolled Memory Allocation in

ID	Project	Category	View Status	Date Submitted	Last Update

0000605	file	General	public	2025-01-04 09:26	2025-01-30 18:58

Reporter	YancyLii	Assigned To	christos
Priority	high	Severity	major	Reproducibility	always
Status	feedback	Resolution	open
Product Version	5.45

Summary	0000605: Uncontrolled Memory Allocation in
Description	A potential out-of-memory crash occurs in the libmagic project when processing malformed input through the function uncompressxzlib. The issue is triggered by the absence of proper input validation or resource limits, causing the liblzma library to attempt a massive memory allocation (malloc(2147483648) = 2GB) and crash.
Steps To Reproduce	1. Download the tar.gz file and decompress it, then (sudo) execute shell script 2. ./Test_libmagic_1 oom-fed84141c516fcdbb9961ba3a30fa85e41e569a1 3. Observe the error message
Tags	libmagic

YancyLii 2025-01-04 09:26 reporter	Test_libmagic_oom.tar.gz (1,070 bytes)

christos 2025-01-30 18:58 manager ~0004173	Can't reproduce: [1:57pm] 345>limit memoryuse 500m [1:57pm] 346>./Test_libmagic_1 oom-fed84141c516fcdbb9961ba3a30fa85e41e569a1 INFO: Seed: 12437783 INFO: Loaded 1 modules (8 inline 8-bit counters): 8 [0x5c3215, 0x5c321d), INFO: Loaded 1 PC tables (8 PCs): 8 [0x597a80,0x597b00), ./Test_libmagic_1: Running 1 inputs 1 time(s) each. Running: oom-fed84141c516fcdbb9961ba3a30fa85e41e569a1 Executed oom-fed84141c516fcdbb9961ba3a30fa85e41e569a1 in 12 ms * * NOTE: fuzzing was not performed, you have only * executed the target code on a fixed set of inputs. *

Date Modified	Username	Field	Change
2025-01-04 09:26	YancyLii	New Issue
2025-01-04 09:26	YancyLii	Tag Attached: libmagic
2025-01-04 09:26	YancyLii	File Added: Test_libmagic_oom.tar.gz
2025-01-30 18:57	christos	Assigned To	=> christos
2025-01-30 18:57	christos	Status	new => assigned
2025-01-30 18:58	christos	Status	assigned => feedback
2025-01-30 18:58	christos	Note Added: 0004173