ant-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steve Loughran <ste...@apache.org>
Subject handling of malformed zip/tar/bzip files
Date Tue, 18 Mar 2008 12:10:05 GMT


There's now a test suite of fuzzed archive files to run past 
decompression tools, to see how they handle it

https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html

We may not be vulnerable to buffer overflows, but we should still test 
for bad files and reject them.


-- 
Steve Loughran                  http://www.1060.org/blogxter/publish/5
Author: Ant in Action           http://antbook.org/

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ant.apache.org
For additional commands, e-mail: dev-help@ant.apache.org


Mime
View raw message