[File] Out-of-bounds read in is_tar.c from_oct implementation
Tobi Laskowski
tobil4sk at outlook.com
Mon May 11 16:17:48 EDT 2026
Dear maintainers,
While building libmagic on CheriBSD, I discovered a buffer overread in is_tar.c when enabling strict subobject bounds on the compiler. I have posted details about the bug on the bug tracker, along with a suggested patch: https://bugs.astron.com/view.php?id=767
I thought I would mention it here as well in case the tracker is not checked regularly.
Thanks,
Tobi
More information about the File
mailing list