Description of problem: Cabextract goes into an infinite loop when trying to expand a special crafted .cab file as attached. This seems to originate in a bug in the embeded libmspack. Contrary to the report, clamav doesn't show this behavior. See bug # 15155 This causes a security issue in amavisd and can cause a DoS attack. http://openwall.com/lists/oss-security/2015/02/03/12 http://lwn.net/Vulnerabilities/631508/ http://lists.opensuse.org/opensuse-updates/2015-02/msg00004.html Version-Release number of selected component (if applicable): 1.5 How reproducible: every time Steps to Reproduce: 1. save the attached hang.cab file and run cabextract hang.cab. 2. you will get the output: Extracting cabinet: hang.cab extracting limeric 3. Here it hangs and I had to cancel it after two hours. Reproducible: Steps to Reproduce:
Created attachment 5861 [details] file that causes the infinite loop
Priority: Normal => HighStatus: NEW => ASSIGNEDCC: (none) => thomasAssignee: bugsquad => shlomif
Already fixed. *** This bug has been marked as a duplicate of bug 15193 ***
Status: ASSIGNED => RESOLVEDResolution: (none) => DUPLICATE