14

I will never forget that screenshot of a corrupt jar file viewed in 7-Zip containing something with a compressed size of 19 bytes, which would result in more than 1 TB uncompressed
Things like these are why I'm still breathing

Comments
  • 13
    That's a "zip" bomb and specifically crafted
  • 2
    I made a few RLEs like that.
  • 2
    There is c-code which is, when compiled with gcc and special arguments, results in a 4 GB Binary.
  • 1
    @Kimmax No, that was the result of a CI pipeline. That wasn't a zip bomb, it was corrupted. Can't provide further details without breaking an NDA
  • 2
    @kescherRant so basically an accidental zipbomb then?
  • 1
    @Demolishun It showed up as LZMA with broken parameters in 7-Zip. I don't think it can be recreated in a valid way. Not even a valid .jar in the first place.
  • 1
  • 4
    @Demolishun Or just read the format specs. It's easy to make. RLE is like trivial.
  • 0
    my god, please show me that
Add Comment