Infinite memory usage with ExtractionTool on Microsoft Cabinet due to the next cabinet being labeled as itself #15

New Issue

claunia · 2026-01-29T21:16:34Z

claunia commented

2026-01-29 21:16:34 +00:00

Originally created by @HeroponRikiBestest on GitHub (Nov 13, 2025).

Originally assigned to: @mnadareski on GitHub.

When attempting to read simple.cab (simple.cab.zip) from inside BurnOutSharpTestingFiles/FileType/MSI/v4/antimicro-2.21-win32-fixedSDL.msi, ExtractionTool will use an infinite amount of memory until your OS crashes or it gets killed. This issue occurs because f7fd2f6f65/SabreTools.Serialization/Readers/MicrosoftCabinet.cs (L151) reads header.CabinetNext as "simple.cab", which is itself. This means that, when extraction is attempted, the loop that reads the next cabinet at f7fd2f6f65/SabreTools.Serialization/Wrappers/MicrosoftCabinet.Extraction.cs (L69) loops forever because it is always the next cabinet, using more and more memory as it does so. I think the cabinet itself uses LZX compression anyways, so nothing would get extracted even if it succeeded, but the main concern is just that it gets stuck until it runs out of memory, since that means BOS will do the same thing.

Originally created by @HeroponRikiBestest on GitHub (Nov 13, 2025). Originally assigned to: @mnadareski on GitHub. When attempting to read simple.cab ([simple.cab.zip](https://github.com/user-attachments/files/23532116/simple.cab.zip)) from inside `BurnOutSharpTestingFiles/FileType/MSI/v4/antimicro-2.21-win32-fixedSDL.msi`, ExtractionTool will use an infinite amount of memory until your OS crashes or it gets killed. This issue occurs because https://github.com/SabreTools/SabreTools.Serialization/blob/f7fd2f6f65f2022175636a10be328646ee300cc7/SabreTools.Serialization/Readers/MicrosoftCabinet.cs#L151 reads header.CabinetNext as "simple.cab", which is itself. This means that, when extraction is attempted, the loop that reads the next cabinet at https://github.com/SabreTools/SabreTools.Serialization/blob/f7fd2f6f65f2022175636a10be328646ee300cc7/SabreTools.Serialization/Wrappers/MicrosoftCabinet.Extraction.cs#L69 loops forever because it is always the next cabinet, using more and more memory as it does so. I think the cabinet itself uses LZX compression anyways, so nothing would get extracted even if it succeeded, but the main concern is just that it gets stuck until it runs out of memory, since that means BOS will do the same thing.

claunia closed this issue

2026-01-29 21:16:34 +00:00

claunia commented

2026-01-29 21:16:34 +00:00

@mnadareski commented on GitHub (Nov 13, 2025):

First attempt to address: f2f0d0f2e7

Worth mentioning that technically compression does not need to be consistent on an entire cabinet set.

@mnadareski commented on GitHub (Nov 13, 2025): First attempt to address: https://github.com/SabreTools/SabreTools.Serialization/commit/f2f0d0f2e7a5ca0f99df56fe478cc3e4a19a440b Worth mentioning that technically compression does not need to be consistent on an entire cabinet set.

claunia commented

2026-01-29 21:16:35 +00:00

@mnadareski commented on GitHub (Nov 13, 2025):

As reported in Discord, this seems to have been fixed.

@mnadareski commented on GitHub (Nov 13, 2025): As reported in Discord, this seems to have been fixed.

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: SabreTools/SabreTools.Serialization#15