[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/22303] readelf - Heap out of bounds read in byte_get_littl
|
From: |
cvs-commit at gcc dot gnu.org |
|
Subject: |
[Bug binutils/22303] readelf - Heap out of bounds read in byte_get_little_endian() |
|
Date: |
Wed, 18 Oct 2017 02:38:12 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=22303
--- Comment #1 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot
gnu.org> ---
The master branch has been updated by Alan Modra <address@hidden>:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5396a86e439653fb5cd714b955708250777a32e5
commit 5396a86e439653fb5cd714b955708250777a32e5
Author: Alan Modra <address@hidden>
Date: Wed Oct 18 12:05:39 2017 +1030
PR22303, print_core_note out of bounds read
The print_core_note change here fixes the PR, the rest is making
readelf a little more bombproof against maliciously crafted binaries.
PR 22303
* readelf.c (print_core_note): Ensure "count" sanity check
calculation doesn't overflow.
(process_notes_at): Perform note namesz and descsz checks
using unsigned comparisons against data remaining. Catch
alignment overflow of namesz and descsz too. Don't allocate a
temp for terminating "name" when there is space available
before descdata.
--
You are receiving this mail because:
You are on the CC list for the bug.