[Bug tools/21311] New: eu-elflint: heap-based buffer overflow in check_sysv_hash (elflint.c)
ago at gentoo dot org
sourceware-bugzilla@sourceware.org
Mon Mar 27 10:40:00 GMT 2017
https://sourceware.org/bugzilla/show_bug.cgi?id=21311
Bug ID: 21311
Summary: eu-elflint: heap-based buffer overflow in
check_sysv_hash (elflint.c)
Product: elfutils
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: tools
Assignee: unassigned at sourceware dot org
Reporter: ago at gentoo dot org
CC: elfutils-devel at sourceware dot org
Target Milestone: ---
Created attachment 9945
--> https://sourceware.org/bugzilla/attachment.cgi?id=9945&action=edit
stacktrace
Hoping that it has not the same root cause of bug 21310.
On elfutils-0.168:
# eu-elflint -d $FILE
READ of size 4 at 0x60b00000aff4 thread T0
#0 0x40b36a in check_sysv_hash
/tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/elflint.c:2020
Compiled with: gcc-6.3.0
Reproducer:
https://github.com/asarubbo/poc/blob/master/00235-elfutils-heapoverflow-check_sysv_hash
Stacktrace attached.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Elfutils-devel
mailing list