This is the mail archive of the
elfutils-devel@sourceware.org
mailing list for the elfutils project.
[Bug tools/21299] New: heap-based buffer overflow in handle_gnu_hash (readelf.c)
- From: "ago at gentoo dot org" <sourceware-bugzilla at sourceware dot org>
- To: elfutils-devel at sourceware dot org
- Date: Fri, 24 Mar 2017 09:09:12 +0000
- Subject: [Bug tools/21299] New: heap-based buffer overflow in handle_gnu_hash (readelf.c)
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=21299
Bug ID: 21299
Summary: heap-based buffer overflow in handle_gnu_hash
(readelf.c)
Product: elfutils
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: tools
Assignee: unassigned at sourceware dot org
Reporter: ago at gentoo dot org
CC: elfutils-devel at sourceware dot org
Target Milestone: ---
Created attachment 9936
--> https://sourceware.org/bugzilla/attachment.cgi?id=9936&action=edit
stacktrace
On elfutils-0.168:
# eu-readelf -a $FILE
READ of size 4 at 0x611000009ffc thread T0
#0 0x421a8b in handle_gnu_hash
/tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/readelf.c:3268
Compiled with: gcc-6.3.0
Reproducer:
https://github.com/asarubbo/poc/blob/master/00225-elfutils-heapoverflow-handle_gnu_hash
Stacktrace attached.
--
You are receiving this mail because:
You are on the CC list for the bug.