Summary: | Heap buffer overflow in bfd/peicode.h | ||
---|---|---|---|
Product: | binutils | Reporter: | Thuan Pham <thuanpv> |
Component: | binutils | Assignee: | Not yet assigned to anyone <unassigned> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | boehme.marcel, nickc |
Priority: | P2 | ||
Version: | 2.28 | ||
Target Milestone: | --- | ||
Host: | Target: | ||
Build: | Last reconfirmed: |
Description
Thuan Pham
2016-12-02 06:29:31 UTC
The master branch has been updated by Nick Clifton <nickc@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=fa6631b4eecfcca00c13b9594e6336dffd40982f commit fa6631b4eecfcca00c13b9594e6336dffd40982f Author: Nick Clifton <nickc@redhat.com> Date: Mon Dec 5 16:34:45 2016 +0000 Fix seg-fault in the binutils utilities when reading a corrupt input file. PR binutils/20905 * peicode.h (pe_ILF_object_p): Use strnlen to avoid running over the end of the string buffer. Hi Thuan, Thanks for reporting this bug. I have checked in a patch to prevent the code from trying to read of the end of buffer, which should fix this problem. Cheers Nick This is CVE-2017-7226 |