Summary: | Unchecked strnlen operation in bfd_get_debug_link_info_1 (./src/bfd/opncls.c) | ||
---|---|---|---|
Product: | binutils | Reporter: | probefuzzer <probefuzzer> |
Component: | binutils | Assignee: | Not yet assigned to anyone <unassigned> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | jeremip11, nickc |
Priority: | P2 | ||
Version: | 2.30 | ||
Target Milestone: | --- | ||
Host: | Target: | ||
Build: | Last reconfirmed: |
Description
probefuzzer
2018-02-06 08:43:44 UTC
The master branch has been updated by Nick Clifton <nickc@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=64e234d417d5685a4aec0edc618114d9991c031b commit 64e234d417d5685a4aec0edc618114d9991c031b Author: Nick Clifton <nickc@redhat.com> Date: Tue Feb 6 15:48:29 2018 +0000 Prevent attempts to call strncpy with a zero-length field by chacking the size of debuglink sections. PR 22794 * opncls.c (bfd_get_debug_link_info_1): Check the size of the section before attempting to read it in. (bfd_get_alt_debug_link_info): Likewise. Thanks for reporting this bug. I have applied a small patch to check the size of the debuglink sections before attempting to load their contents. Cheers Nick |