This is the mail archive of the mailing list for the binutils project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: vulnerabilities in libbfd (CVE-2014-beats-me)

On 10/30/2014 02:01 PM, Nicholas Clifton wrote:
Hi Maciej, Hi Michal,

$ wget

FYI, this test case has now been fixed.

In any case: the bottom line is that if you are used to running
strings on random files, or depend on any libbfd-based tools for
forensic purposes, you should probably change your habits. For strings
specifically, invoking it with the -a parameter seems to inhibit the
use of libbfd. Distro vendors may want to consider making the -a mode
default, too.

There are also alternatives to the GNU Binutils strings program.
eu-strings for example, or even "od -S 4".

It is true however that there are still vulnerabilities in libbfd, and I
for one would happy to see new bug reports exposing them.  I can assure
you that any such bug report reaching me will be treated seriously, and
will be investigated and fixed as soon as possible.

We could cook a (simple) ELF fuzzer and run it on Binutils with AddressSanitizer enabled. Perhaps there is one I'm unaware of? Traditional fuzzers like afl are necessarily limited for highly structured inputs.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]