This is the mail archive of the
elfutils-devel@sourceware.org
mailing list for the elfutils project.
[Bug tools/25069] AddressSanitizer: heap-buffer-overflow at libdwelf/dwelf_strtab.c:284
- From: "mark at klomp dot org" <sourceware-bugzilla at sourceware dot org>
- To: elfutils-devel at sourceware dot org
- Date: Tue, 29 Oct 2019 14:48:33 +0000
- Subject: [Bug tools/25069] AddressSanitizer: heap-buffer-overflow at libdwelf/dwelf_strtab.c:284
- Auto-submitted: auto-generated
- References: <bug-25069-10460@http.sourceware.org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=25069
Mark Wielaard <mark at klomp dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
--- Comment #6 from Mark Wielaard <mark at klomp dot org> ---
commit b2dddd3389a8005a7e93bc21b2932156899e1aac
Author: Mark Wielaard <mark@klomp.org>
Date: Sat Oct 26 22:54:49 2019 +0200
unstrip: Check symbol strings are terminated.
A corrupt ELF file could contain a .strtab section that wasn't
properly zero terminated. If so we could add a non-terminated string
to the dwelf_strtab functions, which could then crash because they
would read past the .strtab section data.
https://sourceware.org/bugzilla/show_bug.cgi?id=25069
Signed-off-by: Mark Wielaard <mark@klomp.org>
--
You are receiving this mail because:
You are on the CC list for the bug.