This is the mail archive of the elfutils-devel@sourceware.org mailing list for the elfutils project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug libdw/24102] A Heap-buffer-overflow problem was discovered in the function read_srclines in dwarf_getsrclines.c in libdw


https://sourceware.org/bugzilla/show_bug.cgi?id=24102

Mark Wielaard <mark at klomp dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|---                         |FIXED

--- Comment #4 from Mark Wielaard <mark at klomp dot org> ---
commit 2562759d6fe5b364fe224852e64e8bda39eb2e35
Author: Mark Wielaard <mark@klomp.org>
Date:   Sun Jan 20 22:10:18 2019 +0100

    libdw: Check terminating NUL byte in dwarf_getsrclines for dir/file table.

    For DWARF version < 5 the .debug_line directory and file tables consist
    of a terminating NUL byte after all strings. The code used to just skip
    this without checking it actually existed. This could case a spurious
    read past the end of data.

    Fix the same issue in readelf.

    https://sourceware.org/bugzilla/show_bug.cgi?id=24102

    Signed-off-by: Mark Wielaard <mark@klomp.org>

Pushed to master.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]