vulnerabilities in libbfd (CVE-2014-beats-me)
Pedro Alves
palves@redhat.com
Thu Oct 30 14:34:00 GMT 2014
On 10/30/2014 01:09 PM, Yury Gribov wrote:
> On 10/30/2014 02:01 PM, Nicholas Clifton wrote:
>> Hi Maciej, Hi Michal,
>> It is true however that there are still vulnerabilities in libbfd, and I
>> for one would happy to see new bug reports exposing them. I can assure
>> you that any such bug report reaching me will be treated seriously, and
>> will be investigated and fixed as soon as possible.
>
> We could cook a (simple) ELF fuzzer and run it on Binutils with
> AddressSanitizer enabled. Perhaps there is one I'm unaware of?
I've heard of Melkor - an ELF file format fuzzer. See:
https://www.blackhat.com/us-14/arsenal.html#Hernandez
I believe Petr Machata (in CC now) ran this against elfutils, and
it indeed exposed some bugs.
> Traditional fuzzers like afl are necessarily limited for highly
> structured inputs.
Thanks,
Pedro Alves
More information about the Binutils
mailing list