[Bug tools/21311] eu-elflint: heap-based buffer overflow in check_sysv_hash (elflint.c)

mark at klomp dot org sourceware-bugzilla@sourceware.org
Mon Apr 3 22:23:00 GMT 2017


--- Comment #2 from Mark Wielaard <mark at klomp dot org> ---
commit 61fe61898747f63eb35a81c2261f3590a3dab8fd
Author: Mark Wielaard <mark@klomp.org>
Date:   Tue Mar 28 00:38:52 2017 +0200

    elflint: Don't trust sh_entsize when checking hash sections.

    Calculate and use the expected entsize instead of relying on the one
    given by the ELF file section header. Return early if there isn't enough
    data in the section to check the full hash table.


    Signed-off-by: Mark Wielaard <mark@klomp.org>

You are receiving this mail because:
You are on the CC list for the bug.

More information about the Elfutils-devel mailing list