[Bug libdw/26773] sleb128 values near INT64_MAX/MIN not correctly read

jistone at redhat dot com sourceware-bugzilla@sourceware.org
Thu Oct 22 23:46:57 GMT 2020


Josh Stone <jistone at redhat dot com> changed:

           What    |Removed                     |Added
                 CC|                            |jistone at redhat dot com

--- Comment #2 from Josh Stone <jistone at redhat dot com> ---
(In reply to Tom Tromey from comment #1)
> This limits the number of bytes read-- but it seems like
> it maybe ought to read until the first byte without the
> high bit set.

Beware, golang just dealt with a CVE for reading unlimited varints:

(But the context is different since that's used in stuff like protocol buffers
that may be streamed.)

You are receiving this mail because:
You are on the CC list for the bug.

More information about the Elfutils-devel mailing list