[Bug binutils/21786] New: Stack-buffer-overflow in {coff,coff64}-rs6000.c

ned at forallsecure dot com Tue, 18 Jul 2017 18:01:34 -0700

https://sourceware.org/bugzilla/show_bug.cgi?id=21786


            Bug ID: 21786
           Summary: Stack-buffer-overflow in {coff,coff64}-rs6000.c
           Product: binutils
           Version: 2.30 (HEAD)
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: ned at forallsecure dot com
  Target Milestone: ---

Created attachment 10269
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10269&action=edit
testcase

`_bfd_xcoff_read_ar_hdr` and similar functions can call strtol on a string that
is not null-terminated, leading to an out of bounds read on the stack. See the
attached testcase.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21786] New: Stack-buffer-overflow in {coff,coff64}-rs6000.c

Reply via email to