https://sourceware.org/bugzilla/show_bug.cgi?id=34139
Bug ID: 34139
Summary: OOB read in dwarf_getsrclines.c: missing bounds check
before minimum_instr_len
Product: elfutils
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: libdw
Assignee: unassigned at sourceware dot org
Reporter: karankurani3k at gmail dot com
CC: elfutils-devel at sourceware dot org
Target Milestone: ---
Fixed in commit 4265eed0cbd1ae08d822871d4592fd0d835b8d1f
The .debug_line header parser reads minimum_instr_len without
checking one byte remains after consuming header_length.
Crafted .debug_line section can trigger one-byte OOB read.
Reported via elfutils-devel on May 9. Fix pushed by Mark Wielaard.
Reported-by: Karan Kurani
--
You are receiving this mail because:
You are on the CC list for the bug.
