[Bug binutils/21933] heap buffer overflow in elf_read_notes
https://sourceware.org/bugzilla/show_bug.cgi?id=21933 --- Comment #6 from cvs-commit at gcc dot gnu.org --- The binutils-2_29-branch branch has been updated by Nick Clifton : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=30326b094b8fc2594c76cf4beab70965afa7a111 commit 30326b094b8fc2594c76cf4beab70965afa7a111 Author: Nick Clifton Date: Fri Sep 1 10:17:00 2017 +0100 Check for an invalid note size when parsing ELF notes. PR 21933 PR 22060 * elf.c (elf_read_notes): Check for a note size of -1. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/21933] heap buffer overflow in elf_read_notes
https://sourceware.org/bugzilla/show_bug.cgi?id=21933 --- Comment #5 from Zhihua Yao <499671216 at qq dot com> --- This vulnerability has been applied for CVE-2017-10799, discovered by zhihua@dbappsecurity.com.cn -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/21933] heap buffer overflow in elf_read_notes
https://sourceware.org/bugzilla/show_bug.cgi?id=21933 Nick Clifton changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|--- |FIXED --- Comment #4 from Nick Clifton --- Hi Zhihua, Thanks for the extra information - with that I was able to reproduce the bug and I have now checked in a fix. Cheers Nick -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/21933] heap buffer overflow in elf_read_notes
https://sourceware.org/bugzilla/show_bug.cgi?id=21933 --- Comment #3 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Nick Clifton : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=957e1fc1c5d0262e4b2f764cf031ad1458446498 commit 957e1fc1c5d0262e4b2f764cf031ad1458446498 Author: Nick Clifton Date: Thu Aug 10 09:37:36 2017 +0100 Fix out of bounds memory access when trying to allocate space for a note of size -1. PR 21933 * elf.c (elf_read_notes): Check for a note size of -1. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/21933] heap buffer overflow in elf_read_notes
https://sourceware.org/bugzilla/show_bug.cgi?id=21933 --- Comment #2 from Zhihua Yao <499671216 at qq dot com> --- my configure: CC="afl-gcc" CFLAGS="-g -ggdb -fno-omit-frame-pointer -fsanitize=address" ./configure --disable-shared The command to trigger the vulnerability is "objdump -S heapbufferflow-objdump" My binutils is downloaded from hereļ¼ http://ftp.gnu.org/gnu/binutils/binutils-2.29.tar.xz The most important thing is that my palform is ubuntu x86. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/21933] heap buffer overflow in elf_read_notes
https://sourceware.org/bugzilla/show_bug.cgi?id=21933 Nick Clifton changed: What|Removed |Added CC||nickc at redhat dot com --- Comment #1 from Nick Clifton --- Hi Zhihua, I am sorry, but I am unable to reproduce this failure. Please could you tell us: 1. The command line used when you configured the binutils. 2. The objdump command line used to trigger the failure. 3. Which binutils sources were you using ? Specifically were you using the 2.29 branch sources or the 2.29 release sources in the tarball or the mainline developments sources ? Thanks very much. Cheers Nick -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils