[Bug ld/20906] LD: ld crashes for malformed inputs
https://sourceware.org/bugzilla/show_bug.cgi?id=20906 --- Comment #4 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Alan Modra : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6ef4fa071e2c25b71e81a91646b43378cf957388 commit 6ef4fa071e2c25b71e81a91646b43378cf957388 Author: Alan Modra Date: Wed Nov 3 16:21:42 2021 +1030 asan: dlltool buffer overflow: embedded NUL in string yyleng gives the pattern length, xstrdup just copies up to the NUL. So it is quite possible writing at an index of yyleng-2 overflows the xstrdup allocated string buffer. xmemdup quite handily avoids this problem, even writing the terminating NUL over the trailing quote. Use it in ldlex.l too where we'd already had a report of this problem and fixed it by hand, and to implement xmemdup0 in gas. binutils/ * deflex.l (single and double quote strings): Use xmemdup. gas/ * as.h (xmemdup0): Use xmemdup. ld/ PR 20906 * ldlex.l (double quote string): Use xmemdup. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/20906] LD: ld crashes for malformed inputs
https://sourceware.org/bugzilla/show_bug.cgi?id=20906 Thuan Pham changed: What|Removed |Added CC||thuanpv at comp dot nus.edu.sg --- Comment #3 from Thuan Pham --- This is CVE-2017-7227 -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/20906] LD: ld crashes for malformed inputs
https://sourceware.org/bugzilla/show_bug.cgi?id=20906 Nick Clifton changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED CC||nickc at redhat dot com Resolution|--- |FIXED --- Comment #2 from Nick Clifton --- Hi Marcel, Thanks for reporting this bug. I have checked in a small patch to the linker script parser which should fix the problem. Cheers Nick -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/20906] LD: ld crashes for malformed inputs
https://sourceware.org/bugzilla/show_bug.cgi?id=20906 --- Comment #1 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Nick Clifton: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=406bd128dba2a59d0736839fc87a59bce319076c commit 406bd128dba2a59d0736839fc87a59bce319076c Author: Nick Clifton Date: Mon Dec 5 16:00:43 2016 + Fix seg-fault in linker when passed a bogus input script. PR ld/20906 * ldlex.l: Check for bogus strings in linker scripts. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils