subject:"\[Bug ld\/20906\] LD\: ld crashes for malformed inputs"

[Bug ld/20906] LD: ld crashes for malformed inputs

2021-11-03 Thread cvs-commit at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=20906

--- Comment #4 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by Alan Modra :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6ef4fa071e2c25b71e81a91646b43378cf957388

commit 6ef4fa071e2c25b71e81a91646b43378cf957388
Author: Alan Modra 
Date:   Wed Nov 3 16:21:42 2021 +1030

asan: dlltool buffer overflow: embedded NUL in string

yyleng gives the pattern length, xstrdup just copies up to the NUL.
So it is quite possible writing at an index of yyleng-2 overflows
the xstrdup allocated string buffer.  xmemdup quite handily avoids
this problem, even writing the terminating NUL over the trailing
quote.  Use it in ldlex.l too where we'd already had a report of this
problem and fixed it by hand, and to implement xmemdup0 in gas.

binutils/
* deflex.l (single and double quote strings): Use xmemdup.
gas/
* as.h (xmemdup0): Use xmemdup.
ld/
PR 20906
* ldlex.l (double quote string): Use xmemdup.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug ld/20906] LD: ld crashes for malformed inputs

2017-04-13 Thread thuanpv at comp dot nus.edu.sg

https://sourceware.org/bugzilla/show_bug.cgi?id=20906

Thuan Pham  changed:

   What|Removed |Added

 CC||thuanpv at comp dot nus.edu.sg

--- Comment #3 from Thuan Pham  ---
This is CVE-2017-7227

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug ld/20906] LD: ld crashes for malformed inputs

2016-12-05 Thread nickc at redhat dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=20906

Nick Clifton  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 CC||nickc at redhat dot com
 Resolution|--- |FIXED

--- Comment #2 from Nick Clifton  ---
Hi Marcel,

  Thanks for reporting this bug.

  I have checked in a small patch to the linker script parser which should fix
the problem.

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug ld/20906] LD: ld crashes for malformed inputs

2016-12-05 Thread cvs-commit at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=20906

--- Comment #1 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by Nick Clifton :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=406bd128dba2a59d0736839fc87a59bce319076c

commit 406bd128dba2a59d0736839fc87a59bce319076c
Author: Nick Clifton 
Date:   Mon Dec 5 16:00:43 2016 +

Fix seg-fault in linker when passed a bogus input script.

PR ld/20906
* ldlex.l: Check for bogus strings in linker scripts.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug ld/20906] LD: ld crashes for malformed inputs

[Bug ld/20906] LD: ld crashes for malformed inputs

[Bug ld/20906] LD: ld crashes for malformed inputs

[Bug ld/20906] LD: ld crashes for malformed inputs

4 matches

Site Navigation

Mail list logo

Footer information