Re: readelf: fix out-of-bounds error

> Date: Tue, 23 Oct 2018 23:45:55 +0200 > From: Christian Weisgerber > > I ran across this: > > $ readelf -h /usr/local/bin/w3m > ... > readelf(71968) in free(): bogus pointer (double free?) 0x1 > Abort trap (core dumped) > > In readelf.c there's a static arrary: > > static bfd_vma

readelf: fix out-of-bounds error

I ran across this: $ readelf -h /usr/local/bin/w3m ... readelf(71968) in free(): bogus pointer (double free?) 0x1 Abort trap (core dumped) In readelf.c there's a static arrary: static bfd_vma dynamic_info[DT_JMPREL + 1]; Later this array is written to like this: switch