format string vulnerabilities in c++filt

Chris Rohlf Thu, 22 Nov 2007 12:53:39 -0800

Hi,

There are two format string vulnerabilities in c++filt program of binutils.


Line 66
printf (mangled_name);

and line 71
printf (result);

These are easily demonstrated by running c++filt on a symbol with the
correct format specifiers:

$./c++filt AAA%x.AAA%x.AAA%x.AAA%x.AAA
AAAb.AAA804be40.AAA0.AAAbfbe82d0.AAA

Thanks!

chris
http://em386.blogspot.com


_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-binutils

format string vulnerabilities in c++filt

Reply via email to