[Bug binutils/21344] New: readelf: another heap-based buffer overflow in byte_get_little_endian (elfcomm.c)

ago at gentoo dot org Sat, 01 Apr 2017 12:05:40 -0700

https://sourceware.org/bugzilla/show_bug.cgi?id=21344


            Bug ID: 21344
           Summary: readelf: another heap-based buffer overflow in
                    byte_get_little_endian (elfcomm.c)
           Product: binutils
           Version: 2.28
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: ago at gentoo dot org
  Target Milestone: ---

Created attachment 9961
  --> https://sourceware.org/bugzilla/attachment.cgi?id=9961&action=edit
stacktrace

Hello,

on binutils 2.28, compiled with clang-4:

# readelf -a $FILE
==20287==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x602000000039 at pc 0x00000064c061 bp 0x7ffcc34b2580 sp 0x7ffcc34b2578
READ of size 1 at 0x602000000039 thread T0
    #0 0x64c060 in byte_get_little_endian
/tmp/portage/sys-devel/binutils-2.28/work/binutils-2.28/binutils/elfcomm.c:210:22

Reproducer:
https://github.com/asarubbo/poc/blob/master/00258-binutils-readelf-heapoverflow2-byte_get_little_endian


FTR: This bug is confirmed on master.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21344] New: readelf: another heap-based buffer overflow in byte_get_little_endian (elfcomm.c)

Reply via email to