[Bug tools/21300] New: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c)

ago at gentoo dot org Fri, 24 Mar 2017 02:16:50 -0700

https://sourceware.org/bugzilla/show_bug.cgi?id=21300


            Bug ID: 21300
           Summary: heap-based buffer overflow in
                    ebl_object_note_type_name (eblobjnotetypename.c)
           Product: elfutils
           Version: unspecified
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: tools
          Assignee: unassigned at sourceware dot org
          Reporter: ago at gentoo dot org
                CC: elfutils-devel at sourceware dot org
  Target Milestone: ---

Created attachment 9937
  --> https://sourceware.org/bugzilla/attachment.cgi?id=9937&action=edit
stacktrace

On elfutils-0.168:

# eu-readelf -a $FILE
READ of size 1 at 0x60200000ef9c thread T0
    #1 0x4f63a7 in ebl_object_note_type_name
/tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/libebl/eblobjnotetypename.c:48

Compiled with: gcc-6.3.0

Reproducer:
https://github.com/asarubbo/poc/blob/master/00226-elfutils-heapoverflow-ebl_object_note_type_name

Stacktrace attached.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug tools/21300] New: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c)

Reply via email to