[Bug tools/21310] New: eu-elflint: heap-based buffer overflow in check_symtab_shndx (elflint.c)

ago at gentoo dot org Mon, 27 Mar 2017 03:36:05 -0700

https://sourceware.org/bugzilla/show_bug.cgi?id=21310


            Bug ID: 21310
           Summary: eu-elflint: heap-based buffer overflow in
                    check_symtab_shndx (elflint.c)
           Product: elfutils
           Version: unspecified
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: tools
          Assignee: unassigned at sourceware dot org
          Reporter: ago at gentoo dot org
                CC: elfutils-devel at sourceware dot org
  Target Milestone: ---

Created attachment 9944
  --> https://sourceware.org/bugzilla/attachment.cgi?id=9944&action=edit
stacktrace

On elfutils-0.168:

# eu-elflint -d $FILE
READ of size 4 at 0x60200000efd0 thread T0
    #0 0x4267eb in check_symtab_shndx
/tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/elflint.c:1961

Compiled with: gcc-6.3.0

Reproducer:
https://github.com/asarubbo/poc/blob/master/00234-elfutils-heapoverflow-check_symtab_shndx

Stacktrace attached.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug tools/21310] New: eu-elflint: heap-based buffer overflow in check_symtab_shndx (elflint.c)

Reply via email to