[Bug tools/21320] New: eu-elflint: heap-based buffer overflow in check_group (elflint.c)

ago at gentoo dot org Tue, 28 Mar 2017 01:36:07 -0700

https://sourceware.org/bugzilla/show_bug.cgi?id=21320


            Bug ID: 21320
           Summary: eu-elflint: heap-based buffer overflow in check_group
                    (elflint.c)
           Product: elfutils
           Version: unspecified
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: tools
          Assignee: unassigned at sourceware dot org
          Reporter: ago at gentoo dot org
                CC: elfutils-devel at sourceware dot org
  Target Milestone: ---

Created attachment 9952
  --> https://sourceware.org/bugzilla/attachment.cgi?id=9952&action=edit
stacktrace

On elfutils-0.168:

# eu-elflint -d $FILE
READ of size 4 at 0x60200000efd0 thread T0
    #0 0x41a39e in check_group
/tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/elflint.c:2664

Compiled with: gcc-6.3.0

Reproducer:
https://github.com/asarubbo/poc/blob/master/00247-elfutils-heapoverflow-check_group

Stacktrace attached.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug tools/21320] New: eu-elflint: heap-based buffer overflow in check_group (elflint.c)

Reply via email to