[Bug libelf/24081] Use-After-free Problem in elf32_xlatetom function in libelf
https://sourceware.org/bugzilla/show_bug.cgi?id=24081 Mark Wielaard changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED CC||mark at klomp dot org Resolution|--- |DUPLICATE --- Comment #2 from Mark Wielaard --- This is really just the same as https://sourceware.org/bugzilla/show_bug.cgi?id=24075 we should check the pr_datasz. *** This bug has been marked as a duplicate of bug 24075 *** -- You are receiving this mail because: You are on the CC list for the bug.
[Bug backends/24075] Program Crash due to Wild pointer Deference in ebl_object_note function in eblobjnote.c in libebl.
https://sourceware.org/bugzilla/show_bug.cgi?id=24075 --- Comment #2 from Mark Wielaard --- *** Bug 24081 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are on the CC list for the bug.
[Bug libelf/24085] An Out of Memory problem was discovered in function in read_long_names in elf_begin.c in libelf
https://sourceware.org/bugzilla/show_bug.cgi?id=24085 Mark Wielaard changed: What|Removed |Added CC||mark at klomp dot org --- Comment #2 from Mark Wielaard --- I am not sure this is a real issue. The read_long_names code does the following: newp = (char *) malloc (len); if (newp != NULL) And if it is newp NULL is returned, which is then interpreted as an error: /* No long name table although it is reference. The archive is broken. */ __libelf_seterrno (ELF_E_INVALID_ARCHIVE); return -1; There are also checks that no more data is read than there is in the file, so if len is really big and malloc still succeeds that is also flagged as a corrupt file. So, yeah, a malloc call might fail on an invalid file, but nothing bad will happen. If you do feel it is an issue. We could move up the size checks, so no malloc is done at all if len is really weird and we know the malloc would probably fail anyway. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug tools/24086] memory leak issues in eu-strip on invalid ELF file
https://sourceware.org/bugzilla/show_bug.cgi?id=24086 Mark Wielaard changed: What|Removed |Added CC||mark at klomp dot org Component|general |tools Summary|Multiple memory leak issues |memory leak issues in |were discovered in in |eu-strip on invalid ELF |libelf and libdwelf |file --- Comment #1 from Mark Wielaard --- This isn't a leak in any of the libraries. It is simply a "leak" when eu-strip exits early when an invalid ELF file is encountered. -- You are receiving this mail because: You are on the CC list for the bug.
