Hi,
There are two format string vulnerabilities in c++filt program of binutils.
Line 66
printf (mangled_name);
and line 71
printf (result);
These are easily demonstrated by running c++filt on a symbol with the
correct format specifiers:
$./c++filt AAA%x.AAA%x.AAA%x.AAA%x.AAA
AAAb.AAA804be40.AA
--- Additional Comments From gcc at dixie dot net dot nz 2007-11-22 19:34
---
Created an attachment (id=2105)
--> (http://sourceware.org/bugzilla/attachment.cgi?id=2105&action=view)
patch against 2.17
I don't know how to structure the patch properly for binutils standards and
portabili
