[Bug general/23542] heap-buffer-overflow in /elfutils/src/elflint.c:2055 check_sysv_hash

https://sourceware.org/bugzilla/show_bug.cgi?id=23542 Mark Wielaard changed: What|Removed |Added CC||mark at klomp dot org --- Comment #1

[Bug libdw/23541] heap-buffer-overflow in /elfutils/libdw/dwarf_getaranges.c:156

https://sourceware.org/bugzilla/show_bug.cgi?id=23541 Mark Wielaard changed: What|Removed |Added CC||mark at klomp dot org --- Comment #1

Re: [PATCH] libelf/elf_end.c: check data_list.data.d.d_buf before free it

Hi Robert, [I don't have very good internet connectivity so cannot easily get all the bits and sources to replicate/inspect. So apologies if I am misinterpreting something.] On Fri, Aug 17, 2018 at 04:25:07PM +0800, Robert Yang wrote: > On 08/17/2018 03:25 AM, Mark Wielaard wrote: > > On Thu, A

Re: [PATCH] libelf/elf_end.c: check data_list.data.d.d_buf before free it

[rereading, two prelink commands got missing and diff ones were garbled in the sequence below, losing consequentiality, sorry] On 16/08/18 22:15 +0200, Jan Pokorný wrote: > Out of curiousity, tried this on my Fedora machine without any > success to reproduce: > > # dnf install -y libqb > https

Re: [PATCH] libelf/elf_end.c: check data_list.data.d.d_buf before free it

On 08/17/2018 03:25 AM, Mark Wielaard wrote: Hi, On Thu, Aug 16, 2018 at 10:34:23AM +0800, Robert Yang wrote: The one which actually saves the data is data_list.data.d.d_buf, so check it before free rawdata_base. This can fix a segmentation fault when prelink libqb_1.0.3: prelink: /usr/lib/