Hi,
On Mon, 20 Feb 2023 at 19:03, Aleksei Vetrov wrote:
> On Mon, Feb 20, 2023 at 3:55 PM Mark Wielaard wrote:
> >
> > .debug sections are raw bytes and don't need conversion even when host
> > and file have different endian order.
>
> Thank you! I like this patch more for its simplicity, looks
Comment #1 on issue 56179 by evv...@gmail.com: elfutils:fuzz-libdwfl:
Use-of-uninitialized-value in check_section
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56179#c1
It's a duplicate of https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56134
as far as I can tell. I'm not sure wh
Status: New
Owner:
CC: elfut...@sourceware.org, da...@adalogics.com, evv...@gmail.com,
izz...@google.com
Labels: ClusterFuzz Reproducible Stability-Memory-MemorySanitizer
Engine-libfuzzer OS-Linux Security_Severity-Medium Proj-elfutils
Reported-2023-02-20
Type: Bug-Security
New issue 5617
Hello, Mark
On Mon, Feb 20, 2023 at 3:55 PM Mark Wielaard wrote:
>
> .debug sections are raw bytes and don't need conversion even when host
> and file have different endian order.
Thank you! I like this patch more for its simplicity, looks good to me.
.debug sections are raw bytes and don't need conversion even when host
and file have different endian order.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 4
libdw/dwarf_begin_elf.c | 5 +++--
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/libdw/ChangeLog b/libd
Otherwise some undefined bytes might be left in the buffer. Now they
might still be not useful, but at least they are as defined in the
file.
Signed-off-by: Mark Wielaard
---
ChangeLog | 4
libelf/gnuhash_xlate.h | 12 ++--
2 files changed, 14 insertions(+), 2 deletion
Hi,
The last fuzzer found some use (checking) of undefine/uninitialized
data. Either of these two patches will fix that:
[PATCH 1/2] libelf: memmove any extra bytes left by elf_cvt_gnuhash
[PATCH 2/2] libdw: Use elf_rawdata when checking .debug section
Note that the bad data wouldn't actually
Comment #1 on issue 56134 by evv...@gmail.com: elfutils:fuzz-libdwfl:
Use-of-uninitialized-value in check_section
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56134#c1
Below is the full backtrace
```
==2272==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x5fb3c7 in check_
Comment #2 on issue 56134 by evv...@gmail.com: elfutils:fuzz-libdwfl:
Use-of-uninitialized-value in check_section
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56134#c2
It can be confirmed with Valgrind:
```
wget -O OSS-FUZZ-56134
'https://oss-fuzz.com/download?testcase_id=672405714514
Hi Evgeny,
On Sun, 2023-02-19 at 21:34 +0300, Evgeny Vereshchagin via Elfutils-
devel wrote:
> OSS-Fuzz found https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56134
> introduced in fda09f5f188fb173b2123815be71ca4647a8adfb but for some
> reason it wasn't delivered to the mailing list. I opened
Hi,
OSS-Fuzz found https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56134
introduced in fda09f5f188fb173b2123815be71ca4647a8adfb but for some
reason it wasn't delivered to the mailing list. I opened
https://github.com/google/oss-fuzz/issues/9755 to figure out what went
wrong there but until t
Status: New
Owner:
CC: elfut...@sourceware.org, da...@adalogics.com, evv...@gmail.com,
izz...@google.com
Labels: ClusterFuzz Reproducible Stability-Memory-MemorySanitizer
Engine-libfuzzer OS-Linux Security_Severity-Medium Proj-elfutils
Reported-2023-02-19
Type: Bug-Security
New issue 5613
12 matches
Mail list logo
