[Bug libdw/24102] A Heap-buffer-overflow problem was discovered in the function read_srclines in dwarf_getsrclines.c in libdw

https://sourceware.org/bugzilla/show_bug.cgi?id=24102 --- Comment #5 from Mark Wielaard --- Apparently this bug got assigned CVE-2019-7149 -- You are receiving this mail because: You are on the CC list for the bug.

[Bug libdw/24103] dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated

https://sourceware.org/bugzilla/show_bug.cgi?id=24103 --- Comment #4 from Mark Wielaard --- Apparently this bug got assigned CVE-2019-7150 -- You are receiving this mail because: You are on the CC list for the bug.

Re: [PATCHv1 0/2] specify a sysroot to search when examining a core file

Hi Luke, (BTW. Note that HTML emails will get dropped, you should get a bounce from the mailinglist.) On Tue, 2019-01-29 at 19:46 +, Luke Diamand wrote: > Thanks for the comments on the other emails, I'll rework my patch to > incorporate them. > > I've got a small test case I've been using w

Re: [PATCH elfutils 2/2] [tests] parse inode in /proc/pid/maps correctly in run-backtrace-data.sh

On Tue, Jan 29, 2019 at 09:23:39PM +, Yonghong Song wrote: > On 1/29/19 12:50 PM, Mark Wielaard wrote: > > On Fri, Jan 25, 2019 at 01:20:09PM -0800, Yonghong Song wrote: > >> The backtrace-data.c parsed the inode in /proc/pid/maps with > >> format "%*x". > >> This caused failure if inode is big

Re: [PATCH elfutils] [tests] parse inode in /proc/pid/maps/correctly in run-backtrace-data.sh

On Tue, Jan 29, 2019 at 01:33:03PM -0800, Yonghong Song wrote: > The backtrace-data.c parsed the inode in /proc/pid/maps with > format "%*x". > This caused failure if inode is big. For example, > 7f269223d000-7f269226b000 r-xp 00:50 10224326387095067468 > /home/... > > The error

Re: [PATCH elfutils 2/2] [tests] parse inode in /proc/pid/maps correctly in run-backtrace-data.sh

On Thu, Jan 31, 2019 at 10:14:32PM +0100, Mark Wielaard wrote: > So your fix is correct. > But the testcase is also slightly wrong. > It really shouldn't check errno if the function didn't fail. > There is no guarantee that it will be zero. So, even though it found a bug, I am removing these asser

Re: [PATCH] configure: Add new --enable-install-elfh option.

On Wed, Jan 30, 2019 at 09:54:53AM +, Ulf Hermann wrote: > > Yes, it should indeed. > > I used a slightly different solution though. > > It relies on the default include flags already including the srcdirs. > > Does that work for your use case too? (See revised patch attached.) > > I'm not an

[Bug tools/24116] A Heap-buffer-overflow problem was discovered in the function print_debug_line_section in readelf.c

https://sourceware.org/bugzilla/show_bug.cgi?id=24116 --- Comment #4 from wcventure --- (In reply to Mark Wielaard from comment #3) Not completely repaired. Here is the Regression test case. -- You are receiving this mail because: You are on the CC list for the bug.

[Bug tools/24116] A Heap-buffer-overflow problem was discovered in the function print_debug_line_section in readelf.c

https://sourceware.org/bugzilla/show_bug.cgi?id=24116 --- Comment #5 from wcventure --- Created attachment 11581 --> https://sourceware.org/bugzilla/attachment.cgi?id=11581&action=edit Regression -- You are receiving this mail because: You are on the CC list for the bug.