Status: New
Owner:
CC: elfut...@sourceware.org, da...@adalogics.com, evv...@gmail.com,
izz...@google.com
Labels: ClusterFuzz Reproducible Stability-Memory-MemorySanitizer
Engine-libfuzzer OS-Linux Security_Severity-Medium Proj-elfutils
Reported-2023-02-19
Type: Bug-Security
New issue 5613
Hi,
OSS-Fuzz found https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56134
introduced in fda09f5f188fb173b2123815be71ca4647a8adfb but for some
reason it wasn't delivered to the mailing list. I opened
https://github.com/google/oss-fuzz/issues/9755 to figure out what went
wrong there but until t
Hi Evgeny,
On Sun, 2023-02-19 at 21:34 +0300, Evgeny Vereshchagin via Elfutils-
devel wrote:
> OSS-Fuzz found https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56134
> introduced in fda09f5f188fb173b2123815be71ca4647a8adfb but for some
> reason it wasn't delivered to the mailing list. I opened
Comment #2 on issue 56134 by evv...@gmail.com: elfutils:fuzz-libdwfl:
Use-of-uninitialized-value in check_section
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56134#c2
It can be confirmed with Valgrind:
```
wget -O OSS-FUZZ-56134
'https://oss-fuzz.com/download?testcase_id=672405714514
Comment #1 on issue 56134 by evv...@gmail.com: elfutils:fuzz-libdwfl:
Use-of-uninitialized-value in check_section
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56134#c1
Below is the full backtrace
```
==2272==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x5fb3c7 in check_
Hi,
The last fuzzer found some use (checking) of undefine/uninitialized
data. Either of these two patches will fix that:
[PATCH 1/2] libelf: memmove any extra bytes left by elf_cvt_gnuhash
[PATCH 2/2] libdw: Use elf_rawdata when checking .debug section
Note that the bad data wouldn't actually
Otherwise some undefined bytes might be left in the buffer. Now they
might still be not useful, but at least they are as defined in the
file.
Signed-off-by: Mark Wielaard
---
ChangeLog | 4
libelf/gnuhash_xlate.h | 12 ++--
2 files changed, 14 insertions(+), 2 deletion
.debug sections are raw bytes and don't need conversion even when host
and file have different endian order.
Signed-off-by: Mark Wielaard
---
libdw/ChangeLog | 4
libdw/dwarf_begin_elf.c | 5 +++--
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/libdw/ChangeLog b/libd
Hello, Mark
On Mon, Feb 20, 2023 at 3:55 PM Mark Wielaard wrote:
>
> .debug sections are raw bytes and don't need conversion even when host
> and file have different endian order.
Thank you! I like this patch more for its simplicity, looks good to me.
Status: New
Owner:
CC: elfut...@sourceware.org, da...@adalogics.com, evv...@gmail.com,
izz...@google.com
Labels: ClusterFuzz Reproducible Stability-Memory-MemorySanitizer
Engine-libfuzzer OS-Linux Security_Severity-Medium Proj-elfutils
Reported-2023-02-20
Type: Bug-Security
New issue 5617
Comment #1 on issue 56179 by evv...@gmail.com: elfutils:fuzz-libdwfl:
Use-of-uninitialized-value in check_section
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56179#c1
It's a duplicate of https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56134
as far as I can tell. I'm not sure wh
Hi,
On Mon, 20 Feb 2023 at 19:03, Aleksei Vetrov wrote:
> On Mon, Feb 20, 2023 at 3:55 PM Mark Wielaard wrote:
> >
> > .debug sections are raw bytes and don't need conversion even when host
> > and file have different endian order.
>
> Thank you! I like this patch more for its simplicity, looks
12 matches
Mail list logo
