[Bug libelf/23528] New: When executing ./eu-nm or ./eu-readelf -aAdehIlnrsSVcp -w, AddressSanitizer chatch a double-free crashes.

Status: UNCONFIRMED Severity: normal Priority: P2 Component: libelf Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment

[Bug libelf/23528] When executing ./eu-nm or ./eu-readelf -aAdehIlnrsSVcp -w, AddressSanitizer catch a double-free crashe.

https://sourceware.org/bugzilla/show_bug.cgi?id=23528 wcventure changed: What|Removed |Added Summary|When executing ./eu-nm or |When executing ./eu-nm or

[Bug libelf/23528] When executing ./eu-nm or ./eu-readelf -aAdehIlnrsSVcp -w, AddressSanitizer catch a double-free crash.

https://sourceware.org/bugzilla/show_bug.cgi?id=23528 wcventure changed: What|Removed |Added Summary|When executing ./eu-nm or |When executing ./eu-nm or

[Bug backends/23529] New: heap-buffer-overflow in eu-readelf

: backends Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11186 --> https://sourceware.org/bugzilla/attachment.cgi?id=11186&action=edit cra

[Bug libdw/23541] New: heap-buffer-overflow in /elfutils/libdw/dwarf_getaranges.c:156

: normal Priority: P2 Component: libdw Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11189 --> https://sourceware.org/bugzi

[Bug general/23542] New: heap-buffer-overflow in /elfutils/src/elflint.c:2055 check_sysv_hash

Severity: normal Priority: P2 Component: general Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11190 --> https://sourceware.

[Bug libdw/23752] New: Invalid Address Read problem in dwfl_segment_report_module.c when executing ./eu-stack --core=$POC

: unspecified Status: UNCONFIRMED Severity: normal Priority: P2 Component: libdw Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created

[Bug libdw/23753] New: Invalid Address Read problem in dwfl_segment_report_module.c when executing ./eu-stack --core=$POC

: unspecified Status: UNCONFIRMED Severity: normal Priority: P2 Component: libdw Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Hi there

[Bug libdw/23753] Invalid Address Read problem in dwfl_segment_report_module.c when executing ./eu-stack --core=$POC

https://sourceware.org/bugzilla/show_bug.cgi?id=23753 --- Comment #1 from wcventure --- Created attachment 11307 --> https://sourceware.org/bugzilla/attachment.cgi?id=11307&action=edit POC-stack ./eu-stack --core=$POC -- You are receiving this mail because: You are on the CC list for the bug

[Bug tools/23754] New: NULL-Pointer dereference problem in function do_oper_extract in the eu-ar binaries

Severity: normal Priority: P2 Component: tools Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Hi, Our fuzzer caught NULL-Pointer

[Bug tools/23754] NULL-Pointer dereference problem in function do_oper_extract in the eu-ar binaries

https://sourceware.org/bugzilla/show_bug.cgi?id=23754 --- Comment #1 from wcventure --- Created attachment 11309 --> https://sourceware.org/bugzilla/attachment.cgi?id=11309&action=edit POC1-ar -- You are receiving this mail because: You are on the CC list for the bug.

[Bug tools/23754] NULL-Pointer dereference problem in function do_oper_extract in the eu-ar binaries

https://sourceware.org/bugzilla/show_bug.cgi?id=23754 --- Comment #2 from wcventure --- Created attachment 11310 --> https://sourceware.org/bugzilla/attachment.cgi?id=11310&action=edit POC2-ar Please use the "./eu-ar -tv $POC" to reproduce the bug. -- You are receiving this mail because: You

[Bug tools/23755] New: Multiple floating point exception in findtextrel.c in eu-findtextrel biniary of elfutils-v.0174.

: UNCONFIRMED Severity: critical Priority: P2 Component: tools Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11311

[Bug tools/23755] Multiple floating point exception in findtextrel.c in eu-findtextrel biniary of elfutils-v.0174.

https://sourceware.org/bugzilla/show_bug.cgi?id=23755 --- Comment #1 from wcventure --- Created attachment 11312 --> https://sourceware.org/bugzilla/attachment.cgi?id=11312&action=edit POC2 Here is the POC2. Please use " ./eu-findtextrel $POC " to reproduce this bug. If you have any questions,

[Bug tools/23755] Multiple floating point exception in findtextrel.c in eu-findtextrel biniary of elfutils-v.0174.

https://sourceware.org/bugzilla/show_bug.cgi?id=23755 --- Comment #2 from wcventure --- Created attachment 11313 --> https://sourceware.org/bugzilla/attachment.cgi?id=11313&action=edit POC3 Here is the POC3. Please use " ./eu-findtextrel $POC " to reproduce this bug. If you have any questions,

[Bug tools/23755] Multiple floating point exception in findtextrel.c in eu-findtextrel biniary of elfutils-v.0174.

https://sourceware.org/bugzilla/show_bug.cgi?id=23755 --- Comment #3 from wcventure --- I have also confirmed them with address sanitizer. For example, The ASAN dumps the stack trace as follows: ASAN:DEADLYSIGNAL = ==8794==ERROR: A

[Bug tools/23755] Multiple floating point exception in findtextrel.c in eu-findtextrel biniary of elfutils-v.0174.

https://sourceware.org/bugzilla/show_bug.cgi?id=23755 --- Comment #5 from wcventure --- Thanks for paying attention to this problem and proposing to fix it in time. This bug was discovered by NTU Cyber-Security-Lab, for fuzzing research work. -- You are receiving this mail because: You are on t

[Bug libdw/23753] Invalid Address Read problem in dwfl_segment_report_module.c when executing ./eu-stack --core=$POC

https://sourceware.org/bugzilla/show_bug.cgi?id=23753 --- Comment #3 from wcventure --- Thanks for paying attention to this problem and proposing to fix it in time. This bug was discovered by NTU Cyber-Security-Lab, for fuzzing research work. -- You are receiving this mail because: You are on t

[Bug tools/23754] NULL-Pointer dereference problem in function do_oper_extract in the eu-ar binaries

https://sourceware.org/bugzilla/show_bug.cgi?id=23754 --- Comment #4 from wcventure --- Thanks for paying attention to this problem and proposing to fix it in time. This bug was discovered by NTU Cyber-Security-Lab, for fuzzing research work. -- You are receiving this mail because: You are on t

[Bug libdw/23752] Invalid Address Read problem in dwfl_segment_report_module.c when executing ./eu-stack --core=$POC

https://sourceware.org/bugzilla/show_bug.cgi?id=23752 --- Comment #4 from wcventure --- Thanks for paying attention to this problem and proposing to fix it in time. This bug was discovered by NTU Cyber-Security-Lab, for fuzzing research work. -- You are receiving this mail because: You are on t

[Bug libdw/23782] New: Negative-size-param problem in dwfl_getmodules.c in libdw, please use the POC to reproduce this bug.

Status: UNCONFIRMED Severity: normal Priority: P2 Component: libdw Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11331

[Bug libdw/23782] Negative-size-param problem in dwfl_getmodules.c in libdw, please use the POC to reproduce this bug.

https://sourceware.org/bugzilla/show_bug.cgi?id=23782 --- Comment #1 from wcventure --- Created attachment 11332 --> https://sourceware.org/bugzilla/attachment.cgi?id=11332&action=edit POC2 -- You are receiving this mail because: You are on the CC list for the bug.

[Bug libdw/23782] Negative-size-param problem in dwfl_getmodules.c in libdw, please use the POC to reproduce this bug.

https://sourceware.org/bugzilla/show_bug.cgi?id=23782 --- Comment #2 from wcventure --- Created attachment 11333 --> https://sourceware.org/bugzilla/attachment.cgi?id=11333&action=edit POC3 -- You are receiving this mail because: You are on the CC list for the bug.

[Bug general/23786] Divide-by-zero Problem in function arlib_add_symbols() in arlib.c in elfutils-0.174

https://sourceware.org/bugzilla/show_bug.cgi?id=23786 --- Comment #2 from wcventure --- Created attachment 11337 --> https://sourceware.org/bugzilla/attachment.cgi?id=11337&action=edit POC2 Please use " ./eu-ranlib $POC " to reproduce this bug. This bug was discovered by NTU Cyber-Security-Lab

[Bug general/23786] New: Divide-by-zero Problem in function arlib_add_symbols() in arlib.c in elfutils-0.174

Severity: critical Priority: P2 Component: general Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Hi, I found some floating point

[Bug libelf/23787] New: Invalid Address Deference problem in function elf_end in libelf the latest elfutils-0.174

: UNCONFIRMED Severity: normal Priority: P2 Component: libelf Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11338 --> ht

[Bug libelf/23787] Invalid Address Deference problem in function elf_end in libelf the latest elfutils-0.174

https://sourceware.org/bugzilla/show_bug.cgi?id=23787 --- Comment #1 from wcventure --- Created attachment 11339 --> https://sourceware.org/bugzilla/attachment.cgi?id=11339&action=edit POC2 Please use " ./eu-size $POC " to reproduce this bug. This bug was discovered by NTU Cyber-Security-Lab

[Bug backends/24075] New: Program Crash due to Wild pointer Deference in ebl_object_note function in eblobjnote.c in libebl.

Status: UNCONFIRMED Severity: normal Priority: P2 Component: backends Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11523

[Bug backends/24075] Program Crash due to Wild pointer Deference in ebl_object_note function in eblobjnote.c in libebl.

https://sourceware.org/bugzilla/show_bug.cgi?id=24075 --- Comment #1 from wcventure --- Created attachment 11524 --> https://sourceware.org/bugzilla/attachment.cgi?id=11524&action=edit POC2 The ASAN dumps the stack trace as follows: > ==

[Bug libelf/24081] New: Use-After-free Problem in elf32_xlatetom function in libelf

: normal Priority: P2 Component: libelf Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11527 --> https://sourceware.org/bugzi

[Bug libelf/24081] Use-After-free Problem in elf32_xlatetom function in libelf

https://sourceware.org/bugzilla/show_bug.cgi?id=24081 --- Comment #1 from wcventure --- Created attachment 11528 --> https://sourceware.org/bugzilla/attachment.cgi?id=11528&action=edit POC2 -- You are receiving this mail because: You are on the CC list for the bug.

[Bug backends/24084] New: Negative-size-param when when calling memcpy function in elf_cvt_note function in libelf the latest elfutils-0.174 code base, this inputs will cause the segment faults and I

onent: backends Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11530 --> https://sourceware.org/bugzilla/attachment.cgi?id=11530&action=

[Bug backends/24084] Negative-size-param when when calling memcpy function in elf_cvt_note function in libelf

https://sourceware.org/bugzilla/show_bug.cgi?id=24084 wcventure changed: What|Removed |Added Summary|Negative-size-param when|Negative-size-param when

[Bug libelf/24085] New: An Out of Memory problem was discovered in function in read_long_names in elf_begin.c in libelf

: UNCONFIRMED Severity: normal Priority: P2 Component: libelf Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11531

[Bug libelf/24085] An Out of Memory problem was discovered in function in read_long_names in elf_begin.c in libelf

https://sourceware.org/bugzilla/show_bug.cgi?id=24085 --- Comment #1 from wcventure --- Please use the "./eu-ar -tv $POC" to reproduce the bug. If you have any questions, please let me know. -- You are receiving this mail because: You are on the CC list for the bug.

[Bug general/24086] New: Multiple memory leak issues were discovered in in libelf and libdwelf

Severity: normal Priority: P2 Component: general Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11532 --> https://sourceware.

[Bug libelf/24089] New: A Heap-buffer-overflow problem was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf

Status: UNCONFIRMED Severity: normal Priority: P2 Component: libelf Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment

[Bug libelf/24089] A Heap-buffer-overflow problem was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf

https://sourceware.org/bugzilla/show_bug.cgi?id=24089 --- Comment #1 from wcventure --- Created attachment 11535 --> https://sourceware.org/bugzilla/attachment.cgi?id=11535&action=edit POC2 -- You are receiving this mail because: You are on the CC list for the bug.

[Bug backends/24102] New: A Heap-buffer-overflow problem was discovered in the function read_srclines in dwarf_getsrclines.c in libdw

Status: UNCONFIRMED Severity: normal Priority: P2 Component: backends Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created

[Bug backends/24102] A Heap-buffer-overflow problem was discovered in the function read_srclines in dwarf_getsrclines.c in libdw

https://sourceware.org/bugzilla/show_bug.cgi?id=24102 --- Comment #2 from wcventure --- Created attachment 11544 --> https://sourceware.org/bugzilla/attachment.cgi?id=11544&action=edit POC3 -- You are receiving this mail because: You are on the CC list for the bug.

[Bug backends/24102] A Heap-buffer-overflow problem was discovered in the function read_srclines in dwarf_getsrclines.c in libdw

https://sourceware.org/bugzilla/show_bug.cgi?id=24102 --- Comment #1 from wcventure --- Created attachment 11543 --> https://sourceware.org/bugzilla/attachment.cgi?id=11543&action=edit POC2 -- You are receiving this mail because: You are on the CC list for the bug.

[Bug libelf/24103] New: Invalid address Deference in elf64_xlatetom in elf32_xlatetom.c in libelf

Severity: normal Priority: P2 Component: libelf Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11545 --> https://sourceware.

[Bug libelf/24103] Invalid address Deference in elf64_xlatetom in elf32_xlatetom.c in libelf

https://sourceware.org/bugzilla/show_bug.cgi?id=24103 --- Comment #1 from wcventure --- Created attachment 11546 --> https://sourceware.org/bugzilla/attachment.cgi?id=11546&action=edit POC2 -- You are receiving this mail because: You are on the CC list for the bug.

[Bug tools/24116] New: A Heap-buffer-overflow problem was discovered in the function print_debug_line_section in readelf.c

Status: UNCONFIRMED Severity: normal Priority: P2 Component: tools Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11559

[Bug tools/24116] A Heap-buffer-overflow problem was discovered in the function print_debug_line_section in readelf.c

https://sourceware.org/bugzilla/show_bug.cgi?id=24116 --- Comment #2 from wcventure --- Created attachment 11561 --> https://sourceware.org/bugzilla/attachment.cgi?id=11561&action=edit POC3 -- You are receiving this mail because: You are on the CC list for the bug.

[Bug tools/24116] A Heap-buffer-overflow problem was discovered in the function print_debug_line_section in readelf.c

https://sourceware.org/bugzilla/show_bug.cgi?id=24116 --- Comment #1 from wcventure --- Created attachment 11560 --> https://sourceware.org/bugzilla/attachment.cgi?id=11560&action=edit POC2 -- You are receiving this mail because: You are on the CC list for the bug.

[Bug backends/24075] Program Crash due to buffer over-read in ebl_object_note function in eblobjnote.c in libebl.

https://sourceware.org/bugzilla/show_bug.cgi?id=24075 wcventure changed: What|Removed |Added Status|RESOLVED|UNCONFIRMED Resolution|FIXED

[Bug backends/24075] Program Crash due to buffer over-read in ebl_object_note function in eblobjnote.c in libebl.

https://sourceware.org/bugzilla/show_bug.cgi?id=24075 --- Comment #5 from wcventure --- Created attachment 11573 --> https://sourceware.org/bugzilla/attachment.cgi?id=11573&action=edit Regressiong_POC -- You are receiving this mail because: You are on the CC list for the bug.

[Bug backends/24075] Program Crash due to buffer over-read in ebl_object_note function in eblobjnote.c in libebl.

https://sourceware.org/bugzilla/show_bug.cgi?id=24075 wcventure changed: What|Removed |Added Priority|P2 |P1 Severity|normal

[Bug libdw/24140] New: A Heap-buffer-overflow problem was discovered in the function __libdw_next_unit in dwarf_nextcu.c in libdw

Status: UNCONFIRMED Severity: critical Priority: P2 Component: libdw Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment

[Bug backends/24075] Program Crash due to buffer over-read in ebl_object_note function in eblobjnote.c in libebl.

https://sourceware.org/bugzilla/show_bug.cgi?id=24075 --- Comment #6 from wcventure --- CVE-2019-7146 -- You are receiving this mail because: You are on the CC list for the bug.

[Bug libelf/24081] buffer over-read Problem in elf32_xlatetom function in libelf

https://sourceware.org/bugzilla/show_bug.cgi?id=24081 wcventure changed: What|Removed |Added Summary|Use-After-free Problem in |buffer over-read Problem in

[Bug tools/24116] A Heap-buffer-overflow problem was discovered in the function print_debug_line_section in readelf.c

https://sourceware.org/bugzilla/show_bug.cgi?id=24116 --- Comment #4 from wcventure --- (In reply to Mark Wielaard from comment #3) Not completely repaired. Here is the Regression test case. -- You are receiving this mail because: You are on the CC list for the bug.

[Bug tools/24116] A Heap-buffer-overflow problem was discovered in the function print_debug_line_section in readelf.c

https://sourceware.org/bugzilla/show_bug.cgi?id=24116 --- Comment #5 from wcventure --- Created attachment 11581 --> https://sourceware.org/bugzilla/attachment.cgi?id=11581&action=edit Regression -- You are receiving this mail because: You are on the CC list for the bug.

[Bug general/24385] New: Regression lead to Invalid Address Deference, in handle_elf function in /src/strip.c

Severity: normal Priority: P2 Component: general Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11698 --> ht

[Bug general/24385] Regression lead to Invalid Address Deference, in handle_elf function in /src/strip.c

https://sourceware.org/bugzilla/show_bug.cgi?id=24385 --- Comment #1 from wcventure --- Created attachment 11699 --> https://sourceware.org/bugzilla/attachment.cgi?id=11699&action=edit POC2 -- You are receiving this mail because: You are on the CC list for the bug.

[Bug libelf/24387] New: Invalid address Deference in elf32_xlatetom function in libelf/elf32_xlatetom.c

Severity: normal Priority: P2 Component: libelf Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 11701 --> ht

[Bug libelf/24387] Invalid address Deference in elf32_xlatetom function in libelf/elf32_xlatetom.c

https://sourceware.org/bugzilla/show_bug.cgi?id=24387 --- Comment #1 from wcventure --- Created attachment 11702 --> https://sourceware.org/bugzilla/attachment.cgi?id=11702&action=edit POC2 -- You are receiving this mail because: You are on the CC list for the bug.

[Bug libdw/24398] New: An invalid address deference problem was discovered in the print_debug_macinfo_section function __libdw_next_unit in libdw/dwarf_filesrc.c in libdw

Product: elfutils Version: unspecified Status: UNCONFIRMED Severity: normal Priority: P2 Component: libdw Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com CC: elfutils-devel at