[Bug binutils/19323] [FG-VD-15-113] BinUtils-2.25 Objdump Heap Overflow

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/19323] [FG-VD-15-113] BinUtils-2.25 Objdump Heap Overflow

From:	cvs-commit at gcc dot gnu.org
Subject:	[Bug binutils/19323] [FG-VD-15-113] BinUtils-2.25 Objdump Heap Overflow Vulnerability Notification
Date:	Thu, 10 Dec 2015 13:51:28 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=19323

--- Comment #6 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot 
gnu.org> ---
The binutils-2_26-branch branch has been updated by Alan Modra
<address@hidden>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aa8b89e8ae35f71a94a1eaee0da939396d2f61d4

commit aa8b89e8ae35f71a94a1eaee0da939396d2f61d4
Author: Alan Modra <address@hidden>
Date:   Mon Dec 7 13:41:36 2015 +1030

    PR19323 memory allocation greater than 4G

    On 32-bit targets, memory requested for program/section headers on a
    fuzzed binary can wrap to 0.  A bfd_alloc of zero bytes actually
    returns a one byte allocation rather than a NULL pointer.  This then
    leads to buffer overflows.

    Making this check unconditional triggers an extremely annoying gcc-5
    warning.

        PR 19323
        * elfcode.h (elf_object_p): Check for ridiculous e_shnum and
        e_phnum values.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug binutils/19323] New: BinUtils-2.25 Objdump Heap Overflow Vulnerability Notification, kshah at fortinet dot com, 2015/12/01
- [Bug binutils/19323] BinUtils-2.25 Objdump Heap Overflow Vulnerability Notification, kshah at fortinet dot com, 2015/12/01
- [Bug binutils/19323] [FG-VD-15-113] BinUtils-2.25 Objdump Heap Overflow Vulnerability Notification, kshah at fortinet dot com, 2015/12/01
- [Bug binutils/19323] [FG-VD-15-113] BinUtils-2.25 Objdump Heap Overflow Vulnerability Notification, amodra at gmail dot com, 2015/12/01
- [Bug binutils/19323] [FG-VD-15-113] BinUtils-2.25 Objdump Heap Overflow Vulnerability Notification, kshah at fortinet dot com, 2015/12/03
- [Bug binutils/19323] [FG-VD-15-113] BinUtils-2.25 Objdump Heap Overflow Vulnerability Notification, amodra at gmail dot com, 2015/12/03
- [Bug binutils/19323] [FG-VD-15-113] BinUtils-2.25 Objdump Heap Overflow Vulnerability Notification, amodra at gmail dot com, 2015/12/07
- [Bug binutils/19323] [FG-VD-15-113] BinUtils-2.25 Objdump Heap Overflow Vulnerability Notification, kshah at fortinet dot com, 2015/12/08
- [Bug binutils/19323] [FG-VD-15-113] BinUtils-2.25 Objdump Heap Overflow Vulnerability Notification, cvs-commit at gcc dot gnu.org <=

Prev by Date: [Bug binutils/19315] addr2line change for C++ symbols breaks behavior for inlined functions
Next by Date: [Bug ld/18199] ld fails with -flto for mingw, wrong resolution for main
Previous by thread: [Bug binutils/19323] [FG-VD-15-113] BinUtils-2.25 Objdump Heap Overflow Vulnerability Notification
Next by thread: [Bug ld/19317] plugin needed to handle lto object should not be output for plugin generated files when doing incremental link
Index(es):
- Date
- Thread