[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/21612] global-buffer-overflow in bfd_get_string
From: |
nickc at redhat dot com |
Subject: |
[Bug binutils/21612] global-buffer-overflow in bfd_get_string |
Date: |
Mon, 19 Jun 2017 13:09:56 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=21612
Nick Clifton <nickc at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
CC| |nickc at redhat dot com
Resolution|--- |FIXED
--- Comment #4 from Nick Clifton <nickc at redhat dot com> ---
Hi Alexandre,
Thanks for reporting this bug.
The IEEE parser in the BFD library is very old, and it was not written
with security in mind. I have added some code to help catch buffer
overruns, including the one triggered by this test case, but I expect
that more will turn up in the future.
Cheers
Nick
--
You are receiving this mail because:
You are on the CC list for the bug.