format string vulnerabilities in c++filt

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

format string vulnerabilities in c++filt

From:	Chris Rohlf
Subject:	format string vulnerabilities in c++filt
Date:	Thu, 22 Nov 2007 12:41:08 -0500

Hi,

There are two format string vulnerabilities in c++filt program of binutils.

Line 66
printf (mangled_name);

and line 71
printf (result);

These are easily demonstrated by running c++filt on a symbol with the
correct format specifiers:

$./c++filt AAA%x.AAA%x.AAA%x.AAA%x.AAA
AAAb.AAA804be40.AAA0.AAAbfbe82d0.AAA

Thanks!

chris
http://em386.blogspot.com

[Prev in Thread]

Current Thread

[Next in Thread]

format string vulnerabilities in c++filt, Chris Rohlf <=

Prev by Date: [Bug gas/144] gas creates unaligned relocations in .debug_line section
Next by Date: [Bug ld/5398] New: ld: assertion fail elf32-arm.c:3125
Previous by thread: [Bug gas/144] gas creates unaligned relocations in .debug_line section
Next by thread: [Bug ld/5398] New: ld: assertion fail elf32-arm.c:3125
Index(es):
- Date
- Thread