[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/15120] New: Readelf coredump on malicous ar archive
From: |
address@hidden |
Subject: |
[Bug binutils/15120] New: Readelf coredump on malicous ar archive |
Date: |
Fri, 08 Feb 2013 02:04:56 +0000 |
http://sourceware.org/bugzilla/show_bug.cgi?id=15120
Bug #: 15120
Summary: Readelf coredump on malicous ar archive
Product: binutils
Version: 2.24 (HEAD)
Status: NEW
Severity: normal
Priority: P2
Component: binutils
AssignedTo: address@hidden
ReportedBy: address@hidden
Classification: Unclassified
Created attachment 6857
--> http://sourceware.org/bugzilla/attachment.cgi?id=6857
ar archive 1
readelf gets a segmentation fault on printing headers on malicous ar archives
(included in metasploit framework)
./binutils/readelf -h
/tmp/metasploit/external/source/byakugan/i386/byakugan.lib
[1] 32176 segmentation fault (core dumped) ./binutils/readelf -h
gdb:
#0 0x000000000042d6c9 in get_archive_member_name (arch=0x7fff41f5dcd0,
nested_arch=0x7fff41f5dd70) at elfcomm.c:599
599 j--;
(gdb) p j
$1 = 1257796941
(gdb) p arch->longnames_size
$2 = 0
(gdb) p arch->longnames
$3 = 0x0
(gdb) p arch->arhdr.ar_name + 1
$4 = 0x7fff41f5dd29 ' ' <repeats 15 times>, "1257796941", ' ' <repeats 14
times>, "0 964 `\n"
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
- [Bug binutils/15120] New: Readelf coredump on malicous ar archive,
address@hidden <=