[Bug binutils/23685] heap based buffer overflow vulnerability in bfd_getl32 in libbfd.c in binutils-2.31.1

[nickc at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=23685

--- Comment #5 from Nick Clifton <nickc at redhat dot com> ---
(In reply to Alan Modra from comment #2)
Hi Alan,

  [Thanks for fixing the problem].

> Nick, these 32-bit only bugs reproduce for me on an x86_64 ubuntu system
> with binutils configured using:
> CC="gcc -m32" CXX="g++ -m32" \
> ~/src/binutils-gdb/configure --build=i686-linux --enable-targets=all
> --enable-gold --enable-threads --disable-gdb --disable-sim
> --disable-readline --disable-libdecnumber --enable-plugins

Yes, I just discovered that.  I also found that I cannot build a 32-bit
toolchain with address sanitization enabled, as there appears to be a
problem with memory layout.  (The libasan library is unable to map its
shadow memory).  Apparently this is a kernel problem, and not something
that I can fix. :-(

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.