oss-sec mailing list archives
Re: binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c)
From: Agostino Sarubbo <ago () gentoo org>
Date: Fri, 29 Sep 2017 17:22:31 +0200
On mercoledì 27 settembre 2017 12:20:15 CEST Efraim Flashner wrote:
On Tue, Sep 26, 2017 at 07:03:41AM +0000, Agostino Sarubbo wrote:Affected version: 2.29.51.20170921 and maybe past releasesAs best as I can see, it looks like the bug was introduced after the 2.28 series was frozen/split-off, and there is no part of the patch that applies to the 2.28.1 release. I have not, however, tried the reproducer.
The provided testcase works for me after the commit 98c5dfc99444094652c2f2259126f70e5cacf56f -- Agostino Sarubbo Gentoo Linux Developer
Current thread:
- binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c) Agostino Sarubbo (Sep 26)
- Re: binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c) Efraim Flashner (Sep 27)
- Re: binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c) Agostino Sarubbo (Sep 29)
- Re: binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c) Efraim Flashner (Sep 27)