oss-sec mailing list archives
Re: strings / libbfd crasher
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Fri, 24 Oct 2014 12:10:31 -0700
I do have a bunch more that seem exploitable, though - for example: http://lcamtuf.coredump.cx/strings-bfd-badfree - does this repro for people (I tried with binutils 2.24)? I think that given the expectations people have around what strings does and whether it's safe to run on untrusted binaries, I'd seriously question the wisdom of making it use libbfd, at least by default; perhaps distros want to consider non-upstream patches that default to the -a mode, instead? I don't understand the user benefit of extracting strings only from certain sections of executables, and I almost feel like it's a side effect of strings being a part of binutils more than anything else. On Fri, Oct 24, 2014 at 5:00 AM, Hanno Böck <hanno () hboeck de> wrote:
I've now put this in upstream's bugtracker: https://sourceware.org/bugzilla/show_bug.cgi?id=17509 Hope noone else has already done this. -- Hanno Böck http://hboeck.de/ mail/jabber: hanno () hboeck de GPG: BBB51E42
Current thread:
- strings / libbfd crasher Hanno Böck (Oct 23)
- Re: strings / libbfd crasher Michal Zalewski (Oct 23)
- Re: strings / libbfd crasher Dave Rutherford (Oct 23)
- Re: strings / libbfd crasher mancha (Oct 23)
- Re: strings / libbfd crasher mancha (Oct 24)
- Re: strings / libbfd crasher Hanno Böck (Oct 24)
- Re: strings / libbfd crasher Michal Zalewski (Oct 24)
- Re: strings / libbfd crasher Michal Zalewski (Oct 24)
- Re: strings / libbfd crasher Hanno Böck (Oct 24)
- Re: strings / libbfd crasher Michal Zalewski (Oct 24)
- Re: strings / libbfd crasher Tavis Ormandy (Oct 24)
- Re: strings / libbfd crasher mancha (Oct 24)
- Re: strings / libbfd crasher Michal Zalewski (Oct 23)
- Re: Re: strings / libbfd crasher Hanno Böck (Oct 26)
- Re: strings / libbfd crasher cve-assign (Oct 30)
- Re: Re: strings / libbfd crasher Alexander Cherepanov (Nov 02)
- Re: Re: strings / libbfd crasher Hanno Böck (Nov 02)