oss-sec mailing list archives

Re: Re: strings / libbfd crasher

From: Jann Horn <jann () thejh net>
Date: Mon, 3 Nov 2014 02:23:17 +0100

On Sun, Nov 02, 2014 at 04:57:23PM -0800, Michal Zalewski wrote:

Call stack exhaustion is generally non-exploitable
in itself.


It can be exploitable in multithreaded programs though if there is
an unused stack allocation of at least one page further down in the
stack.

Attachment: signature.asc
Description: Digital signature

Current thread:

Re: strings / libbfd crasher, (continued)
- - - Re: strings / libbfd crasher Hanno Böck (Oct 24)
    - Re: strings / libbfd crasher Michal Zalewski (Oct 24)
    - Re: strings / libbfd crasher Tavis Ormandy (Oct 24)
    - Re: strings / libbfd crasher mancha (Oct 24)
- Re: strings / libbfd crasher cve-assign (Oct 26)
  - Re: Re: strings / libbfd crasher Hanno Böck (Oct 26)
    - Re: strings / libbfd crasher cve-assign (Oct 30)
    - Re: Re: strings / libbfd crasher Alexander Cherepanov (Nov 02)
    - Re: Re: strings / libbfd crasher Hanno Böck (Nov 02)
    - Re: Re: strings / libbfd crasher Michal Zalewski (Nov 02)
    - Re: Re: strings / libbfd crasher Jann Horn (Nov 02)
    - Re: Re: strings / libbfd crasher Alexander Cherepanov (Nov 04)
    - Re: Re: strings / libbfd crasher Michal Zalewski (Nov 04)
    - Re: Re: strings / libbfd crasher Alexander Cherepanov (Nov 11)
    - Re: Re: strings / libbfd crasher Michal Zalewski (Nov 11)
    - Re: Re: strings / libbfd crasher Michal Zalewski (Nov 11)
    - Re: Re: strings / libbfd crasher Alexander Cherepanov (Nov 15)
    - Re: Re: strings / libbfd crasher Michal Zalewski (Nov 15)
    - Re: Re: strings / libbfd crasher Alexander Cherepanov (Nov 15)
    - Re: Re: strings / libbfd crasher mancha (Nov 03)
    - Re: Re: strings / libbfd crasher Michal Zalewski (Nov 03)

(Thread continues...)