[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/21720] Malicious ELF32 with invalid program table entry co
|
From: |
jgj212 at gmail dot com |
|
Subject: |
[Bug binutils/21720] Malicious ELF32 with invalid program table entry count can cause memory exhaustion |
|
Date: |
Thu, 06 Jul 2017 13:35:31 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=21720
--- Comment #2 from jgj212 at gmail dot com ---
(In reply to Alan Modra from comment #1)
> Running out of memory is not an abnormal condition. Arbiterarily limiting
> the number of program headers means binutils would not support the ELF spec
> fully.
For a desktop user, this is not a problem.
But for a parallel backend service, this maybe a problem, because a crafted
file can cause memory exhausted to cause other objdump instance to failed to
process valid elf file.
And it is not need to set hard limit for the number of program header, because
program header count can not be bigger than (size_elf_file /
size_program_heard), adding this limitation can also support the ELF spec
fully.
--
You are receiving this mail because:
You are on the CC list for the bug.