bug-binutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/21786] New: Stack-buffer-overflow in {coff,coff64}-rs6000.

From: ned at forallsecure dot com
Subject: [Bug binutils/21786] New: Stack-buffer-overflow in {coff,coff64}-rs6000.c
Date: Wed, 19 Jul 2017 01:00:46 +0000 
https://sourceware.org/bugzilla/show_bug.cgi?id=21786

            Bug ID: 21786
           Summary: Stack-buffer-overflow in {coff,coff64}-rs6000.c
           Product: binutils
           Version: 2.30 (HEAD)
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: ned at forallsecure dot com
  Target Milestone: ---

Created attachment 10269
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10269&action=edit
testcase

`_bfd_xcoff_read_ar_hdr` and similar functions can call strtol on a string that
is not null-terminated, leading to an out of bounds read on the stack. See the
attached testcase.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]