[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/23963] objdump unsafely prints control characters from str
pajexali at gmail dot com
[Bug binutils/23963] objdump unsafely prints control characters from string table
Fri, 01 Feb 2019 08:43:58 +0000
--- Comment #5 from Ben N <pajexali at gmail dot com> ---
(In reply to Nick Clifton from comment #3)
> (In reply to Ben N from comment #1)
> Hi Ben,
> Sorry for the delay. I have now applied an extended version of your
> patch, which should cover almost all of the symbols displayed by
> objdump. There is one place left where this kind of problem might
> still arise - the print_section_stabs() function - but I think that
> this will do for now.
Thanks Nick. As I couldn't find functionality in objdump that warranted the
printing of control sequences and readelf already mitigate this behaviour, I
believe this to be a security vulnerability.
The premise being, users of objdump assume analysing the binary causes nothing
more than information to be displayed to screen. Whereas the affected version
allows the undefined treatment of control sequences to be abused to interact
with the terminal and in some cases exploit VTE vulnerabilities.
Can you please let me know your thoughts on this. I would like to apply for a
CVE and to notify pkg maintainers so this patch is backported.
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug binutils/23963] objdump unsafely prints control characters from string table,
pajexali at gmail dot com <=