[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/27295] Unsafe strcmp() causing arbitrary read primitive an
|
From: |
cvs-commit at gcc dot gnu.org |
|
Subject: |
[Bug binutils/27295] Unsafe strcmp() causing arbitrary read primitive and potential privacy impact in elf32_avr_get_note_desc() |
|
Date: |
Thu, 11 Feb 2021 09:17:37 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=27295
--- Comment #2 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot
gnu.org> ---
The master branch has been updated by Alan Modra <amodra@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1cfcf3004e1830f8fe9112cfcd15285508d2c2b7
commit 1cfcf3004e1830f8fe9112cfcd15285508d2c2b7
Author: Alan Modra <amodra@gmail.com>
Date: Thu Feb 11 16:56:42 2021 +1030
PR27290, PR27293, PR27295, various avr objdump fixes
Adds missing sanity checks for avr device info note, to avoid
potential buffer overflows. Uses bfd_malloc_and_get_section for
sanity checking section size.
PR 27290
PR 27293
PR 27295
* od-elf32_avr.c (elf32_avr_get_note_section_contents): Formatting.
Use bfd_malloc_and_get_section.
(elf32_avr_get_note_desc): Formatting. Return descsz. Sanity
check namesz. Return NULL if descsz is too small. Ensure
string table is terminated.
(elf32_avr_get_device_info): Formatting. Add note_size param.
Sanity check note.
(elf32_avr_dump_mem_usage): Adjust to suit.
--
You are receiving this mail because:
You are on the CC list for the bug.