[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/24244] readelf: heap buffer overflow in unw_decode_uleb128
From: |
cvs-commit at gcc dot gnu.org |
Subject: |
[Bug binutils/24244] readelf: heap buffer overflow in unw_decode_uleb128 |
Date: |
Wed, 20 Feb 2019 17:26:49 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=24244
--- Comment #1 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot
gnu.org> ---
The master branch has been updated by Nick Clifton <address@hidden>:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=171375c68e809e97b5653ef424f80d46956a50e8
commit 171375c68e809e97b5653ef424f80d46956a50e8
Author: Nick Clifton <address@hidden>
Date: Wed Feb 20 17:25:33 2019 +0000
Fix potential illegal memory access by readelf when parsing corrupt IA64
unwind information.
PR 24244
* unwind-ia64.c (unw_decode_uleb128): Add end parameter, use it to
prevent walking off the end of the buffer.
(unw_decode_x1): Add end paramter, pass it to unw_decode_uleb128.
(unw_decode_x2): Likewise.
(unw_decode_x3): Likewise.
(unw_decode_x4): Likewise.
(unw_decode_r2): Pass the end parameter to unw_decode_uleb128.
(unw_decode_r3): Likewise.
(unw_decode_p7_p10): Likewise.
(unw_decode_b2): Likewise.
(unw_decode_b3_x4): Likewise.
--
You are receiving this mail because:
You are on the CC list for the bug.