Friendly ping on this ?
> Le 22 sept. 2022 à 09:05, Philippe Antoine <p.anto...@catenacyber.fr> a écrit
> :
>
> Hello fuzzers,
>
> I am Philippe Antoine, working on oss-fuzz.
>
> I implemented a new sanitizer to detect arbitrary file open.
> One of these was discovered in elfutils with target
> libFuzzer_elfutils_fuzz-dwfl-core
> Cf https://oss-fuzz.com/testcases?open=yes&q=Arbitrary&proj=elfutils
>
> I would like to know what you think about this. Is this a bug to you ? Or is
> it expected ?
> Could this be exploited somehow by an attacker to get secrets such as
> ~/.ssh/id_rsa ?
>
> Cheers,
> Philippe
>
