On Wed, 2024-02-21 at 22:19 +0100, Mark Wielaard wrote: > Prevent signed underflow by changing loop variables to unsigned and > doing count checks before decrementing. This isn't really a bug, but > prevents UB detected by ubsan on fuzzed input. The bad (fuzzed) input > data does get detected anyway. > > * src/readelf.c (handle_verneed): Use unsigned cnt, cnt2. > (handle_verdef): Likewise.
Pushed after a quick chat with Aaron on irc.
