[Bug c/69687] New: Buffer Overflow in libiberty

boehme.marcel at gmail dot com Fri, 05 Feb 2016 02:42:43 -0800

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69687


            Bug ID: 69687
           Summary: Buffer Overflow in libiberty
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: boehme.marcel at gmail dot com
  Target Milestone: ---

Created attachment 37592
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=37592&action=edit
Test Case #1

The attached program binary causes a buffer overflow in cplus-dem.c when it
tries to demangle specially crafted function arguments in the binary. Both the
buffer size as well as the buffer content are controlled from the binary.

objdump -x -C <file>
nm -C <file>

Tested on the following configurations
* 2.6.32-573.7.1.el6.x86_64 #1 SMP Tue Sep 22 22:00:00 UTC 2015 x86_64 x86_64
x86_64 GNU/Linux
* 4.1.12-boot2docker #1 SMP Tue Nov 3 06:03:36 UTC 2015 x86_64 x86_64 x86_64
GNU/Linux
* Binutils versions: 2.20 and 2.26

Best regards,
- Marcel

Backlink: https://sourceware.org/bugzilla/show_bug.cgi?id=19571

[Bug c/69687] New: Buffer Overflow in libiberty

Reply via email to