[Bug tools/27501] eu-readelf hang while process crafted file
https://sourceware.org/bugzilla/show_bug.cgi?id=27501 --- Comment #2 from Mark Wielaard --- Apparently someone created a CVE for this bug: https://nvd.nist.gov/vuln/detail/CVE-2021-33294 Note that we don't consider this a security issue: https://sourceware.org/cgit/elfutils/tree/SECURITY Since most elfutils tools are run in short-lived, local, interactive, development context rather than remotely "in production", we generally treat malfunctions as ordinary bugs rather than security vulnerabilities. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug tools/30772] New: dwarflint checking for specification recursion
https://sourceware.org/bugzilla/show_bug.cgi?id=30772 Bug ID: 30772 Summary: dwarflint checking for specification recursion Product: elfutils Version: unspecified Status: NEW Severity: normal Priority: P2 Component: tools Assignee: unassigned at sourceware dot org Reporter: tromey at sourceware dot org CC: elfutils-devel at sourceware dot org Target Milestone: --- This idea comes from this thread: https://sourceware.org/pipermail/gdb-patches/2023-August/201655.html The idea is that if a DIE refers to itself via a chain of DW_AT_specification (or the other ways a DIE can refer to another), then dwarflint ought to warn, as recursion like this is never valid. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug tools/30772] dwarflint checking for specification recursion
https://sourceware.org/bugzilla/show_bug.cgi?id=30772 Mark Wielaard changed: What|Removed |Added CC||mark at klomp dot org --- Comment #1 from Mark Wielaard --- libdw dwarf_attr_integrate does prevent cycles by limiting the chain of DW_AT_abstract_origin and DW_AT_specification to 16 (arbitrary number). On a different level, DW_AT_import can also create cycles (or rather infinite imports). __libdw_visit_scopes does contain some cycle detection. -- You are receiving this mail because: You are on the CC list for the bug.
