Hi ICBM,
Found a new vuln in bfd lib coff code and similar with the last
one...
In the do_slurp_coff_armap() funciton:
static bfd_boolean
do_slurp_coff_armap (bfd *abfd){
¡
carsym_size = (nsymz * sizeof (carsym)); //uses the nsymz from file
ptr
Hi:
Found a new vuln in bfd lib coff code and similar with the last
one...the ditails in the attachment.
Thanks
zhaowei
[AD_LAB-05003]Integer Buffer Overflow in Binary File Descriptor (BFD) library
Venustech AD-Lab
www.venustech.com.cn
[Security Advisory]
Advisory: [AD_LAB-05003]Integer B
