XS-libdwarf
81 results

 view release on metacpan or  search on metacpan

libdwarf-code-0.11.1/bugxml/data.txt  view on Meta::CPAN 

tarrelease: libdwarf-20160923.tar.gz
endrec:

id: DW201605-014
cve: CVE-2016-5032
datereported: 2016-05-17
reportedby: Yue Liu
vulnerability: OOB read bug in dwarf_get_xu_hash_entry()
product: libdwarf
description: Test object shows
 an invalid read in dwarf_get _xu_hash_entry, lin 211.
 <pre>
 #0  dwarf_get_xu_hash_entry (xuhdr=xuhdr@entry=0x657360,
    index=index@entry=2897626028, hash_value=
    hash_value@entry=0x7fffffffd5b0,
    index_to_sections=index_to_sections@entry=0x7fffffffd5a8,
    err=err@entry=0x7fffffffdb08) at dwarf_xu_index.c:211
 #1  0x00002aaaaacfd05e in _dwarf_search_fission_for_key (
    dbg=0x654a50, error=0x7fffffffdb08, percu_index_out=<synthetic pointer>,
    key_in=0x7fffffffd670, xuhdr=0x657360) at dwarf_xu_index.c:363
 #2  dwarf_get_debugfission_for_key (dbg=dbg@entry=0x654a50,
    key=key@entry=0x7fffffffd670, key_type=key_type@entry=0x2aaaaad15e2a
    "tu", percu_out=percu_out@entry=0x65a830,
    error=error@entry=0x7fffffffdb08) at dwarf_xu_index.c:577
 </pre>
datefixed: 2015-05-18
references: regressiontests/liu/OOB0517_02.elf
gitfixid: ac6673e32f3443a5d36c2217cb814000930b2c54
tarrelease: libdwarf-20160923.tar.gz
endrec:

id: DW201605-013
cve: CVE-2016-5033
datereported: 2016-05-17
reportedby: Yue Liu
vulnerability: OOB read bug in print_exprloc_content
product: libdwarf
description: Test object shows
 an invalid write in print_exprloc_content.
 <pre>
 #0  print_exprloc_content (dbg=dbg@entry=0x654ea0,
    die=die@entry=0x65b110, attrib=attrib@entry=0x65b590,
    esbp=esbp@entry=0x7fffffffcef0, showhextoo=1) at print_die.c:4182
 #1  0x0000000000412fb1 in get_attr_value (dbg=dbg@entry=0x654ea0,
    tag=<optimized out>, die=die@entry=0x65b110,
    dieprint_cu_goffset=dieprint_cu_goffset@entry=11,
    attrib=attrib@entry=0x65b590, srcfiles=srcfiles@entry=0x0,
    cnt=cnt@entry=0, esbp=esbp@entry=0x7fffffffcef0, show_form=0,
    local_verbose=0) at print_die.c:4972
 </pre>
datefixed: 2015-05-18
references: regressiontests/liu/OOB0517_01.elf
gitfixid: ac6673e32f3443a5d36c2217cb814000930b2c54
tarrelease: libdwarf-20160923.tar.gz
endrec:

id: DW201605-012
cve: CVE-2016-5034
datereported: 2016-05-13
reportedby: Yue Liu
vulnerability: OOB write. From relocation records
product: libdwarf
description: Test object shows
 an invalid write in dwarf_elf_access.c
 (when doing the relocations).
 Adding the relocation value to anything overflowed
 and disguised the bad relocation record.
 With a 32bit kernel build the test could show
 a double-free and coredump due to the unchecked invalid
 writes from relocations.
datefixed: 2016-05-17
references: regressiontests/liu/HeapOverflow0513.elf
gitfixid: 10ca310f64368dc083efacac87732c02ef560a92
tarrelease: libdwarf-20160923.tar.gz
endrec:

id: DW201605-011
cve: CVE-2016-5035
datereported: 2016-05-06
reportedby: Yue Liu
vulnerability: OOB read bug in _dwarf_read_line_table_header
product: libdwarf
description: Test object shows
 null dereference at line 62
 of dwarf_line_table_reader.c.
 Frame code and linetable code was not noticing data corruption.
datefixed: 2016-05-12
references: regressiontests/liu/OOB_read4.elf
gitfixid: 82d8e007851805af0dcaaff41f49a2d48473334b
tarrelease: libdwarf-20160923.tar.gz
endrec:

id: DW201605-010
cve: CVE-2016-5036
datereported: 2016-05-06
reportedby: Yue Liu
vulnerability: OOB read bug in dump_block
product: libdwarf
description: Test object shows
 null dereverence at line 186
 of dump_block() in print_sections.c
 Frame code was not noticing frame data corruption.
datefixed: 2016-05-12
references: regressiontests/liu/OOB_read3.elf
 regressiontests/liu/OOB_read3_02.elf
gitfixid: 82d8e007851805af0dcaaff41f49a2d48473334b
tarrelease: libdwarf-20160923.tar.gz
endrec:

id: DW201605-009
cve: CVE-2016-5037
datereported: 2016-05-05
reportedby: Yue Liu
vulnerability: NULL dereference in _dwarf_load_section
product: libdwarf
description: Test object shows
 null dereverence at line 1010
 if(!strncmp("ZLIB",(const char *)src,4)) {
 in dwarf_init_finish.c
 The zlib code was not checking for
 a corrupted length-value.
datefixed: 2016-05-06
references: regressiontests/liu/NULLderefer0505_01.elf
gitfixid: b6ec2dfd850929821626ea63fb0a752076a3c08a
tarrelease: libdwarf-20160507.tar.gz
endrec:

id: DW201605-008
cve: CVE-2016-5038
datereported: 2016-05-05



( run in 0.727 second using v1.01-cache-2.11-cpan-5511b514fd6 )