XS-libdwarf
view release on metacpan or search on metacpan
libdwarf-code-0.11.1/bugxml/dwarfbug.xml view on Meta::CPAN
</vulnerability>
<description> Test object shows
an invalid read in dwarf_get _xu_hash_entry, lin 211.
<pre>
<preline> #0 dwarf_get_xu_hash_entry (xuhdr=xuhdr@entry=0x657360,</preline>
<preline> index=index@entry=2897626028, hash_value=</preline>
<preline> hash_value@entry=0x7fffffffd5b0,</preline>
<preline> index_to_sections=index_to_sections@entry=0x7fffffffd5a8,</preline>
<preline> err=err@entry=0x7fffffffdb08) at dwarf_xu_index.c:211</preline>
<preline> #1 0x00002aaaaacfd05e in _dwarf_search_fission_for_key (</preline>
<preline> dbg=0x654a50, error=0x7fffffffdb08, percu_index_out=<synthetic pointer>,</preline>
<preline> key_in=0x7fffffffd670, xuhdr=0x657360) at dwarf_xu_index.c:363</preline>
<preline> #2 dwarf_get_debugfission_for_key (dbg=dbg@entry=0x654a50,</preline>
<preline> key=key@entry=0x7fffffffd670, key_type=key_type@entry=0x2aaaaad15e2a</preline>
<preline> "tu", percu_out=percu_out@entry=0x65a830,</preline>
<preline> error=error@entry=0x7fffffffdb08) at dwarf_xu_index.c:577</preline>
</pre>
</description>
<datefixed>2015-05-18</datefixed>
<references> regressiontests/liu/OOB0517_02.elf
</references>
<gitfixid>ac6673e32f3443a5d36c2217cb814000930b2c54</gitfixid>
<tarrelease>libdwarf-20160923.tar.gz</tarrelease>
</dwbug>
<dwbug>
<dwid>DW201605-013</dwid>
<cve>CVE-2016-5033</cve>
<fuzzer></fuzzer>
<datereported>2016-05-17</datereported>
<reportedby>Yue Liu</reportedby>
<product>libdwarf</product>
<vulnerability> OOB read bug in print_exprloc_content
</vulnerability>
<description> Test object shows
an invalid write in print_exprloc_content.
<pre>
<preline> #0 print_exprloc_content (dbg=dbg@entry=0x654ea0,</preline>
<preline> die=die@entry=0x65b110, attrib=attrib@entry=0x65b590,</preline>
<preline> esbp=esbp@entry=0x7fffffffcef0, showhextoo=1) at print_die.c:4182</preline>
<preline> #1 0x0000000000412fb1 in get_attr_value (dbg=dbg@entry=0x654ea0,</preline>
<preline> tag=<optimized out>, die=die@entry=0x65b110,</preline>
<preline> dieprint_cu_goffset=dieprint_cu_goffset@entry=11,</preline>
<preline> attrib=attrib@entry=0x65b590, srcfiles=srcfiles@entry=0x0,</preline>
<preline> cnt=cnt@entry=0, esbp=esbp@entry=0x7fffffffcef0, show_form=0,</preline>
<preline> local_verbose=0) at print_die.c:4972</preline>
</pre>
</description>
<datefixed>2015-05-18</datefixed>
<references> regressiontests/liu/OOB0517_01.elf
</references>
<gitfixid>ac6673e32f3443a5d36c2217cb814000930b2c54</gitfixid>
<tarrelease>libdwarf-20160923.tar.gz</tarrelease>
</dwbug>
<dwbug>
<dwid>DW201605-012</dwid>
<cve>CVE-2016-5034</cve>
<fuzzer></fuzzer>
<datereported>2016-05-13</datereported>
<reportedby>Yue Liu</reportedby>
<product>libdwarf</product>
<vulnerability> OOB write. From relocation records
</vulnerability>
<description> Test object shows
an invalid write in dwarf_elf_access.c
(when doing the relocations).
Adding the relocation value to anything overflowed
and disguised the bad relocation record.
With a 32bit kernel build the test could show
a double-free and coredump due to the unchecked invalid
writes from relocations.
</description>
<datefixed>2016-05-17</datefixed>
<references> regressiontests/liu/HeapOverflow0513.elf
</references>
<gitfixid>10ca310f64368dc083efacac87732c02ef560a92</gitfixid>
<tarrelease>libdwarf-20160923.tar.gz</tarrelease>
</dwbug>
<dwbug>
<dwid>DW201605-011</dwid>
<cve>CVE-2016-5035</cve>
<fuzzer></fuzzer>
<datereported>2016-05-06</datereported>
<reportedby>Yue Liu</reportedby>
<product>libdwarf</product>
<vulnerability> OOB read bug in _dwarf_read_line_table_header
</vulnerability>
<description> Test object shows
null dereference at line 62
of dwarf_line_table_reader.c.
Frame code and linetable code was not noticing data corruption.
</description>
<datefixed>2016-05-12</datefixed>
<references> regressiontests/liu/OOB_read4.elf
</references>
<gitfixid>82d8e007851805af0dcaaff41f49a2d48473334b</gitfixid>
<tarrelease>libdwarf-20160923.tar.gz</tarrelease>
</dwbug>
<dwbug>
<dwid>DW201605-010</dwid>
<cve>CVE-2016-5036</cve>
<fuzzer></fuzzer>
<datereported>2016-05-06</datereported>
<reportedby>Yue Liu</reportedby>
<product>libdwarf</product>
<vulnerability> OOB read bug in dump_block
</vulnerability>
<description> Test object shows
null dereverence at line 186
of dump_block() in print_sections.c
Frame code was not noticing frame data corruption.
</description>
<datefixed>2016-05-12</datefixed>
<references> regressiontests/liu/OOB_read3.elf
regressiontests/liu/OOB_read3_02.elf
</references>
<gitfixid>82d8e007851805af0dcaaff41f49a2d48473334b</gitfixid>
<tarrelease>libdwarf-20160923.tar.gz</tarrelease>
</dwbug>
<dwbug>
<dwid>DW201605-009</dwid>
<cve>CVE-2016-5037</cve>
<fuzzer></fuzzer>
<datereported>2016-05-05</datereported>
<reportedby>Yue Liu</reportedby>
<product>libdwarf</product>
<vulnerability> NULL dereference in _dwarf_load_section
</vulnerability>
<description> Test object shows
null dereverence at line 1010
if(!strncmp("ZLIB",(const char *)src,4)) {
( run in 0.565 second using v1.01-cache-2.11-cpan-5511b514fd6 )