vulnerabilities in libbfd (CVE-2014-beats-me)
Yury Gribov
y.gribov@samsung.com
Thu Oct 30 13:09:00 GMT 2014
More information about the Binutils mailing list
Thu Oct 30 13:09:00 GMT 2014
- Previous message (by thread): vulnerabilities in libbfd (CVE-2014-beats-me)
- Next message (by thread): vulnerabilities in libbfd (CVE-2014-beats-me)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 10/30/2014 02:01 PM, Nicholas Clifton wrote: > Hi Maciej, Hi Michal, > >>> $ wget http://lcamtuf.coredump.cx/strings-bfd-badptr2 > > FYI, this test case has now been fixed. > >>> In any case: the bottom line is that if you are used to running >>> strings on random files, or depend on any libbfd-based tools for >>> forensic purposes, you should probably change your habits. For strings >>> specifically, invoking it with the -a parameter seems to inhibit the >>> use of libbfd. Distro vendors may want to consider making the -a mode >>> default, too. > > There are also alternatives to the GNU Binutils strings program. > eu-strings for example, or even "od -S 4". > > > It is true however that there are still vulnerabilities in libbfd, and I > for one would happy to see new bug reports exposing them. I can assure > you that any such bug report reaching me will be treated seriously, and > will be investigated and fixed as soon as possible. We could cook a (simple) ELF fuzzer and run it on Binutils with AddressSanitizer enabled. Perhaps there is one I'm unaware of? Traditional fuzzers like afl are necessarily limited for highly structured inputs. -Y
- Previous message (by thread): vulnerabilities in libbfd (CVE-2014-beats-me)
- Next message (by thread): vulnerabilities in libbfd (CVE-2014-beats-me)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Binutils mailing list