https://sourceware.org/bugzilla/show_bug.cgi?id=27294
--- Comment #3 from Dennis Roellke <dennis.r at columbia dot edu> --- My bad, it's not off-by-one. record_count is a user controlled input field, s.t. a malicious user could set the record_count for x counts to y and force a heap overwrite in https://sourcegraph.com/github.com/bminor/binutils-gdb@a7e3d08a26edefa411269636d7dcae7dd2736659/-/blob/bfd/elf32-avr.c#L4089 -- You are receiving this mail because: You are on the CC list for the bug.