[Bug demangler/88783] integer overflow in libiberty, heap overflow will be triggered in nm
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88783 Siddhesh Poyarekar changed: What|Removed |Added CC||siddhesh at gotplt dot org --- Comment #9 from Siddhesh Poyarekar --- gcc version of libiberty hasn't had this issue since the following change which removed the potential overflow. The POC also appears fixed with binutils 2.35; from code inspection it should be fixed in 2.32 and later. This ought to be closed. ommit 6c8120c5ff130e03d32ff15a8f0d0e703592a2af Author: Jason Merrill Date: Sat Dec 22 19:06:34 2018 -0500 Remove support for demangling GCC 2.x era mangling schemes. libiberty/ * cplus-dem.c: Remove cplus_mangle_opname, cplus_demangle_opname, internal_cplus_demangle, and all subroutines. (libiberty_demanglers): Remove entries for ancient GNU (pre-3.0), Lucid, ARM, HP, and EDG demangling styles. (cplus_demangle): Remove 'work' variable. Don't call internal_cplus_demangle. include/ * demangle.h: Remove support for ancient GNU (pre-3.0), Lucid, ARM, HP, and EDG demangling styles. From-SVN: r267363
[Bug demangler/88783] integer overflow in libiberty, heap overflow will be triggered in nm
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88783 --- Comment #8 from prajwapa at in dot ibm.com --- (In reply to prajwapa from comment #7) > Kindly let me know, if this bug is going to be fixed in binutils and in > which version? could someone please provide an update as this is urgent.
[Bug demangler/88783] integer overflow in libiberty, heap overflow will be triggered in nm
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88783 prajwapa at in dot ibm.com changed: What|Removed |Added CC||prajwapa at in dot ibm.com --- Comment #7 from prajwapa at in dot ibm.com --- Kindly let me know, if this bug is going to be fixed in binutils and in which version?
[Bug demangler/88783] integer overflow in libiberty, heap overflow will be triggered in nm
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88783 Trupti Pardeshi changed: What|Removed |Added CC||trupti_pardeshi@persistent. ||co.in --- Comment #6 from Trupti Pardeshi --- Hi, May I know, if this bug is going to be fixed in binutils and in which version? Any heads up will be appreciated. Best Regards,
[Bug demangler/88783] integer overflow in libiberty, heap overflow will be triggered in nm
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88783 --- Comment #5 from tfx --- CVE-2018-20673 has been assigned to this bug.
[Bug demangler/88783] integer overflow in libiberty, heap overflow will be triggered in nm
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88783 Andrew Pinski changed: What|Removed |Added Status|RESOLVED|UNCONFIRMED Resolution|MOVED |--- --- Comment #4 from Andrew Pinski --- .
[Bug demangler/88783] integer overflow in libiberty, heap overflow will be triggered in nm
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88783 --- Comment #3 from Richard Earnshaw --- (In reply to Nick Clifton from comment #2) > Hi tfx, > > Thank you vert much for reporting this bug. Unfortunately the binutils > project does not maintain the libiberty library (which contains the > cplus-dem.c source file). Instead this is handled by the gcc project. > So please could you refile your bug report on the gcc bugzilla system: > >https://gcc.gnu.org/bugzilla/enter_bug.cgi?product=gcc > > Thank you. > > Cheers > Nick ??? This is the gcc bugzilla.
[Bug demangler/88783] integer overflow in libiberty, heap overflow will be triggered in nm
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88783 Nick Clifton changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED CC||nickc at gcc dot gnu.org Resolution|--- |MOVED --- Comment #2 from Nick Clifton --- Hi tfx, Thank you vert much for reporting this bug. Unfortunately the binutils project does not maintain the libiberty library (which contains the cplus-dem.c source file). Instead this is handled by the gcc project. So please could you refile your bug report on the gcc bugzilla system: https://gcc.gnu.org/bugzilla/enter_bug.cgi?product=gcc Thank you. Cheers Nick