Hi bjchan9an,
There is an uncontrolled stack recursion vulnerability in binutils-2.38, which
allows stack consumption in demangle_path_maybe_open_generics().
As Alan said, we are really only interested in bugs triggered by fuzzed binaries
if they are reported against the current mainline code
On Fri, Sep 30, 2022 at 09:52:41PM +0800, bjchan9an wrote:
> There is an uncontrolled stack recursion vulnerability in binutils-2.38
Sorry, fuzzing reports against anything but current mainline will be
ignored.
--
Alan Modra
Australia Development Lab, IBM
Version: binutils-2.38 release
Machine: ubuntu 18, 64bit server
Compiler: clang-6.0
Command argument: binutils/nm-new -C ./poc
Bug Type: CWE-674 Uncontrolled Recursion
Crash
location: demangle_path_maybe_open_generics(), libiberty/rust-demangle.c:1087
Found by: bjchan...@foxmail.com
Details:
Th
