On 01/12/2015 01:25 PM, Mark Wielaard wrote:
> On Sat, 2014-12-27 at 16:49 +0100, Mark Wielaard wrote:
>> I think you are right and those tests, addrscopes and funcscopes, are
>> wrong. They use dwfl_module_getsrc to find the line associated with start
>> and end of the scope. But for the end they
On Sat, 2015-01-03 at 23:18 +0100, Mark Wielaard wrote:
> On Sat, Jan 03, 2015 at 12:37:11AM +0100, Mark Wielaard wrote:
> > After 2.5 days afl-fuzz found this typo. The check is against the wrong
> > shdr, should be symshdr.
> >
> > Patch fixed on mjw/pending branch.
>
> And Alexander found some
On Sun, 2015-01-11 at 15:10 +0100, Mark Wielaard wrote:
> On Wed, 2015-01-07 at 16:13 -0800, Roland McGrath wrote:
> > dwarf_getcfi_elf.c bits could use a few more unlikely's.
>
> You are right. I made the code even more unlikely.
I pushed this variant to master now.
On Mon, 2015-01-05 at 00:36 +0100, Mark Wielaard wrote:
> intern_cu (and __libdwfl_nextcu) didn't correctly handle immediately seeing
> the CU EOF marker. In that case the *nextp pointer (first_cu) returned by
> intern_cu is -1. And less_layzy will immediately destroy the found CU node.
> So don't
On Mon, 2015-01-05 at 00:09 +0100, Mark Wielaard wrote:
> The sibling attribute should point after this DIE in the CU.
> Otherwise various algorithms might loop or go into infinite recursion
> walking the DIE tree.
>
> Found by afl-fuzz.
>
> Signed-off-by: Mark Wielaard
I pushed this to master.
On Sun, 2015-01-04 at 16:29 +0100, Mark Wielaard wrote:
> Some cfi.c array size allocation calculations might overflow when trying
> to accommodate insanely large number of registers. Don't allow register
> numbers larger than INT32_MAX / sizeof (dwarf_frame_register).
I pushed this to master.
On Sun, 2015-01-04 at 00:37 +0100, Mark Wielaard wrote:
> https://bugzilla.redhat.com/show_bug.cgi?id=1170810#c17
>
> Reported-by: Alexander Cherepanov
> Signed-off-by: Mark Wielaard
>
> + * elfcmp (main): Check section name is not NULL. Check sh_entsize
> + is not zero for symbol tables. Ch
On Sat, 2015-01-03 at 00:31 +0100, Mark Wielaard wrote:
> afl-fuzz showed that when parse_eh_frame_hdr was called from
> getcfi_scn_eh_frame invalid data could be read because of a missing
> size check. That check was there when parse_eh_frame_hdr was called
> from getcfi_gnu_eh_frame. Move the siz
On Sat, 2015-01-03 at 00:25 +0100, Mark Wielaard wrote:
> afl-fuzz pointed out that __libdw_intern_expression didn't handle CFI
> containing DW_OP_call_ref, DW_OP_implicit_pointer or DW_OP_addr. Because
> in that case the Dwarf dbg is NULL. Both DW_OP_call_ref and
> DW_OP_implicit_pointer cannot be
On Wed, 2014-12-31 at 01:03 +0100, Mark Wielaard wrote:
> elf_getphdrnum does checks the phdrnum makes sense. But gelf_getphdr
> checked the given index against the "raw" e_phnum or internal
> __elf_getphdrnum_rdlock result without checking. Extract the checking
> code into a new internal __elf_ge
On Wed, 2014-12-31 at 01:02 +0100, Mark Wielaard wrote:
> Found with afl-fuzz.
>
> Signed-off-by: Mark Wielaard
> +2014-12-30 Mark Wielaard
> +
> + * ppc_symbol.c (find_dyn_got): Check sh_entsize is not zero.
I pushed this to master.
On Thu, 2015-01-15 at 12:06 +0100, Mark Wielaard wrote:
> I'll try to code something up and if you could test that, that would be
> awesome.
Could you try this patch?
Thanks,
Mark
From 224e6776cfe6fc23a207cd05bf75b1e3548853a0 Mon Sep 17 00:00:00 2001
From: Mark Wielaard
Date: Thu, 15 Jan 2015 1
Hi Anatol,
On Wed, 2015-01-14 at 13:30 -0800, Anatol Pomozov wrote:
> On Wed, Jan 14, 2015 at 1:16 PM, Mark Wielaard wrote:
> > You do seem to have yama and alternate selinux security module enabled
> > it seems. Make sure it doesn't deny ptrace/proc/mem.
> > Probably /proc/sys/kernel/yama/ptrace
13 matches
Mail list logo
