Menu

#2284 CVE-2012-3509 libiberty: integer overflow, leading to heap-buffer overflow by processing certain file headers via bfd binary

closed-fixed
Ben Shi
security (2)
other
7
2015-06-26
2014-07-12
Igor Gnatenko
No

Hi,

sdcc 3.4.0 affected with vulnerability CVE-2012-3509.
Because you're using bundled libiberty.

sdar.debug
00000000004333f0 T _objalloc_alloc
sdnm.debug
0000000000430e70 T _objalloc_alloc
sdobjcopy.debug
000000000044f110 T _objalloc_alloc
sdranlib.debug
00000000004333f0 T _objalloc_alloc

Look into bundled srcs:

[brain@X1Carbon sdcc-3.3.0]$ cat ./support/sdbinutils/libiberty/objalloc.c | grep _objalloc_alloc -A2
_objalloc_alloc (struct objalloc *o, unsigned long len)
{
  /* We avoid confusion from zero sized objects by always allocating

You want to apply patches below to:

./support/sdbinutils/libiberty/objalloc.c
./support/sdbinutils/include/objalloc.h

Patches:
https://gcc.gnu.org/viewcvs/gcc/trunk/include/objalloc.h?r1=191413&r2=191412&pathrev=191413
https://gcc.gnu.org/viewcvs/gcc/trunk/libiberty/objalloc.c?r1=191413&r2=191412&pathrev=191413

Discussion

  • Ben Shi

    Ben Shi - 2015-06-26

    The patches are applied in reversion #9263.

     

  • Ben Shi

    Ben Shi - 2015-06-26
    • status: open --> closed-fixed
    • assigned_to: Ben Shi
     

Log in to post a comment.

MongoDB Logo MongoDB