Open bladchan opened 2 years ago
Thank you. I will look into fixing these. Are you using the library for anything in particular?
Nope, I was just fuzzing it. It seemed that there are some bugs in examples/elfparse.c. When providing a correct format ELF file, the parser seems to work normally. But when providing a crafted ELF file, the parser will be corrupted due to memory issues. In total: 1 heap overflow, 12 segv, 1 bad free, 1 floating pointer exception, and 3 unknown crashes. If you need these pocs, I'll organize and upload them.
Describe the bug A bad elf file which can lead elf_open_object() to a segmentation fault. Poc here: poc5.zip
To Reproduce
Expected behavior Parse elf file without segmentation fault because segmentation fault can cause a Denial of Service (Dos).
Environment (please complete the following information):
Additional context ASAN says: