Closed catenacyber closed 2 years ago
I have found the bug some weeks ago too, and report them to go security team. Not only does oom exist in the 'debug/pe' package, but also in the 'debug/elf' and 'debug/macho' packages But go security team no longer treat these packages (debug/*) as part of the security boundary for Go.
Not only does oom exist in the 'debug/pe' package, but also in the 'debug/elf' and 'debug/macho' packages
Indeed cf https://github.com/golang/go/issues/52522 and https://github.com/golang/go/issues/52523
CC @alexbrainman.
Change https://go.dev/cl/412014 mentions this issue: debug/pe, internal/saferio: use saferio to read PE section data
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
Run https://go.dev/play/p/OGp56YSJsP1
What did you expect to see?
The program finishing and printing somme Hello, without having allocated too much space
What did you see instead?
Nothing
Running heap profiling I see that 4 GByte was allocated from
cf #52350
Found by https://github.com/catenacyber/ngolo-fuzzing on oss-fuzz https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47754