upx-devel ddos Vulnerability #317
Milestone
Comments
jreiser
added a commit
that referenced
this issue
Nov 24, 2019
Detect duplicate DT_*. Detect out-of-bounds hashtab and gashtab. Detect missing DT_REL, DT_RELA. Detect out-of-bounds d_val. #317 modified: p_lx_elf.cpp
|
Fixed in |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
ubuntu 1604 x32
////////////////////////////////////////////////////////////
ddos 1 attachment p_lx_elf.cpp^%1613
p_lx_elf.cpp:1613
unsigned const nbucket = get_te32(&hashtab[0]); crashes
/////////////////////////////////////////////////////////////////////
ddos 2 attachment p_lx_elf.cpp^%1635
p_lx_elf.cpp:1635
unsigned const n_bucket = get_te32(&gashtab[0]);
unsigned const n_bitmask = get_te32(&gashtab[2]);
unsigned const gnu_shift = get_te32(&gashtab[3]);
////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////
ddos 3 attachment p_lx_elf.cpp^%1839
p_lx_elf.cpp^%1839
unsigned const symnum = get_te32(&rel->r_info) >> [8];
////////////////////////////////////////////////////////////////////////////
find by topsec(hj)
upx.zip
The text was updated successfully, but these errors were encountered: