Binary Ninja crashes if one of the compiled files bellow are open.
small name ("only" 2000 chars)
mini.c
full name (the max the demangler allow)
full.c
The demangler plugins from the binaryninja-api don't have any recursion limiter, so a GNU3/MSVC name could cause the stack to grow very large and overflow.
The plugins can handle names with up to 262144, In my test a simple 2000 len name will cause the crash, but it will depend on the environment stack limit.
To compile just use:
gcc -shared mini.c -o mini.so
This is not a security vulnerability, it probably will never happen in a legit binary. The only citation I think this could happen is as obfuscation technique to difficult binary analyze.
Binary Ninja crashes if one of the compiled files bellow are open.
small name ("only" 2000 chars)
mini.c
full name (the max the demangler allow)
full.c
The demangler plugins from the binaryninja-api don't have any recursion limiter, so a GNU3/MSVC name could cause the stack to grow very large and overflow.
The plugins can handle names with up to 262144, In my test a simple 2000 len name will cause the crash, but it will depend on the environment stack limit.
To compile just use:
This is not a security vulnerability, it probably will never happen in a legit binary. The only citation I think this could happen is as obfuscation technique to difficult binary analyze.