-
Notifications
You must be signed in to change notification settings - Fork 17.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
debug/macho: invalid dynamic symbol table command can cause panic [1.17 backport] #48992
Labels
Milestone
Comments
gopherbot
added
the
CherryPickCandidate
Used during the release process for point releases
label
Oct 14, 2021
Approved for backport. Thanks. |
cherrymui
added
CherryPickApproved
Used during the release process for point releases
and removed
CherryPickCandidate
Used during the release process for point releases
labels
Oct 20, 2021
@rolandshoemaker Can you please prepare two backport CL (here, and for #48991) following https://golang.org/wiki/MinorReleases#making-cherry-pick-cls? Thanks. |
Change https://golang.org/cl/359455 mentions this issue: |
gopherbot
pushed a commit
that referenced
this issue
Oct 29, 2021
…able command Fail out when loading a file that contains a dynamic symbol table command that indicates a larger number of symbols than exist in the loaded symbol table. Thanks to Burak Çarıkçı - Yunus Yıldırım (CT-Zer0 Crypttech) for reporting this issue. Updates #48990 Fixes #48992 Fixes CVE-2021-41771 Change-Id: Ic3d6e6529241afcc959544b326b21b663262bad5 Reviewed-on: https://go-review.googlesource.com/c/go/+/355990 Reviewed-by: Julie Qiu <julie@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com> Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Trust: Katie Hockman <katie@golang.org> (cherry picked from commit 61536ec) Reviewed-on: https://go-review.googlesource.com/c/go/+/359455 Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Closed by merging 4a84298 to release-branch.go1.17. |
3 tasks
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
@rolandshoemaker requested issue #48990 to be considered for backport to the next 1.17 minor release.
The text was updated successfully, but these errors were encountered: