New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SEGV in LIEF::MachO::SegmentCommand::virtual_address at MachO/SegmentCommand.cpp:137 #784
Comments
|
There is another bad macho file which can lead LIEF::MachO::Parser::parse() to segmentation fault. Maybe it is the same reason which caused segmentation fault in MachO/SegmentCommand.cpp, so I report it under this issue. Poc here : poc3.zip ASAN says: |
|
Thank you very much @bladchan for these issues. I'm looking at them |
|
Do we have a release version for this fix? |
|
I plan to release a patch version for LIEF ( |
Describe the bug
A bad macho file which can lead LIEF::MachO::Parser::parse() to segmentation fault.
Poc is here : poc2.zip
To Reproduce
Expected behavior
Parse the Mach-O file without segmentation fault because segmentation fault can cause a Denial of Service (Dos).
Environment (please complete the following information):
Additional context
ASAN says:
Hope that helps!
The text was updated successfully, but these errors were encountered: