Skip to content

Heap out-of-bounds read on crafted ELF: missing bounds check before memcpy #3

Description

@consigcody94

Found via code audit. arbextract.c:108. oem_md_off computed from header fields but never validated against hash_size before reading 12 bytes. Crafted ELF triggers heap over-read.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions