This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [rfc] Do not crash reading UPX binaries

From: Ismail Dönmez <ismail at pardus dot org dot tr>
To: Daniel Jacobowitz <drow at false dot org>
Cc: gdb-patches at sourceware dot org
Date: Mon, 2 Jul 2007 01:12:27 +0300
Subject: Re: [rfc] Do not crash reading UPX binaries
References: <20070701215549.GA26528@caradoc.them.org>

On Monday 02 July 2007 00:55:49 Daniel Jacobowitz wrote:
> This patch issues an error instead of a segfault on the testcase
> in PR 2280.  UPX is a binary compression system; it's infamous for
> producing very strange files, which are only "just valid enough".
> In this case, it claims that the symbol table is at a large offset
> in a very small file.
>
> I don't think it's worth supporting files this modified.  Does anyone
> think we need to do better, or shall I check in the attached?

Please not that attached gdbupx is from a security advisory [0] [1] but it 
looks like a simple DoS.

[0] http://blog.xwings.net/?p=71
[1] http://blogs.securiteam.com/index.php/archives/922

Regards,
ismail

-- 
Perfect is the enemy of good

Attachment: signature.asc
Description: This is a digitally signed message part.

Follow-Ups:
- Re: [rfc] Do not crash reading UPX binaries
  - From: Daniel Jacobowitz

References:
- [rfc] Do not crash reading UPX binaries
  - From: Daniel Jacobowitz

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]