diff options
| author | Nguyễn Gia Phong <cnx@loang.net> | 2025-02-16 18:08:36 +0900 |
|---|---|---|
| committer | Nguyễn Gia Phong <cnx@loang.net> | 2025-02-18 11:21:27 +0900 |
| commit | a67219d8ae7cdb76f67cd6a7b377dbd20b4123f9 (patch) | |
| tree | 3388642f0426d9f665370b0b729d4eba45a9844f | |
| parent | c336fdfa6ca6b33015f6bdc6e460d754e7f2c907 (diff) | |
| download | loftix-a67219d8ae7cdb76f67cd6a7b377dbd20b4123f9.tar.gz | |
Add CVE-2017-15020 from ASan'ed binutils 2.29
| -rw-r--r-- | README.md | 8 | ||||
| -rw-r--r-- | REUSE.toml | 4 | ||||
| -rw-r--r-- | bugs/cve/2017/15020/reproducer | bin | 0 -> 31248 bytes | |||
| -rw-r--r-- | loftix/bugs.scm | 10 |
4 files changed, 20 insertions, 2 deletions
diff --git a/README.md b/README.md index 316e633..eb14e25 100644 --- a/README.md +++ b/README.md @@ -67,6 +67,13 @@ Then run `guix pull`. guix shell binutils@2.29 objdump -d bugs/cve/2017/14745/crash_1 +### CVE-2017-15020 + +[binutils: heap buffer overflow][sourceware-22202] + + guix shell binutils@2.29 + nm -l bugs/cve/2017/15020/reproducer + ### CVE-2017-15025 [binutils: divide-by-zero][sourceware-22186] @@ -97,5 +104,6 @@ Then run `guix pull`. [jasper-d42b238]: https://blogs.gentoo.org/ago/2016/11/19/jasper-signed-integer-overflow-in-jas_image-c [oss-sec-20161105-3]: https://www.openwall.com/lists/oss-security/2016/11/05/3 [sourceware-22148]: https://sourceware.org/bugzilla/show_bug.cgi?id=22148 +[sourceware-22202]: https://sourceware.org/bugzilla/show_bug.cgi?id=22202 [sourceware-22186]: https://sourceware.org/bugzilla/show_bug.cgi?id=22186 [mozjpeg-268]: https://github.com/mozilla/mozjpeg/issues/268 diff --git a/REUSE.toml b/REUSE.toml index 221088c..fae9655 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -27,6 +27,10 @@ path = 'bugs/cve/2017/14745/crash_1' SPDX-FileCopyrightText = '2017 Junchao Luan' [[annotations]] +path = 'bugs/cve/2017/15020/reproducer' +SPDX-FileCopyrightText = '2017 Agostino Sarubbo' + +[[annotations]] path = 'bugs/cve/2017/15025/3899.crashes.bin' SPDX-FileCopyrightText = '2017 Agostino Sarubbo' diff --git a/bugs/cve/2017/15020/reproducer b/bugs/cve/2017/15020/reproducer new file mode 100644 index 0000000..be24631 --- /dev/null +++ b/bugs/cve/2017/15020/reproducer Binary files differdiff --git a/loftix/bugs.scm b/loftix/bugs.scm index fff543b..0ee9398 100644 --- a/loftix/bugs.scm +++ b/loftix/bugs.scm @@ -19,7 +19,7 @@ #:use-module (guix download) #:use-module (guix packages)) -(define-public binutils-2.29 +(define-public binutils-2.29-asan (package (inherit binutils-2.33) (version "2.29") @@ -29,7 +29,13 @@ version ".tar.bz2")) (sha256 (base32 "1gqfyksdnj3iir5gzyvlp785mnk60g1pll6zbzbslfchhr4rb8i9")) - (patches '()))))) + (patches '()))) + (arguments '(#:phases (modify-phases %standard-phases + (add-before 'build 'set-env + (lambda _ + (setenv "ASAN_OPTIONS" "detect_leaks=0")))) + #:make-flags '("CFLAGS=-O2 -g -fsanitize=address" + "LDFLAGS=-fsanitize=address"))))) (define-public jasper-1.900.19 (package |