[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/24043] Heap-buffer-overflow problem in function d_expressi
From: |
wcventure at 126 dot com |
Subject: |
[Bug binutils/24043] Heap-buffer-overflow problem in function d_expression_1 in cp-demangle.c, as demonstrated by c++filt |
Date: |
Fri, 28 Dec 2018 04:54:00 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=24043
--- Comment #3 from wcventure <wcventure at 126 dot com> ---
That 's because "d_advance (di, 2);" in function d_expression_1, it change
di->n = di + 2; leading to buffer-over-flow problem.
> 3353 d_advance (di, 2);
> 3354 if (peek == 't')
> 3355 type = cplus_demangle_type (di);
> 3356 if (!d_peek_next_char (di))
> 3357 return NULL;
--
You are receiving this mail because:
You are on the CC list for the bug.