[release-branch.go1.16] debug/macho: fail on invalid dynamic symbol table command - go

diff options

author	Roland Shoemaker <roland@golang.org>	2021-10-14 13:02:01 -0700
committer	Dmitri Shuralyov <dmitshur@golang.org>	2021-10-29 19:42:43 +0000
commit	d19c5bdb24e093a2d5097b7623284eb02726cede (patch)
tree	6cae6e93d1ded623239b0cf3fb3fd5c66316e5f0 /src/vendor/modules.txt
parent	900443349b17bb1f989daa64856546955c70d104 (diff)
download	go-d19c5bdb24e093a2d5097b7623284eb02726cede.tar.gz go-d19c5bdb24e093a2d5097b7623284eb02726cede.zip

[release-branch.go1.16] debug/macho: fail on invalid dynamic symbol table command

Fail out when loading a file that contains a dynamic symbol table command that indicates a larger number of symbols than exist in the loaded symbol table. Thanks to Burak Çarıkçı - Yunus Yıldırım (CT-Zer0 Crypttech) for reporting this issue. Updates #48990 Fixes #48991 Fixes CVE-2021-41771 Change-Id: Ic3d6e6529241afcc959544b326b21b663262bad5 Reviewed-on: https://go-review.googlesource.com/c/go/+/355990 Reviewed-by: Julie Qiu <julie@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com> Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Trust: Katie Hockman <katie@golang.org> (cherry picked from commit 61536ec03063b4951163bd09609c86d82631fa27) Reviewed-on: https://go-review.googlesource.com/c/go/+/359454 Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>

Diffstat (limited to 'src/vendor/modules.txt')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: