Created attachment 1152900 [details] Out of Bound Read Hi, I have informed this bug to upstream, reporting it here just for bug tracking, thanks. Out of bound read bug in libdwarf git code. dwarf_dealloc() did not check the Dwarf_Ptr space argument before using it. This will lead to a out-of-bound read bug. 473 } 474 type = alloc_type; 475 malloc_addr = (char *)space - DW_RESERVE; 476 r =(struct reserve_data_s *)malloc_addr; 477 if(dbg != r->rd_dbg) { <- $pc 478 /* Something is badly wrong. Better to leak than 479 to crash. */ 480 return; 481 } --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------[trace]-- #0 dwarf_dealloc (dbg=dbg@entry=0x655f30, space=0xa0, alloc_type=alloc_type@entry=1) at dwarf_alloc.c:477 #1 0x00002aaaaacf3296 in dealloc_srcfiles (dbg=0x655f30, srcfiles=0x66b8f0, srcfiles_count=17) at dwarf_macro5.c:1025 #2 0x00002aaaaacf50e6 in dealloc_srcfiles (srcfiles_count=<optimized out>, srcfiles=<optimized out>, dbg=<optimized out>) at dwarf_macro5.c:1021 ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- gef> p &r->rd_dbg $14 = (void **) 0x90
libdwarf-20160507-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-f36c5935e5
libdwarf-20160507-1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-f36c5935e5
libdwarf-20160507-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.