From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-49693-listarch-gdb-patches=sources.redhat.com@sourceware.org>
Received: (qmail 26789 invoked by alias); 1 Jul 2007 22:28:21 -0000
Received: (qmail 26781 invoked by uid 22791); 1 Jul 2007 22:28:21 -0000
X-Spam-Check-By: sourceware.org
Received: from NaN.false.org (HELO nan.false.org) (208.75.86.248)     by sourceware.org (qpsmtpd/0.31) with ESMTP; Sun, 01 Jul 2007 22:28:19 +0000
Received: from nan.false.org (localhost [127.0.0.1]) 	by nan.false.org (Postfix) with ESMTP id 6EF0C982B8; 	Sun,  1 Jul 2007 22:28:18 +0000 (GMT)
Received: from caradoc.them.org (22.svnf5.xdsl.nauticom.net [209.195.183.55]) 	by nan.false.org (Postfix) with ESMTP id 5128F98299; 	Sun,  1 Jul 2007 22:28:18 +0000 (GMT)
Received: from drow by caradoc.them.org with local (Exim 4.67) 	(envelope-from <drow@caradoc.them.org>) 	id 1I57tT-0008Sg-SI; Sun, 01 Jul 2007 18:27:47 -0400
Date: Sun, 01 Jul 2007 22:28:00 -0000
From: Daniel Jacobowitz <drow@false.org>
To: Ismail =?iso-8859-1?Q?D=F6nmez?= <ismail@pardus.org.tr>
Cc: gdb-patches@sourceware.org
Subject: Re: [rfc] Do not crash reading UPX binaries
Message-ID: <20070701222747.GA32509@caradoc.them.org>
Mail-Followup-To: Ismail =?iso-8859-1?Q?D=F6nmez?= <ismail@pardus.org.tr>, 	gdb-patches@sourceware.org
References: <20070701215549.GA26528@caradoc.them.org> <200707020112.31603.ismail@pardus.org.tr>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <200707020112.31603.ismail@pardus.org.tr>
User-Agent: Mutt/1.5.15 (2007-04-09)
X-IsSubscribed: yes
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
X-SW-Source: 2007-07/txt/msg00018.txt.bz2

On Mon, Jul 02, 2007 at 01:12:27AM +0300, Ismail Dönmez wrote:
> Please not that attached gdbupx is from a security advisory [0] [1] but it 
> looks like a simple DoS.
> 
> [0] http://blog.xwings.net/?p=71
> [1] http://blogs.securiteam.com/index.php/archives/922

That would be useful in the report next time :-)  I spent twenty
minutes figuring out what was going on, and yes, it was the invalid
symbol table pointer.  I'm happy to hear that this won't affect all
UPX files after all, just truncated ones.

-- 
Daniel Jacobowitz
CodeSourcery