From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 27406 invoked by alias); 1 Jul 2007 22:31:07 -0000 Received: (qmail 27397 invoked by uid 22791); 1 Jul 2007 22:31:07 -0000 X-Spam-Check-By: sourceware.org Received: from ns2.uludag.org.tr (HELO uludag.org.tr) (193.140.100.220) by sourceware.org (qpsmtpd/0.31) with ESMTP; Sun, 01 Jul 2007 22:31:05 +0000 Received: from garbage.local (unknown [85.101.42.127]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by uludag.org.tr (Postfix) with ESMTP id 5C1096087959; Mon, 2 Jul 2007 01:30:53 +0300 (EEST) From: Ismail =?iso-8859-1?q?D=F6nmez?= To: Daniel Jacobowitz Subject: Re: [rfc] Do not crash reading UPX binaries Date: Sun, 01 Jul 2007 22:31:00 -0000 User-Agent: KMail/1.9.7 Cc: gdb-patches@sourceware.org References: <20070701215549.GA26528@caradoc.them.org> <200707020112.31603.ismail@pardus.org.tr> <20070701222747.GA32509@caradoc.them.org> In-Reply-To: <20070701222747.GA32509@caradoc.them.org> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart13177894.DNtxEd1jGx"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200707020130.55481.ismail@pardus.org.tr> Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2007-07/txt/msg00019.txt.bz2 --nextPart13177894.DNtxEd1jGx Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Content-length: 790 On Monday 02 July 2007 01:27:47 Daniel Jacobowitz wrote: > On Mon, Jul 02, 2007 at 01:12:27AM +0300, Ismail D=F6nmez wrote: > > Please not that attached gdbupx is from a security advisory [0] [1] but > > it looks like a simple DoS. > > > > [0] http://blog.xwings.net/?p=3D71 > > [1] http://blogs.securiteam.com/index.php/archives/922 > > That would be useful in the report next time :-) I spent twenty > minutes figuring out what was going on, and yes, it was the invalid > symbol table pointer. I'm happy to hear that this won't affect all > UPX files after all, just truncated ones. The reporting system was scary, and it didn't return me back to the bug rep= ort=20 to let me add the references. Sorry and thanks for the fast fix. Regards, ismail --=20 Perfect is the enemy of good --nextPart13177894.DNtxEd1jGx Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. Content-length: 827 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (GNU/Linux) iQIVAwUARogrH0e9qviWcMsnAQLVGg//YNQV5Dj9J5IuXRxfXLljlf0AqjqK9Mvl oRTc4vuj2JuygWInW4/r61BoUKEK6JlmNSrSDFRCGmO4gSt85GgzE8we7usol8br sBL6OTaRRDfYQIYtqxKkfF68Cv0RB/BGfSALfgJftFxZTxeNXaBQTx/aJqrm6iMb ZV0qy89DMZpC/63dElEyCyUDkLxKTkJzKtL5xSoXJD7kNimF/Sp4B24Cvb+5f9rd YRPI/YrThHi3x9zbpj4wKww8/GXSnwwTcPKf66JCgfX58/4+YAESrbKzR7afnRp5 T1UgSZPZ2YxOt+3rxPrZzep0CMDNo3030rsokDk3p590YZ6wTtYFZLNPW5zxqqN4 bwPEPX1i2Zd3HxVtd4Dlj4nCFVeHkVnor4aAnbdRwk4+/R7V1Zkg124B9pzbdXLN y36Qj+ZaNGvuk1AQyhFP15bfgLA4qQEs0Ce3e7nxIurbRbO0x2o9/MRz7Aw2ztW+ H8MpyGPr0W2PFIHhOfXkVLTZ41EU9ZlNoeX8gUg6Btgi7H/6bqQJ4+qBBS5Os9W3 NgiTJY8MGiRDwg6Mf20Uugj1DibfXyzpyqjGlDCFOzsjiJADXXBg/1beloN3I9id sbR7mVNCP49y/R9e5QdV3VJnRePJgOn6o/0GQ8R5a25sW2gUa+ifb5k+pfepNcY9 fEvdQkenTws= =bc3T -----END PGP SIGNATURE----- --nextPart13177894.DNtxEd1jGx--