goblin icon indicating copy to clipboard operation
goblin copied to clipboard
verified publisher icon m4b

pe.relocation.RelocationData.parse_with_opts - Possible out of bound

Open BinFlip opened this issue 6 months ago • 2 comments

Found another possible out of bound memory access while fuzzing my project that uses goblin

crash-6b996e5a1942c4b4d0156dac6616e087aff8f761.zip

BinFlip avatar Jun 04 '25 18:06 BinFlip

I am pretty sure this PR is duplicate of #465. By the way thank you for the heads up :D

kkent030315 avatar Jun 09 '25 12:06 kkent030315

Ah I must have missed that when looking through the PRs! In that case we can close #468 as duplicate. Do you have any estimate on when #465 will be merged?

BinFlip avatar Jun 09 '25 14:06 BinFlip

Ah I must have missed that when looking through the PRs! In that case we can close #468 as duplicate. Do you have any estimate on when #465 will be merged?

I'll review it this weekend, hopefully get it merged, thanks for your patience!

m4b avatar Jun 14 '25 08:06 m4b

I could also just merge this for time being since it's very simple :shrug:

m4b avatar Jun 14 '25 08:06 m4b

Thank you! I'm okay with waiting a bit longer, and I'd rather have the original finder and author credited

BinFlip avatar Jun 14 '25 13:06 BinFlip

Same root cause found in load_config.rs #481

x0rb3l avatar Jul 25 '25 16:07 x0rb3l