[release-branch.go1.17] debug/macho: fail on invalid dynamic symbol table command
Fail out when loading a file that contains a dynamic symbol table command that indicates a larger number of symbols than exist in the loaded symbol table. Thanks to Burak Çarıkçı - Yunus Yıldırım (CT-Zer0 Crypttech) for reporting this issue. Updates #48990 Fixes #48992 Fixes CVE-2021-41771 Change-Id: Ic3d6e6529241afcc959544b326b21b663262bad5 Reviewed-on: https://go-review.googlesource.com/c/go/+/355990 Reviewed-by:Julie Qiu <julie@golang.org> Reviewed-by:
Katie Hockman <katie@golang.org> Reviewed-by:
Emmanuel Odeke <emmanuel@orijtech.com> Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Trust: Katie Hockman <katie@golang.org> (cherry picked from commit 61536ec0) Reviewed-on: https://go-review.googlesource.com/c/go/+/359455 Reviewed-by:
Dmitri Shuralyov <dmitshur@golang.org>
Loading
Please sign in to comment