debug/elf: parsing Malware Elf File causes a panic in debug/elf.NewFile #47445
Labels
compiler/runtime
Issues related to the Go compiler and/or runtime.
FrozenDueToAge
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
We are using the latest release, and have the issue.
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
Gave it a file that had a magic number that made it appear to be an elf file.
Giving malformed elf file to elf.NewFile causes an out of bounds error.
File had ELF magic number, but giving it to the elf.NewFile function caused an out of
bounds exception.
I am happy to attach the offending file, however, it is malware. Please let me know if you would like me to attach it.
What did you expect to see?
I expected the elf library to either return a *File object with the File Header and Section variables filled out,
or I expected the elf library to return an error without causing a panic()
What did you see instead?
The elf library caused a panic, resulting in the stack-trace above.
The file was possibly malformed, ie did not conform to the ELF formatting standards.
I suspect issue is that it the ELF file was malware.
The text was updated successfully, but these errors were encountered: