From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) by sourceware.org (Postfix) with ESMTPS id E6B493858031 for ; Tue, 2 Aug 2022 16:33:51 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org E6B493858031 Received: by mail-ed1-x52d.google.com with SMTP id b96so8003276edf.0 for ; Tue, 02 Aug 2022 09:33:51 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=gXwfmiDEBiurVV9fJxbYfqTTF0u+JL36d+FPvh0AV9Y=; b=FpnHGOwSGhTg8ezR3KAnYm+R9Q7x4H+11x/p9a87d+8KHSNY8IFKa04QhTpoo5jCkI EfkMebStLOyIMn/IaXN3zPwx559KLUclgW4T52wLYbknvwc/5KaDgtC4Vm0G8EY2kbF5 Z0Y0rq45zAt6DqudcEZVjZmM6bTYVIOGE8c1xXAZpnPetXixR2QHb9d4ogQF4CMRAcgP X+Wo8eYfXLMSY/E6xLWpvHMoUBBc/oIoozZ0fiQh1UdN/YTcQO9yruWzP48SdBsQ/GmJ c+WGHdzklfGPa7qoPteJCTD4JBmyoQdIP9GNO6NgA/urttVebizpQ5nmYn9ssjx3QwP9 x8Qw== X-Gm-Message-State: ACgBeo1D4VCPEE+DHsC9VCPoGbUAROzh07ZNv7JP8o+S4DAVH4111MiP 8BV1sJk1yMn+oB3YY/uVhcoft56Muj31iXaXap8= X-Google-Smtp-Source: AA6agR7V4TvBE1/iU9ctAjapIoE2hDHZUPfbPAEu2eog1LdOpDZVp4s87pJhscfSwRJzSgSJzTWtJyaFeeY9G9CWizk= X-Received: by 2002:a05:6402:524a:b0:43d:aa71:33d8 with SMTP id t10-20020a056402524a00b0043daa7133d8mr10121663edd.33.1659458030822; Tue, 02 Aug 2022 09:33:50 -0700 (PDT) MIME-Version: 1.0 References: <28f5239fb7e8c8f029104563393310dd@plutonium24.de> In-Reply-To: <28f5239fb7e8c8f029104563393310dd@plutonium24.de> From: Jonathan Wakely Date: Tue, 2 Aug 2022 17:33:39 +0100 Message-ID: Subject: Re: determining impact of vulnerability CVE-2022-27943 in libiberty/rust-demangle.c To: fus@plutonium24.de Cc: gcc-help Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-0.6 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-help@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-help mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Aug 2022 16:33:54 -0000 On Tue, 2 Aug 2022 at 17:12, wrote: > > The above mentioned CVE > (https://nvd.nist.gov/vuln/detail/CVE-2022-27943) just specifies GNU GCC > 11.2 to be affected, but fails to eplicitly specify that previous > versions are not affected. Does this CVE only affect exactly GCC version > 11.2? No, some earlier versions are affected. > > And I would also like to know how I can determine whether or not I will > be eposed to this vulnerability when using an affected version. Is the > rust demangler used internally by any C/C++ tools No. > or will I only be > affected when compiling rust programs? It isn't used when compiling rust programs. It's only used when inspecting binaries containing rust code, e.g. using the 'nm-new' utility. If I understand correctly, the stack overflow can only happen with binaries containing bogus symbol names specially crafted to exploit the bug.