NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Firefox segfaults



[2009-04-09 03:12] BrianC <cavenah1%yahoo.com@localhost>
> >$ gdb
> >(gdb) core-file firefox-bin.core
> >Core was generated by `firefox-bin'.
> >Program terminated with signal 11, Segmentation fault.
> >#0  0xbb0d523f in ?? ()
> 
> This smells like a security issue.  Stating the obvious here, but it
> looks like it could be exploited if an attacker is able to point the IP
> onto an executable heap where shellcode would reside.  Exploit
> developers have been using javascript to deploy malicious
> payloads on to the heap for this purpose for quite some time.

I can't comment on this, sorry. I'm no security guy.


> Is
> there a way to get a backtrace with symbols to see what was
> happening at the time of the segfault?

A `bt' in gdb shows not more than the quoted output from above. This
seems to be what you'd call: without symbols.

I guess the situation is reproducable by everyone if few file
descriptors are available. However, if you still want the data I can
generate it ... if you tell me how.


meillo


P.S.
Is it common to reply with private mail on this list? (I received
three private replies.) Shouldn't all general discussion be on list?

Attachment: signature.asc
Description: Digital signature



Home | Main Index | Thread Index | Old Index