x86/disasm: Fix format string vulnerability
Fixes a format string vulnerability in the x86 disassembler by adding format specifiers to `i386_dis_printf` calls.
H.J. Lu pushed Will Hawkin’s patch which fixes a format string vulnerability in the x86 disassembler. The vulnerability, reported as PR binutils/34168, could lead to arbitrary code execution if a crafted input string is processed by the disassembler. The fix involves adding format specifiers to i386_dis_printf calls.
In Details
This patch mitigates a format string vulnerability in the i386-dis.c file of the binutils disassembler. Format string vulnerabilities occur when user-controlled input is used as the format string in a printf-style function, potentially leading to information disclosure or arbitrary code execution.
For Context
A disassembler converts machine code back into human-readable assembly code. This patch fixes a security vulnerability in the x86 disassembler. The vulnerability allowed malicious input to potentially execute arbitrary code due to improper handling of format strings, meaning certain characters in the input could be interpreted as commands.