CVE-2015-8538

There is a out of bound read in  latest release version dwarf-20151114, and we have tested the other version dwarf-20140805, so we guess the versions which are between these two version will be affected too.
when an odd elf file passed to dwarfdump, it would cause segment fault by invalid memory access.  please see the attachment for the elf file.

=========================================
Details: 
==========================================


if an elf file is passed to dwarfdump, a SIGSEGV will occur in libdwarf/dwarf_leb.c. 
please see attachment for the elf file.


when debugging it with gdb, the error information as follows:

--------------------------------
Program received signal SIGSEGV, Segmentation fault.
_dwarf_decode_u_leb128 (leb128=leb128@entry=0x80006a5be7a4 <error: Cannot access memory at address 0x80006a5be7a4>, leb128_length=leb128_length@entry=0x7fffffffda68) at dwarf_leb.c:57
57          if ((*leb128 & 0x80) == 0) {

(gdb) bt
#0  _dwarf_decode_u_leb128 (leb128=leb128@entry=0x80006a5be7a4 <error: Cannot access memory at address 0x80006a5be7a4>, leb128_length=leb128_length@entry=0x7fffffffda68) at dwarf_leb.c:57
#1  0x00000000004319fb in dwarf_attrlist (die=die@entry=0x6bb850, attrbuf=attrbuf@entry=0x7fffffffdb18, attrcnt=attrcnt@entry=0x7fffffffdb10, error=0x67c298 <err>) at dwarf_query.c:246
#2  0x0000000000410909 in print_one_die (dbg=dbg@entry=0x67ef00, die=die@entry=0x6bb850, print_information=1, die_indent_level=1, srcfiles=srcfiles@entry=0x0, cnt=cnt@entry=0, ignore_die_stack=ignore_die_stack@entry=0) at print_die.c:1211
#3  0x00000000004111d8 in print_die_and_children_internal (dbg=dbg@entry=0x67ef00, in_die_in=0x6a4a30, is_info=is_info@entry=1, srcfiles=srcfiles@entry=0x0, cnt=cnt@entry=0) at print_die.c:896
#4  0x00000000004115e5 in print_die_and_children_internal (dbg=dbg@entry=0x67ef00, in_die_in=0x6811a0, is_info=is_info@entry=1, srcfiles=0x0, cnt=0) at print_die.c:990
#5  0x0000000000411d1f in print_die_and_children (cnt=<optimized out>, srcfiles=<optimized out>, is_info=1, in_die_in=<optimized out>, dbg=0x67ef00) at print_die.c:778
#6  print_one_die_section (dbg=0x67ef00, is_info=is_info@entry=1) at print_die.c:725
#7  0x00000000004126a3 in print_infos (dbg=<optimized out>, is_info=is_info@entry=1) at print_die.c:319
#8  0x000000000040217a in process_one_file (config_file_data=0x6660c0 <config_file_data>, archive=0, tied_file_name=0x0, file_name=0x67d110 "./simplereader.elf", elftied=0x0, elf=<optimized out>) at dwarfdump.c:1280
#9  main (argc=<optimized out>, argv=<optimized out>) at dwarfdump.c:630



References:
https://bugzilla.redhat.com/show_bug.cgi?id=1289385
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8538
http://seclists.org/oss-sec/2015/q4/464