Am 01.01.20 um 03:14 schrieb Paul Wise:
On Tue, Dec 31, 2019 at 9:47 AM Florian Weimer wrote:BFD and binutils have not been designed to process untrusted data. Usually, this does not matter at all. For example, no security boundary is crossed when linking object files that have been just been compiled.There are definitely situations where vulnerabilities in binutils (mostly objdump) are important and a security boundary could be crossed, for example; running lintian on ftp-master, malware reverse engineering
Up to now I did not see any notable effort to support malware reverse engineering under Linux. The only program I knew was boomerang for decompiling malware but it seems to be unsupported since long. I would really be in need of such software since I have plenty of images of rootkitted installations and tampered BIOS images (f.i. one does not boot via USB and does not allow BIOS updates; you can not get rid of it unless you flash the BIOS chip of you mainboard externally).
and inspection of binaries for hardening features.