[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/23677] New: The stack overflow in function cplus_demangle_
From: |
wcventure at 126 dot com |
Subject: |
[Bug binutils/23677] New: The stack overflow in function cplus_demangle_type in cp-demangle.c:2565 ( c++filt -t ) |
Date: |
Mon, 17 Sep 2018 14:20:37 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=23677
Bug ID: 23677
Summary: The stack overflow in function cplus_demangle_type in
cp-demangle.c:2565 ( c++filt -t )
Product: binutils
Version: 2.31
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: wcventure at 126 dot com
Target Milestone: ---
Created attachment 11252
--> https://sourceware.org/bugzilla/attachment.cgi?id=11252&action=edit
POC-c++filt-t
Hi,
We have found a stack overflow in function cplus_demangle_type in
cp-demangle.c:2565 in c++filt of the latest binutils code base.
Here is the POC file. Please use the “c++filt -t < $POC ” to reproduce the bug.
Thank you very much.
Command:“c++filt -t < $POC ” (Please remember to use the option -t)
AddressSanitizer:DEADLYSIGNAL
=================================================================
==21814==ERROR: AddressSanitizer: stack-overflow on address 0x7ffcafaefbc0 (pc
0x0000008d3eb1 bp 0x7ffcafaf02d0 sp 0x7ffcafaefbc0 T0)
#0 0x8d3eb0 in cplus_demangle_type
.../binutils-2.31/libiberty/./cp-demangle.c:2367
#1 0x8d523c in cplus_demangle_type
.../binutils-2.31/libiberty/./cp-demangle.c:2565:5
#2 0x8d523c in cplus_demangle_type
.../binutils-2.31/libiberty/./cp-demangle.c:2565:5
#3 0x8d523c in cplus_demangle_type
.../binutils-2.31/libiberty/./cp-demangle.c:2565:5
#4 0x8d523c in cplus_demangle_type
.../binutils-2.31/libiberty/./cp-demangle.c:2565:5
#5 0x8d523c in cplus_demangle_type
.../binutils-2.31/libiberty/./cp-demangle.c:2565:5
#6 0x8d523c in cplus_demangle_type
.../binutils-2.31/libiberty/./cp-demangle.c:2565:5
#7 0x8d523c in cplus_demangle_type
.../binutils-2.31/libiberty/./cp-demangle.c:2565:5
#8 0x8d523c in cplus_demangle_type
.../binutils-2.31/libiberty/./cp-demangle.c:2565:5
#9 0x8d523c in cplus_demangle_type
.../binutils-2.31/libiberty/./cp-demangle.c:2565:5
...
#246 0x8d523c in cplus_demangle_type
.../binutils-2.31/libiberty/./cp-demangle.c:2565:5
#247 0x8d523c in cplus_demangle_type
.../binutils-2.31/libiberty/./cp-demangle.c:2565:5
#248 0x8d523c in cplus_demangle_type
.../binutils-2.31/libiberty/./cp-demangle.c:2565:5
#249 0x8d523c in cplus_demangle_type
.../binutils-2.31/libiberty/./cp-demangle.c:2565:5
SUMMARY: AddressSanitizer: stack-overflow
.../binutils-2.31/libiberty/./cp-demangle.c:2367 in cplus_demangle_type
==21814==ABORTING
Aborted
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug binutils/23677] New: The stack overflow in function cplus_demangle_type in cp-demangle.c:2565 ( c++filt -t ),
wcventure at 126 dot com <=