Bugs report for cplus-dem.c in GNU Binutils 2.31

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bugs report for cplus-dem.c in GNU Binutils 2.31

From:	乐泰
Subject:	Bugs report for cplus-dem.c in GNU Binutils 2.31
Date:	Tue, 14 May 2019 23:03:38 +0800

Dear Administrator:

My name is Tai Yue, a student from computer science school from one university of China. Recently I found some bugs in the cplus-dem.c in GNU Binutils 2.31 by fuzzing, which would make the software crashed. I’m going to apply for the CVE numbers. Now I will describe these crashes and submit them to you.

I fuzzed the nm-new -C in the GNU Binutils 2.31 for some days and found 50 crashes. After that I debugged the nm-new via gdb and found eight different crashes. They all happened durning the execution of the functions of cplus-dem.c by executing nm-new -C POC, and made the software crashed. These POCs and information file of debugging programs are both in the mailbox attachment.

bug_report.zip
Description: Zip archive

The functions affected by these crashes are demangle_args , string_need, string_prepend, string_append_template_idx, do_type and demangle_arm_hp_template in the cplus-dem.c, as demonstrated by nm.

Unfortunately, my ability to identify the type of vulnerability is still weak so that I’m not sure the type of these crashes. So I submit them to you, and look forward to hearing from you!

Tai Yue

2019.5.14

[Prev in Thread]

Current Thread

[Next in Thread]

Bugs report for cplus-dem.c in GNU Binutils 2.31, 乐泰 <=
- Re: Bugs report for cplus-dem.c in GNU Binutils 2.31, Nick Clifton, 2019/05/21

Prev by Date: [Bug gas/24538] GAS crashes caused by corrupted input files
Next by Date: [Bug gas/24546] x86-64 far jump/call encoding issues
Previous by thread: objdumps bug-report
Next by thread: Re: Bugs report for cplus-dem.c in GNU Binutils 2.31
Index(es):
- Date
- Thread