[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/26578] New: A memory leak in parse_gnu_debugaltlink
From: |
15664243668 at 163 dot com |
Subject: |
[Bug binutils/26578] New: A memory leak in parse_gnu_debugaltlink |
Date: |
Mon, 07 Sep 2020 13:40:05 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=26578
Bug ID: 26578
Summary: A memory leak in parse_gnu_debugaltlink
Product: binutils
Version: 2.35
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: 15664243668 at 163 dot com
Target Milestone: ---
Created attachment 12817
--> https://sourceware.org/bugzilla/attachment.cgi?id=12817&action=edit
PoC
I have found a memory leak in bfd_getl_signed_32(bfd/libbfd.c:669) by fuzzing.
The bug is triggered by
$readelf -agteSdcWw --dyn-syms -D PoC
And the PoC file is in the attachment. I compile Binuitls 2.35 with
AddressSanitizer into x86-64 version on Ubuntu 16.04 and print the debug
information as:
readelf: Error: File
./Output/binutils-2.35/objdump/3/queue/id:016146,src:016137,op:havoc,rep:32 is
not an archive so its index cannot be displayed.
readelf: Warning: The e_shentsize field in the ELF header is larger than the
size of an ELF section header
readelf: Warning: Section 0 has an out of range sh_link value of 27648
readelf: Warning: Section 0 has an out of range sh_info value of 131072
readelf: Warning: [ 0]: Expected link to another section in info fieldreadelf:
Warning: section 0: sh_link value of 27648 is larger than the number of
sections
readelf: Warning: [ 1]: Unexpected value (16777088) in info field.
readelf: Warning: [ 2]: Unexpected value (2147483392) in info field.
readelf: Warning: Size of section 3 is larger than the entire file!
readelf: Warning: [ 4]: Expected link to another section in info fieldreadelf:
Warning: Size of section 6 is larger than the entire file!
readelf: Warning: could not find separate debug file 'ELF'
readelf: Warning: tried: /lib/debug/ELF
readelf: Warning: tried: /usr/lib/debug/usr/ELF
readelf: Warning: tried:
/usr/lib/debug//home/ubuntu/yuetai/Output/binutils-2.35/objdump/3/queue//ELF
readelf: Warning: tried: /usr/lib/debug/ELF
readelf: Warning: tried:
/home/ubuntu/yuetai/Output/binutils-2.35/objdump/3/queue/.debug/ELF
readelf: Warning: tried:
/home/ubuntu/yuetai/Output/binutils-2.35/objdump/3/queue/ELF
readelf: Warning: tried: .debug/ELF
readelf: Warning: tried: ELF
readelf: Warning: could not find separate debug file 'ELF'
readelf: Warning: tried: /lib/debug/ELF
readelf: Warning: tried: /usr/lib/debug/usr/ELF
readelf: Warning: tried:
/usr/lib/debug//home/ubuntu/yuetai/Output/binutils-2.35/objdump/3/queue//ELF
readelf: Warning: tried: /usr/lib/debug/ELF
readelf: Warning: tried:
/home/ubuntu/yuetai/Output/binutils-2.35/objdump/3/queue/.debug/ELF
readelf: Warning: tried:
/home/ubuntu/yuetai/Output/binutils-2.35/objdump/3/queue/ELF
readelf: Warning: tried: .debug/ELF
readelf: Warning: tried: ELF
=================================================================
==22576==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x7ff84c0cb79a in __interceptor_calloc
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x9879a)
#1 0x4cd52a in parse_gnu_debugaltlink ../../binutils/dwarf.c:10305
SUMMARY: AddressSanitizer: 16 byte(s) leaked in 1 allocation(s).
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug binutils/26578] New: A memory leak in parse_gnu_debugaltlink,
15664243668 at 163 dot com <=