[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/17531] readelf crashes on fuzzed samples
From: |
cherepan at mccme dot ru |
Subject: |
[Bug binutils/17531] readelf crashes on fuzzed samples |
Date: |
Sun, 08 Feb 2015 16:48:09 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=17531
--- Comment #82 from Alexander Cherepanov <cherepan at mccme dot ru> ---
Created attachment 8108
--> https://sourceware.org/bugzilla/attachment.cgi?id=8108&action=edit
Problems with `readelf -agteAruhlsSdIncVWw --dyn-syms -D` (32-bit) -- ubsan
This is an experimental report. Attached samples expose undefined behavior. The
errors are collected with binutils built with gcc-4.9 -fsanitize=undefined
(exact configure is in configure-ubsan.txt).
It it's useful I'll integrate it into the usual reports. It it's not useful
feel free to ignore it.
----------------------------------------------------------------------
ubsan
Files: 12
Errors:
1 ../../../source/binutils/dwarf.c:2771:3: runtime error: variable length
array bound evaluates to non-positive value ...
1 ../../../source/binutils/dwarf.c:279:45: runtime error: shift exponent
... is too large for 64-bit type 'long long unsigned int'
1 ../../../source/binutils/dwarf.c:3781:4: runtime error: variable length
array bound evaluates to non-positive value ...
1 ../../../source/binutils/dwarf.c:451:7: runtime error: variable length
array bound evaluates to non-positive value ...
1 ../../../source/binutils/dwarf.c:5884:6: runtime error: variable length
array bound evaluates to non-positive value ...
1 ../../../source/binutils/dwarf.c:5892:4: runtime error: variable length
array bound evaluates to non-positive value ...
1 ../../../source/binutils/dwarf.c:6431:3: runtime error: signed integer
overflow: ... * ... cannot be represented in type 'int'
1 ../../../source/binutils/dwarf.c:6437:29: runtime error: signed integer
overflow: ... * ... cannot be represented in type 'int'
1 ../../../source/binutils/dwarf.c:6447:3: runtime error: signed integer
overflow: ... * ... cannot be represented in type 'int'
1 ../../../source/binutils/dwarf.c:6453:29: runtime error: signed integer
overflow: ... * ... cannot be represented in type 'int'
1 ../../../source/binutils/dwarf.c:6460:40: runtime error: signed integer
overflow: ... * ... cannot be represented in type 'int'
1 ../../../source/binutils/dwarf.c:6469:40: runtime error: signed integer
overflow: ... * ... cannot be represented in type 'int'
1 ../../../source/binutils/readelf.c:15068:46: runtime error: signed
integer overflow: ... - ... cannot be represented in type 'int'
1 ../../../source/binutils/readelf.c:1615:7: runtime error: negation of
... cannot be represented in type 'long long int'; cast to an unsigned type to
negate this value to itself
1 ../../../source/binutils/readelf.c:1627:6: runtime error: negation of
... cannot be represented in type 'long long int'; cast to an unsigned type to
negate this value to itself
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug binutils/17531] readelf crashes on fuzzed samples, (continued)
- [Bug binutils/17531] readelf crashes on fuzzed samples, nickc at redhat dot com, 2015/02/03
- [Bug binutils/17531] readelf crashes on fuzzed samples, cherepan at mccme dot ru, 2015/02/03
- [Bug binutils/17531] readelf crashes on fuzzed samples, cvs-commit at gcc dot gnu.org, 2015/02/04
- [Bug binutils/17531] readelf crashes on fuzzed samples, nickc at redhat dot com, 2015/02/04
- [Bug binutils/17531] readelf crashes on fuzzed samples, cherepan at mccme dot ru, 2015/02/04
- [Bug binutils/17531] readelf crashes on fuzzed samples, cherepan at mccme dot ru, 2015/02/04
- [Bug binutils/17531] readelf crashes on fuzzed samples, cvs-commit at gcc dot gnu.org, 2015/02/06
- [Bug binutils/17531] readelf crashes on fuzzed samples, cvs-commit at gcc dot gnu.org, 2015/02/06
- [Bug binutils/17531] readelf crashes on fuzzed samples, nickc at redhat dot com, 2015/02/06
- [Bug binutils/17531] readelf crashes on fuzzed samples, cherepan at mccme dot ru, 2015/02/08
- [Bug binutils/17531] readelf crashes on fuzzed samples,
cherepan at mccme dot ru <=
- [Bug binutils/17531] readelf crashes on fuzzed samples, cvs-commit at gcc dot gnu.org, 2015/02/10
- [Bug binutils/17531] readelf crashes on fuzzed samples, nickc at redhat dot com, 2015/02/10
- [Bug binutils/17531] readelf crashes on fuzzed samples, cvs-commit at gcc dot gnu.org, 2015/02/10
- [Bug binutils/17531] readelf crashes on fuzzed samples, nickc at redhat dot com, 2015/02/10
- [Bug binutils/17531] readelf crashes on fuzzed samples, cherepan at mccme dot ru, 2015/02/10
- [Bug binutils/17531] readelf crashes on fuzzed samples, cvs-commit at gcc dot gnu.org, 2015/02/11
- [Bug binutils/17531] readelf crashes on fuzzed samples, nickc at redhat dot com, 2015/02/11
- [Bug binutils/17531] readelf crashes on fuzzed samples, cherepan at mccme dot ru, 2015/02/11
- [Bug binutils/17531] readelf crashes on fuzzed samples, cvs-commit at gcc dot gnu.org, 2015/02/13
- [Bug binutils/17531] readelf crashes on fuzzed samples, nickc at redhat dot com, 2015/02/13