[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug ld/20933] LD: Buffer Overflow if linker script does not exist
|
From: |
boehme.marcel at gmail dot com |
|
Subject: |
[Bug ld/20933] LD: Buffer Overflow if linker script does not exist |
|
Date: |
Wed, 07 Dec 2016 06:05:02 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=20933
--- Comment #5 from Marcel Böhme <boehme.marcel at gmail dot com> ---
Hi Alan,
Tried executing it from different working directories. Same outcome.
Tried executing it on Ubuntu 16.04 on Binutils revision 5cd1d8bc and I cannot
reproduce. Hmm...
This is what I get from GDB:
Reading symbols from
/home/ubuntu/subjects/binutils-gdb_fixed/obj-gold-afl/ld/ld-new...done.
(gdb) set args -T a
(gdb) b make-relative-prefix.c:385
Breakpoint 1 at 0x977c44: file ../../libiberty/make-relative-prefix.c, line
385.
(gdb) r
Starting program:
/home/ubuntu/subjects/binutils-gdb_fixed/obj-gold-afl/ld/ld-new -T a
Breakpoint 1, make_relative_prefix_1 (progname=<optimized out>,
address@hidden "/usr/local/bin",
address@hidden "/usr/local/x86_64-pc-linux-gnu/lib",
address@hidden)
at ../../libiberty/make-relative-prefix.c:385
385 ptr = ret + strlen(ret);
(gdb) p ret
$1 = 0xc9d970 "/home/ubuntu/subjects/binutils-gdb_fixed/obj-gold-afl/ld/"
(gdb) p strlen(ret)
$2 = 57
Here is some more info from Valgrind about where it is allocated:
valgrind /home/ubuntu/subjects/binutils-gdb_fixed/obj-gold-afl/ld/ld-new -T
test100
==50130== Memcheck, a memory error detector
==50130== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==50130== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==50130== Command:
/home/ubuntu/subjects/binutils-gdb_fixed/obj-gold-afl/ld/ld-new -T test100
==50130==
==50130== Invalid read of size 4
==50130== at 0x977CB8: make_relative_prefix_1 (make-relative-prefix.c:385)
==50130== by 0x4C6B57: find_scripts_dir (ldfile.c:518)
==50130== by 0x4C6B57: ldfile_find_command_file (ldfile.c:554)
==50130== by 0x4C6B57: ldfile_open_command_file_1 (ldfile.c:594)
==50130== by 0x42D304: parse_args (lexsup.c:1219)
==50130== by 0x40D18D: main (ldmain.c:312)
==50130== Address 0x5409ac8 is 56 bytes inside a block of size 58 alloc'd
==50130== at 0x4C2AB80: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==50130== by 0x97767B: make_relative_prefix_1 (make-relative-prefix.c:375)
==50130== by 0x4C6B57: find_scripts_dir (ldfile.c:518)
==50130== by 0x4C6B57: ldfile_find_command_file (ldfile.c:554)
==50130== by 0x4C6B57: ldfile_open_command_file_1 (ldfile.c:594)
==50130== by 0x42D304: parse_args (lexsup.c:1219)
==50130== by 0x40D18D: main (ldmain.c:312)
Best regards,
- Marcel
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug ld/20933] New: LD: Buffer Overflow if linker script does not exist, boehme.marcel at gmail dot com, 2016/12/06
- [Bug ld/20933] LD: Buffer Overflow if linker script does not exist, nickc at redhat dot com, 2016/12/06
- [Bug ld/20933] LD: Buffer Overflow if linker script does not exist, boehme.marcel at gmail dot com, 2016/12/06
- [Bug ld/20933] LD: Buffer Overflow if linker script does not exist, amodra at gmail dot com, 2016/12/07
- [Bug ld/20933] LD: Buffer Overflow if linker script does not exist, amodra at gmail dot com, 2016/12/07
- [Bug ld/20933] LD: Buffer Overflow if linker script does not exist,
boehme.marcel at gmail dot com <=
- [Bug ld/20933] LD: Buffer Overflow if linker script does not exist, amodra at gmail dot com, 2016/12/07
- [Bug ld/20933] LD: Buffer Overflow if linker script does not exist, boehme.marcel at gmail dot com, 2016/12/07