[Bug binutils/23059] New: OOM-Bug in cxxfilt (binuitils-2.30-15ubuntu1)

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/23059] New: OOM-Bug in cxxfilt (binuitils-2.30-15ubuntu1)

From:	sergej at schumilo dot de
Subject:	[Bug binutils/23059] New: OOM-Bug in cxxfilt (binuitils-2.30-15ubuntu1)
Date:	Fri, 13 Apr 2018 13:31:18 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=23059

            Bug ID: 23059
           Summary: OOM-Bug in cxxfilt (binuitils-2.30-15ubuntu1)
           Product: binutils
           Version: 2.30
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: sergej at schumilo dot de
  Target Milestone: ---

Created attachment 10947
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10947&action=edit
cxxfilt ASAN executable, ASAN report and causing input

Dear all,
after reporting the following bugs to the Ubuntu security team
(https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101), we were ask
to report them directly to the binutils developers: 

----------------------------------------------------

Dear all,
The following binutils cxxfilt OOM bug was found by a modified version of the
kAFL fuzzer (https://github.com/RUB-SysSec/kAFL). I have attached the input and
an ASAN report.

Steps to reproduce:

Build current verison of binutils:

```
pull-lp-source binutils
cd binutils-2.30
CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address
-ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb"
LDFLAGS="-fsanitize=address" ./configure
CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address
-ggdb" CXXFLAGS="-fsanitize=address
-fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" make
```

Run inputs under ASAN:

```
ASAN_OPTIONS=halt_on_error=false:allow_addr2line=true ./cxxfilt -t < oom
```

We can verify this issue for cxxfilt binuitils-2.30-15ubuntu1 (Ubuntu 16.04.4
LTS / sources from "pull-lp-source bintuils") on an Intel(R) Core(TM) i7-6700
CPU @ 3.40GHz server machine with 32GB RAM.

Credits: Sergej Schumilo, Cornelius Aschermann (both of Ruhr-Universität
Bochum)

Best regards,
Sergej Schumilo

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug binutils/23059] New: OOM-Bug in cxxfilt (binuitils-2.30-15ubuntu1), sergej at schumilo dot de <=
- [Bug binutils/23059] OOM-Bug in cxxfilt (binuitils-2.30-15ubuntu1), nickc at redhat dot com, 2018/04/18

Prev by Date: [Bug binutils/23058] New: Stack-Overflow in nm-new (binuitils-2.30-15ubuntu1)
Next by Date: [Bug binutils/23061] New: objcopy segfault in coff_mangle_symbols
Previous by thread: [Bug binutils/23058] New: Stack-Overflow in nm-new (binuitils-2.30-15ubuntu1)
Next by thread: [Bug binutils/23059] OOM-Bug in cxxfilt (binuitils-2.30-15ubuntu1)
Index(es):
- Date
- Thread