[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/24058] New: objdump memory leaks in readelf.c

From: 0x0keeper at gmail dot com
Subject: [Bug binutils/24058] New: objdump memory leaks in readelf.c
Date: Thu, 03 Jan 2019 12:25:32 +0000


            Bug ID: 24058
           Summary: objdump memory leaks in readelf.c
           Product: binutils
           Version: 2.31
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: 0x0keeper at gmail dot com
  Target Milestone: ---

Created attachment 11509
  --> https://sourceware.org/bugzilla/attachment.cgi?id=11509&action=edit

hi,binutils team.i found there is memory leaks in readelf.c, when used objdump. 
here is AddressSanitizer info.

./objdump   -W poc

==21635==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 54 byte(s) in 2 object(s) allocated from:
    #0 0x4b91a8 in __interceptor_malloc
    #1 0x4eb374 in get_data /root/fuzz/binutils-2.31/binutils/readelf.c:425:9
    #2 0x5548f0 in get_section_contents
    #3 0x5548f0 in process_notes_at
    #4 0x5126a9 in process_note_sections
    #5 0x5126a9 in process_notes
    #6 0x5126a9 in process_object
    #7 0x4ee043 in process_file
    #8 0x4ee043 in main /root/fuzz/binutils-2.31/binutils/readelf.c:19318
    #9 0x7fb198cba82f in __libc_start_main

SUMMARY: AddressSanitizer: 54 byte(s) leaked in 2 allocation(s).

code in binutils-2.31/binutils/readelf.c:425:9

 mvar = var;
  if (mvar == NULL)
      /* Check for overflow.  */
      if (nmemb < (~(bfd_size_type) 0 - 1) / size)
        /* + 1 so that we can '\0' terminate invalid string table sections.  */
        mvar = malloc ((size_t) amt + 1);

      if (mvar == NULL)
          if (reason)
            error (_("Out of memory allocating %s bytes for %s\n"),
                   bfd_vmatoa ("u", amt), reason);
          return NULL;

      ((char *) mvar)[amt] = '\0';

You are receiving this mail because:
You are on the CC list for the bug.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]