[Bug binutils/25361] New: Memory leak in readelf, request_dump

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/25361] New: Memory leak in readelf, request_dump_bynumber

From:	featherrain26 at gmail dot com
Subject:	[Bug binutils/25361] New: Memory leak in readelf, request_dump_bynumber
Date:	Fri, 10 Jan 2020 13:49:58 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=25361

            Bug ID: 25361
           Summary: Memory leak in readelf, request_dump_bynumber
           Product: binutils
           Version: 2.32
            Status: UNCONFIRMED
          Severity: critical
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: featherrain26 at gmail dot com
  Target Milestone: ---

Created attachment 12182
  --> https://sourceware.org/bugzilla/attachment.cgi?id=12182&action=edit
POC file

Hi, there.

There is a memory leak in file binutils/readelf.c, get_data function.

Here is the reproducing environment and procedure:

Distributor ID: Ubuntu
Description:    Ubuntu 16.04.6 LTS
Release:        16.04
Codename:       xenial
gcc:            5.4.0

compilation:
CFLAGS="-fsanitize=address,undefined" ./configure

./readelf -agteSdcWw --dyn-syms -D poc


Here is the error message:

=================================================================
==16847==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 180 byte(s) in 5 object(s) allocated from:
    #0 0x7ffff6f02602 in malloc
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
    #1 0x4d0694 in xmalloc
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4d0694)
    #2 0x4c19ef in xcmalloc
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4c19ef)
    #3 0x4af8ca in display_debug_frames
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4af8ca)
    #4 0x46172f in display_debug_section
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x46172f)
    #5 0x461f4b in process_section_contents
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x461f4b)
    #6 0x47c8e2 in process_object
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47c8e2)
    #7 0x47e950 in process_file
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47e950)
    #8 0x47ecd1 in main
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47ecd1)
    #9 0x7ffff5db382f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Direct leak of 90 byte(s) in 5 object(s) allocated from:
    #0 0x7ffff6f02602 in malloc
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
    #1 0x4d0694 in xmalloc
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4d0694)
    #2 0x4c19ef in xcmalloc
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4c19ef)
    #3 0x4af7f3 in display_debug_frames
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4af7f3)
    #4 0x46172f in display_debug_section
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x46172f)
    #5 0x461f4b in process_section_contents
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x461f4b)
    #6 0x47c8e2 in process_object
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47c8e2)
    #7 0x47e950 in process_file
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47e950)
    #8 0x47ecd1 in main
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47ecd1)
    #9 0x7ffff5db382f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Direct leak of 19 byte(s) in 1 object(s) allocated from:
    #0 0x7ffff6f0279a in __interceptor_calloc
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x9879a)
    #1 0x41b632 in request_dump_bynumber
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x41b632)
    #2 0x42b94f in process_section_headers
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x42b94f)
    #3 0x47c6fd in process_object
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47c6fd)
    #4 0x47e950 in process_file
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47e950)
    #5 0x47ecd1 in main
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47ecd1)
    #6 0x7ffff5db382f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

SUMMARY: AddressSanitizer: 289 byte(s) leaked in 11 allocation(s).

Regards,

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug binutils/25361] New: Memory leak in readelf, request_dump_bynumber, featherrain26 at gmail dot com <=
- [Bug binutils/25361] Memory leak in readelf, request_dump_bynumber, amodra at gmail dot com, 2020/01/13
- [Bug binutils/25361] Memory leak in readelf, request_dump_bynumber, cvs-commit at gcc dot gnu.org, 2020/01/13
- [Bug binutils/25361] Memory leak in readelf, request_dump_bynumber, amodra at gmail dot com, 2020/01/13

Prev by Date: [Bug binutils/25360] New: memory leak in readelf, get_data
Next by Date: [Bug ld/25210] aarch64: -fix-cortex-a53-835769 --fix-cortex-a53-843419 lead to invalid operation
Previous by thread: [Bug binutils/25360] New: memory leak in readelf, get_data
Next by thread: [Bug binutils/25361] Memory leak in readelf, request_dump_bynumber
Index(es):
- Date
- Thread