[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/27459] New: Improper device name can cause seg fault/crash
|
From: |
dennis.r at columbia dot edu |
|
Subject: |
[Bug binutils/27459] New: Improper device name can cause seg fault/crash/denial of service in png_handle_IHDR |
|
Date: |
Tue, 23 Feb 2021 06:12:02 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=27459
Bug ID: 27459
Summary: Improper device name can cause seg fault/crash/denial
of service in png_handle_IHDR
Product: binutils
Version: 2.36
Status: UNCONFIRMED
Severity: critical
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: dennis.r at columbia dot edu
Target Milestone: ---
Created attachment 13255
--> https://sourceware.org/bugzilla/attachment.cgi?id=13255&action=edit
poc
= Attachment =
./poc2
= Reproduce =
Compile with ./configure -enable=avr
objdump --private=mem-usage poc1
= Location =
../../binutils/od-elf32_avr.c:207
elf32_avr_dump_mem_usage()
https://sourcegraph.com/github.com/bminor/binutils-gdb@a7e3d08a26edefa411269636d7dcae7dd2736659/-/blob/binutils/od-elf32_avr.c#L209
= Description =
Improper device name can cause seg fault/crash.
rogram received signal SIGSEGV, Segmentation fault.
0x00007fbcdb5d5cd0 in _IO_vfprintf_internal (s=0x7fbcdb94c620
<_IO_2_1_stdout_>, format=<optimized out>, ap=ap@entry=0x7ffc32535528) at
vfprintf.c:1632
1632 vfprintf.c: No such file or directory.
(gdb) bt
#0 0x00007fbcdb5d5cd0 in _IO_vfprintf_internal (s=0x7fbcdb94c620
<_IO_2_1_stdout_>, format=<optimized out>, ap=ap@entry=0x7ffc32535528) at
vfprintf.c:1632
#1 0x00007fbcdb5dc8a9 in __printf (format=<optimized out>) at printf.c:33
#2 0x00000000004a0729 in elf32_avr_dump_mem_usage (abfd=0x50a6080) at
../../binutils/od-elf32_avr.c:207
#3 0x00000000004a0606 in elf32_avr_dump (abfd=0x50a6080) at
../../binutils/od-elf32_avr.c:292
#4 0x000000000042260c in dump_target_specific (abfd=0x50a6080) at
../../binutils/objdump.c:4282
#5 0x0000000000421605 in dump_bfd (abfd=0x50a6080, is_mainfile=1) at
../../binutils/objdump.c:4870
#6 0x0000000000421277 in display_object_bfd (abfd=0x50a6080) at
../../binutils/objdump.c:5008
#7 0x000000000042122e in display_any_bfd (file=0x50a6080, level=0) at
../../binutils/objdump.c:5098
#8 0x0000000000420f00 in display_file (filename=0x7ffc32536927 "asd",
target=0x0, last_file=1) at ../../binutils/objdump.c:5119
#9 0x00000000004204ed in main (argc=3, argv=0x7ffc32535b18) at
../../binutils/objdump.c:5467
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug binutils/27459] New: Improper device name can cause seg fault/crash/denial of service in png_handle_IHDR,
dennis.r at columbia dot edu <=