[Bug binutils/29312] Stack overflow in demangle_const() and demangle

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/29312] Stack overflow in demangle_const() and demangle_pat

From:	lqliuyuwei at outlook dot com
Subject:	[Bug binutils/29312] Stack overflow in demangle_const() and demangle_path_maybe_open_generics(), cxxfilt
Date:	Fri, 01 Jul 2022 10:19:37 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=29312

--- Comment #1 from Marsman1996 <lqliuyuwei at outlook dot com> ---
Created attachment 14191
  --> https://sourceware.org/bugzilla/attachment.cgi?id=14191&action=edit
poc for demangle_path_maybe_open_generics

Both tested in Ubuntu 16.04,
Binutils commit 2899490953879ccb22e64d6b8bc09fe9b9cdc5a7

To trigger the carsh, run command `$ ./cxxfilt < $POC`

The ASAN report is
```
AddressSanitizer:DEADLYSIGNAL
=================================================================
==23686==ERROR: AddressSanitizer: stack-overflow on address 0x7fff44f2ef40 (pc
0x00000085c097 bp 0x7fff44f2f110 sp 0x7fff44f2ef40 T0)
    #0 0x85c096 in demangle_const
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1144
    #1 0x85c722 in demangle_const
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1158:11
    #2 0x85c722 in demangle_const
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1158:11
    #3 0x85c722 in demangle_const
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1158:11
    #4 0x85c722 in demangle_const
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1158:11
    #5 0x85c722 in demangle_const
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1158:11
    #6 0x85c722 in demangle_const
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1158:11
    #7 0x85c722 in demangle_const
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1158:11
    #8 0x85c722 in demangle_const
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1158:11
    #9 0x85c722 in demangle_const
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1158:11
    #10 0x85c722 in demangle_const
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1158:11
    #11 0x85c722 in demangle_const
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1158:11
    #12 0x85c722 in demangle_const
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1158:11
   ...
```

And 

```
AddressSanitizer:DEADLYSIGNAL
=================================================================
==23696==ERROR: AddressSanitizer: stack-overflow on address 0x7ffebacebfd8 (pc
0x00000085f947 bp 0x7ffebacec030 sp 0x7ffebacebfa0 T0)
    #0 0x85f946 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1082:12
    #1 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #2 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #3 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #4 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #5 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #6 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #7 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #8 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #9 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #10 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #11 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #12 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #13 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #14 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #15 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    #16 0x85ff03 in demangle_path_maybe_open_generics
/opt/disk/marsman/binutils/2899490/build_asan/libiberty/../../code/libiberty/rust-demangle.c:1092:18
    ....
```

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug binutils/29312] New: Stack overflow in demangle_const() and demangle_path_maybe_open_generics(), cxxfilt, lqliuyuwei at outlook dot com, 2022/07/01
- [Bug binutils/29312] Stack overflow in demangle_const() and demangle_path_maybe_open_generics(), cxxfilt, lqliuyuwei at outlook dot com <=
- [Bug binutils/29312] Stack overflow in demangle_const() and demangle_path_maybe_open_generics(), cxxfilt, nickc at redhat dot com, 2022/07/01
- [Bug binutils/29312] Stack overflow in demangle_const() and demangle_path_maybe_open_generics(), cxxfilt, nickc at redhat dot com, 2022/07/01
- [Bug binutils/29312] Stack overflow in demangle_const() and demangle_path_maybe_open_generics(), cxxfilt, lqliuyuwei at outlook dot com, 2022/07/01
- [Bug binutils/29312] Stack overflow in demangle_const() and demangle_path_maybe_open_generics(), cxxfilt, nickc at redhat dot com, 2022/07/01
- [Bug binutils/29312] Stack overflow in demangle_const() and demangle_path_maybe_open_generics(), cxxfilt, lqliuyuwei at outlook dot com, 2022/07/01
- [Bug binutils/29312] Stack overflow in demangle_const() and demangle_path_maybe_open_generics(), cxxfilt, joseph at codesourcery dot com, 2022/07/01
- [Bug binutils/29312] Stack overflow in demangle_const() and demangle_path_maybe_open_generics(), cxxfilt, nickc at redhat dot com, 2022/07/01

Prev by Date: [Bug gas/29309] Assembler Segmentation Fault when -g is given
Next by Date: [Bug binutils/29312] Stack overflow in demangle_const() and demangle_path_maybe_open_generics(), cxxfilt
Previous by thread: [Bug binutils/29312] New: Stack overflow in demangle_const() and demangle_path_maybe_open_generics(), cxxfilt
Next by thread: [Bug binutils/29312] Stack overflow in demangle_const() and demangle_path_maybe_open_generics(), cxxfilt
Index(es):
- Date
- Thread