[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/25071] New: excessive memory allocation in _bfd_x86_elf_ge
|
From: |
bugzilla.sourceware at qiushi dot ac.cn |
|
Subject: |
[Bug binutils/25071] New: excessive memory allocation in _bfd_x86_elf_get_synthetic_symtab |
|
Date: |
Mon, 07 Oct 2019 16:38:15 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=25071
Bug ID: 25071
Summary: excessive memory allocation in
_bfd_x86_elf_get_synthetic_symtab
Product: binutils
Version: 2.34 (HEAD)
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: bugzilla.sourceware at qiushi dot ac.cn
Target Milestone: ---
Created attachment 12026
--> https://sourceware.org/bugzilla/attachment.cgi?id=12026&action=edit
poc file
```
Step 7/10 : RUN ./binutils-gdb/binutils/nm-new -A -a -l -S -s --special-syms
--synthetic --with-symbol-versions -D
poc2_excessive-malloc__bfd_x86_elf_get_synthetic_symtab || exit 0
---> Running in cc859742afde
./binutils-gdb/binutils/nm-new: warning:
poc2_excessive-malloc__bfd_x86_elf_get_synthetic_symtab has a corrupt section
with a size (ffffff8e38e2d42e) larger than the file size
./binutils-gdb/binutils/nm-new: warning:
poc2_excessive-malloc__bfd_x86_elf_get_synthetic_symtab has a corrupt section
with a size (fffffffffffffff9) larger than the file size
./binutils-gdb/binutils/nm-new: warning:
poc2_excessive-malloc__bfd_x86_elf_get_synthetic_symtab has a corrupt section
with a size (aa0010) larger than the file size
==6==WARNING: AddressSanitizer failed to allocate 0x5555552f684b9c10 bytes
==6==AddressSanitizer's allocator is terminating the process instead of
returning 0
==6==If you don't like this behavior set allocator_may_return_null=1
==6==AddressSanitizer CHECK failed:
../../../../src/libsanitizer/sanitizer_common/sanitizer_allocator.cc:147 "((0))
!= (0)" (0x0, 0x0)
#0 0x7ffff6f0a631 (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa0631)
#1 0x7ffff6f0f5e3 in __sanitizer::CheckFailed(char const*, int, char
const*, unsigned long long, unsigned long long)
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa55e3)
#2 0x7ffff6e87425 (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x1d425)
#3 0x7ffff6f0d865 (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa3865)
#4 0x7ffff6e8cb4d (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x22b4d)
#5 0x7ffff6f025d2 in malloc
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x985d2)
#6 0x459db7 in bfd_malloc /binutils-gdb/bfd/libbfd.c:275
#7 0x4efda3 in _bfd_x86_elf_get_synthetic_symtab
/binutils-gdb/bfd/elfxx-x86.c:2177
#8 0x4af89a in elf_x86_64_get_synthetic_symtab
/binutils-gdb/bfd/elf64-x86-64.c:4839
#9 0x40f609 in display_rel_file /binutils-gdb/binutils/nm.c:1159
#10 0x411b5d in display_file /binutils-gdb/binutils/nm.c:1377
#11 0x4077a7 in main /binutils-gdb/binutils/nm.c:1858
#12 0x7ffff66a282f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#13 0x4094b8 in _start (/binutils-gdb/binutils/nm-new+0x4094b8)
```
Reproducible docker image has been pushed to
`zjuchenyuan/dockerized_poc:binutils-pocs`
Dockerfile:
```
FROM zjuchenyuan/afl
ENV AFL_USE_ASAN=1
RUN git clone git://sourceware.org/git/binutils-gdb.git --depth 50 &&\
cd binutils-gdb &&\
git checkout 816228ed09dc867fa16dc5458277d649885d98fe &&\
./configure --disable-shared &&\
for i in bfd libiberty opcodes libctf; do cd $i; ./configure
--disable-shared && make -j; cd ..; done &&\
cd binutils &&\
./configure --disable-shared &&\
make objdump nm-new size readelf cxxfilt
RUN apt install -y gdb &&\
echo -e "set pagination off\nset confirm off" > /root/.gdbinit
ADD . /
RUN ./binutils-gdb/binutils/nm-new -A -a -l -S -s --special-syms --synthetic
--with-symbol-versions -D
poc2_excessive-malloc__bfd_x86_elf_get_synthetic_symtab || exit 0
```
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug binutils/25071] New: excessive memory allocation in _bfd_x86_elf_get_synthetic_symtab,
bugzilla.sourceware at qiushi dot ac.cn <=