https://sourceware.org/bugzilla/show_bug.cgi?id=17533
Bug ID: 17533
Summary: objdump/ar/... crash on malformed ar file
Product: binutils
Version: 2.26 (HEAD)
Status: NEW
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: cherepan at mccme dot ru
$ printf '!<arch>\n//%48d%8s`\n' -2 '' > test.a
$ objdump -x test.a
Segmentation fault
At least 2.22, 2.24 and head are affected. ar, size, strip etc. are also
affected.
valgrind on head shows:
==14181== Invalid write of size 8
==14181== at 0x4C2E467: memset (vg_replace_strmem.c:1094)
==14181== by 0x448AD2: bfd_zalloc (opncls.c:1011)
==14181== by 0x43F08A: _bfd_slurp_extended_name_table (archive.c:1298)
==14181== by 0x43E89B: bfd_generic_archive_p (archive.c:831)
==14181== by 0x4466A6: bfd_check_format_matches (format.c:305)
==14181== by 0x407DCD: display_any_bfd (objdump.c:3356)
==14181== by 0x409F52: display_file (objdump.c:3410)
==14181== by 0x4048F9: main (objdump.c:3692)
==14181== Address 0x55fb9a0 is 0 bytes after a block of size 4,064 alloc'd
==14181== at 0x4C27C20: malloc (vg_replace_malloc.c:296)
==14181== by 0x4D51DC: objalloc_create (objalloc.c:95)
==14181== by 0x448177: _bfd_new_bfd (opncls.c:73)
==14181== by 0x448307: bfd_fopen (opncls.c:197)
==14181== by 0x409F40: display_file (objdump.c:3403)
==14181== by 0x4048F9: main (objdump.c:3692)
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/bug-binutils
