[Bug binutils/24167] New: segment fault in objdump in binutils-2.26

Mon, 04 Feb 2019 19:22:40 -0800 

https://sourceware.org/bugzilla/show_bug.cgi?id=24167

            Bug ID: 24167
           Summary: segment fault in objdump in binutils-2.26
           Product: binutils
           Version: 2.26
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: zhangyn2012 at bupt dot edu.cn
  Target Milestone: ---

Created attachment 11583
  --> https://sourceware.org/bugzilla/attachment.cgi?id=11583&action=edit
input file triggering the bug

Hi, there.
I triggered a segment fault when testing objdump in binutils-2.26.

poc:     文件格式 a.out-i386-linux
poc
体系结构:i386, 标志 0x000001bf:
HAS_RELOC, EXEC_P, HAS_LINENO, HAS_DEBUG, HAS_SYMS, HAS_LOCALS, WP_TEXT,
D_PAGED
起始地址 0x0000ff00

节:
Idx Name          Size      VMA       LMA       File off  Algn
  0 .text         ffffffffffffffe0  00000020  00000020  00000020  2**3
                  CONTENTS, ALLOC, LOAD, RELOC, CODE
  1 .data         00000010  00000000  00000000  00000000  2**3
                  CONTENTS, ALLOC, LOAD, RELOC, DATA
  2 .bss          00000000  00000010  00000010  00000000  2**3
                  ALLOC
SYMBOL TABLE:
段错误



The command I test was `objdump -x -C poc`. 
The compilation flags used were "-g -O2".

I got the following stack dumps using valgrind:

$ valgrind --tool=memcheck ./objdump -x -C poc

Stack dumps:

==25269== Invalid read of size 1
==25269==    at 0x4DFACA: d_abi_tags (cp-demangle.c:1311)
==25269==    by 0x4E781F: d_prefix (cp-demangle.c:1499)
==25269==    by 0x4E781F: d_nested_name (cp-demangle.c:1436)
==25269==    by 0x4E781F: d_name (cp-demangle.c:1346)
==25269==    by 0x4E7A77: d_encoding (cp-demangle.c:1257)
==25269==    by 0x4E808C: cplus_demangle_mangled_name (cp-demangle.c:1172)
==25269==    by 0x4E87F8: d_demangle_callback (cp-demangle.c:5894)
==25269==    by 0x4E8966: d_demangle (cp-demangle.c:5945)
==25269==    by 0x4E8B5B: cplus_demangle_v3 (cp-demangle.c:6102)
==25269==    by 0x4D9E4B: cplus_demangle (cplus-dem.c:864)
==25269==    by 0x44768A: bfd_demangle (bfd.c:1917)
==25269==    by 0x407A6F: dump_symbols.isra.2 (objdump.c:2988)
==25269==    by 0x407F7E: dump_bfd (objdump.c:3349)
==25269==    by 0x4087B7: display_object_bfd (objdump.c:3420)
==25269==    by 0x4087B7: display_any_bfd (objdump.c:3509)
==25269==  Address 0xffffffffe596f948 is not stack'd, malloc'd or (recently)
free'd

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

Reply via email to