[Bug binutils/25078] New: stack overflow in function find_abstract_instance

Tue, 08 Oct 2019 00:00:08 -0700 

https://sourceware.org/bugzilla/show_bug.cgi?id=25078

            Bug ID: 25078
           Summary: stack overflow in function find_abstract_instance
           Product: binutils
           Version: 2.34 (HEAD)
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: bugzilla.sourceware at qiushi dot ac.cn
  Target Milestone: ---

Created attachment 12031
  --> https://sourceware.org/bugzilla/attachment.cgi?id=12031&action=edit
poc6

```
# ./binutils-gdb/binutils/nm-new -A -a -l -S -s --special-syms --synthetic
--with-symbol-versions -D poc6_stack-overflow_find_abstract_instance
ASAN:SIGSEGV
=================================================================
==7==ERROR: AddressSanitizer: stack-overflow on address 0x7fffff7fef28 (pc
0x000000692d37 bp 0x62200001c980 sp 0x7fffff7feee0 T0)
    #0 0x692d36 in find_abstract_instance dwarf2.c:2815
    #1 0x693e6a in find_abstract_instance dwarf2.c:2987
    #2 0x693e6a in find_abstract_instance dwarf2.c:2987
    #3 0x693e6a in find_abstract_instance dwarf2.c:2987
    #4 0x693e6a in find_abstract_instance dwarf2.c:2987
    #5 0x693e6a in find_abstract_instance dwarf2.c:2987
    #6 0x693e6a in find_abstract_instance dwarf2.c:2987
    #7 0x693e6a in find_abstract_instance dwarf2.c:2987
    #8 0x693e6a in find_abstract_instance dwarf2.c:2987
    #9 0x693e6a in find_abstract_instance dwarf2.c:2987
    #10 0x693e6a in find_abstract_instance dwarf2.c:2987
...
    #251 0x693e6a in find_abstract_instance dwarf2.c:2987

SUMMARY: AddressSanitizer: stack-overflow dwarf2.c:2815 find_abstract_instance
==7==ABORTING
```

Reproducible Docker image has been pushd to
`zjuchenyuan/dockerized_poc:binutils-pocs`, Dockerfile:

```
FROM zjuchenyuan/afl
ENV AFL_USE_ASAN=1
RUN git clone git://sourceware.org/git/binutils-gdb.git --depth 50 &&\
    cd binutils-gdb &&\
    git checkout 816228ed09dc867fa16dc5458277d649885d98fe &&\
    ./configure --disable-shared &&\
    for i in bfd libiberty opcodes libctf; do cd $i; ./configure
--disable-shared && make -j; cd ..; done  &&\
    cd binutils  &&\
    ./configure --disable-shared &&\
    make objdump nm-new size readelf cxxfilt

RUN apt install -y gdb &&\
    echo -e "set pagination off\nset confirm off" > /root/.gdbinit

ADD . /
RUN ./binutils-gdb/binutils/nm-new -A -a -l -S -s --special-syms --synthetic
--with-symbol-versions -D poc6_stack-overflow_find_abstract_instance || exit 0
```

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

Reply via email to