https://sourceware.org/bugzilla/show_bug.cgi?id=25361
Bug ID: 25361
Summary: Memory leak in readelf, request_dump_bynumber
Product: binutils
Version: 2.32
Status: UNCONFIRMED
Severity: critical
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: featherrain26 at gmail dot com
Target Milestone: ---
Created attachment 12182
--> https://sourceware.org/bugzilla/attachment.cgi?id=12182&action=edit
POC file
Hi, there.
There is a memory leak in file binutils/readelf.c, get_data function.
Here is the reproducing environment and procedure:
Distributor ID: Ubuntu
Description: Ubuntu 16.04.6 LTS
Release: 16.04
Codename: xenial
gcc: 5.4.0
compilation:
CFLAGS="-fsanitize=address,undefined" ./configure
./readelf -agteSdcWw --dyn-syms -D poc
Here is the error message:
=================================================================
==16847==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 180 byte(s) in 5 object(s) allocated from:
#0 0x7ffff6f02602 in malloc
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x4d0694 in xmalloc
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4d0694)
#2 0x4c19ef in xcmalloc
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4c19ef)
#3 0x4af8ca in display_debug_frames
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4af8ca)
#4 0x46172f in display_debug_section
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x46172f)
#5 0x461f4b in process_section_contents
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x461f4b)
#6 0x47c8e2 in process_object
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47c8e2)
#7 0x47e950 in process_file
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47e950)
#8 0x47ecd1 in main
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47ecd1)
#9 0x7ffff5db382f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
Direct leak of 90 byte(s) in 5 object(s) allocated from:
#0 0x7ffff6f02602 in malloc
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x4d0694 in xmalloc
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4d0694)
#2 0x4c19ef in xcmalloc
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4c19ef)
#3 0x4af7f3 in display_debug_frames
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4af7f3)
#4 0x46172f in display_debug_section
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x46172f)
#5 0x461f4b in process_section_contents
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x461f4b)
#6 0x47c8e2 in process_object
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47c8e2)
#7 0x47e950 in process_file
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47e950)
#8 0x47ecd1 in main
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47ecd1)
#9 0x7ffff5db382f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
Direct leak of 19 byte(s) in 1 object(s) allocated from:
#0 0x7ffff6f0279a in __interceptor_calloc
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x9879a)
#1 0x41b632 in request_dump_bynumber
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x41b632)
#2 0x42b94f in process_section_headers
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x42b94f)
#3 0x47c6fd in process_object
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47c6fd)
#4 0x47e950 in process_file
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47e950)
#5 0x47ecd1 in main
(/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47ecd1)
#6 0x7ffff5db382f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
SUMMARY: AddressSanitizer: 289 byte(s) leaked in 11 allocation(s).
Regards,
--
You are receiving this mail because:
You are on the CC list for the bug.
