https://sourceware.org/bugzilla/show_bug.cgi?id=28269
Bug ID: 28269
Summary: [nm] stack-overflow in nm-new 'demangle_path'
Product: binutils
Version: 2.30
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: libctf
Assignee: unassigned at sourceware dot org
Reporter: tricker51449 at gmail dot com
Target Milestone: ---
Created attachment 13624
--> https://sourceware.org/bugzilla/attachment.cgi?id=13624&action=edit
test cases triggering the exception
Hello,
I detected the following crash exception through fuzz testing, which I think
might be a vulnerability.
The configuration of bin-utils is:
$ CFLAGS="-fsanitize=address" CXXFLAGS="-fsanitize=address" ./configure
--disable-shared && make -j
And nm-new is compiled with clang-8.0.
The test cases that trigger the crash are in the attachment.
Here is the stack trace by address sanitizer:
AddressSanitizer:DEADLYSIGNAL
=================================================================
==96419==ERROR: AddressSanitizer: stack-overflow on address 0x7ffc1d373e20 (pc
0x000000904f08 bp 0x7ffc1d374150 sp 0x7ffc1d373e20 T0)
#0 0x904f07 in demangle_path (/binutils-2.36-asan/bin/nm+0x904f07)
#1 0x905a42 in demangle_path (/binutils-2.36-asan/bin/nm+0x905a42)
#2 0x905c7f in demangle_path (/binutils-2.36-asan/bin/nm+0x905c7f)
#3 0x905a42 in demangle_path (/binutils-2.36-asan/bin/nm+0x905a42)
#4 0x905a42 in demangle_path (/binutils-2.36-asan/bin/nm+0x905a42)
#5 0x905c7f in demangle_path (/binutils-2.36-asan/bin/nm+0x905c7f)
#6 0x905a42 in demangle_path (/binutils-2.36-asan/bin/nm+0x905a42)
#7 0x905a42 in demangle_path (/binutils-2.36-asan/bin/nm+0x905a42)
#8 0x905c7f in demangle_path (/binutils-2.36-asan/bin/nm+0x905c7f)
#9 0x905a42 in demangle_path (/binutils-2.36-asan/bin/nm+0x905a42)
...
SUMMARY: AddressSanitizer: stack-overflow
(/binutils-2.36-asan/bin/nm+0x904f07) in demangle_path
Thanks & Best Regards
--
You are receiving this mail because:
You are on the CC list for the bug.
