[Bug binutils/29613] New: Use-of Uninitialized Value in objcopy

Sun, 25 Sep 2022 19:54:10 -0700 

https://sourceware.org/bugzilla/show_bug.cgi?id=29613

            Bug ID: 29613
           Summary: Use-of Uninitialized Value in objcopy
           Product: binutils
           Version: 2.40 (HEAD)
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: sophrosx at gmail dot com
  Target Milestone: ---

Created attachment 14359
  --> https://sourceware.org/bugzilla/attachment.cgi?id=14359&action=edit
testcases to trigger the use-of-uninitialized-value of objcopy

Hello,

I detected use-of-uninitialized-value by using the Memory Sanitizer MSAN for
the program objcopy.

The configuration of binutils is:

$  ./configure --disable-shared && AFL_USE_MSAN=1 make -j 8

and compiled with gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0

I use the program nm-new in ~/binutils-gdb/binutils/objcopy, and the warning
information list here:

```
testcsaes/1: warning: multiple symbol tables detected - ignoring the table in
section 26
/binutils-gdb_msan/binutils/objcopy: testcases/1: warning: multiple symbol
tables detected - ignoring the table in section 26
/binutils-gdb_msan/binutils/objcopy: testcases/1: section OC*t lma 0x5b8
adjusted to 0x6d8
/binutils-gdb_msan/binutils/objcopy: testcases/1: section .init lma 0x738
adjusted to 0x7f8
/binutils-gdb_msan/binutils/objcopy: testcases/1: section .init lma 0x738
adjusted to 0x80f
/binutils-gdb_msan/binutils/objcopy: testcases/1: section OC*t lma 0x750
adjusted to 0x826
Uninitialized bytes in __interceptor_fwrite at offset 72 inside
[0x72000000c818, 88)
==81853==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x7f5689 in cache_bwrite /binutils-gdb/bfd/cache.c:390:12
    #1 0x53558b in bfd_bwrite /binutils-gdb/bfd/bfdio.c:290:12
    #2 0x604cae in _bfd_elf_write_object_contents
/binutils-gdb/bfd/elf.c:6792:11
    #3 0x54ef1c in bfd_close /binutils-gdb/bfd/opncls.c:810:13
    #4 0x4a1f5e in copy_file /binutils-gdb/binutils/objcopy.c:3905:51
    #5 0x49e07a in copy_main /binutils-gdb/binutils/objcopy.c:5948:3
    #6 0x49586d in main /binutils-gdb/binutils/objcopy.c:6051:5
    #7 0x7f45057abc86 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
    #8 0x41be99 in _start (/binutils-gdb_msan/binutils/objcopy+0x41be99)

SUMMARY: MemorySanitizer: use-of-uninitialized-value
/binutils-gdb/bfd/cache.c:390:12 in cache_bwrite
Exiting
```

The testcase that trigger such results are in the attachment.

Thanks & Best Regards

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Reply via email to