[Bug c++/87333] A stack overflow problem for c++filt

Tue, 18 Sep 2018 03:09:46 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87333

--- Comment #3 from Cheng Wen <wcventure at 126 dot com> ---
Created attachment 44716
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=44716&action=edit
POC1

I have the new POC to add.
Please use the “c++filt < $POC ” to reproduce the bug.
Please check it and debug it. Thank you.


POC1:
https://github.com/ntu-sec/pocs/blob/master/binutils-aff4a119/crashes/so_cplus-dem.c:4960_1

The ASAN dumps the stack trace as follows on POC1:
https://github.com/ntu-sec/pocs/blob/master/binutils-aff4a119/crashes/so_cplus-dem.c:4960_1.err.txt

AddressSanitizer:DEADLYSIGNAL
=================================================================
==24028==ERROR: AddressSanitizer: stack-overflow on address 0x7ffd854a7e18 (pc
0x000000497287 bp 0x7ffd854a8690 sp 0x7ffd854a7e20 T0)
    #0 0x497286 in __interceptor_strlen.part.30
(/home/hongxu/FOT/binutils/BUILD/install/bin/c++filt+0x497286)
    #1 0x8bdc7e in string_append
/home/hongxu/FOT/binutils/BUILD/libiberty/../../libiberty/cplus-dem.c:4960:7
    #2 0x8cb7f5 in demangle_args
/home/hongxu/FOT/binutils/BUILD/libiberty/../../libiberty/cplus-dem.c:4578:7
    #3 0x8cdff7 in demangle_nested_args
/home/hongxu/FOT/binutils/BUILD/libiberty/../../libiberty/cplus-dem.c:4713:12
    #4 0x8ad46a in do_type
/home/hongxu/FOT/binutils/BUILD/libiberty/../../libiberty/cplus-dem.c:3719:9
    #5 0x8cd8c6 in do_arg
/home/hongxu/FOT/binutils/BUILD/libiberty/../../libiberty/cplus-dem.c:4332:8
    ...
    ...
    ...
    #244 0x8ad46a in do_type
/home/hongxu/FOT/binutils/BUILD/libiberty/../../libiberty/cplus-dem.c:3719:9
    #245 0x8cd8c6 in do_arg
/home/hongxu/FOT/binutils/BUILD/libiberty/../../libiberty/cplus-dem.c:4332:8
    #246 0x8cc7b4 in demangle_args
/home/hongxu/FOT/binutils/BUILD/libiberty/../../libiberty/cplus-dem.c:4659:9
    #247 0x8cdff7 in demangle_nested_args
/home/hongxu/FOT/binutils/BUILD/libiberty/../../libiberty/cplus-dem.c:4713:12
    #248 0x8ad46a in do_type
/home/hongxu/FOT/binutils/BUILD/libiberty/../../libiberty/cplus-dem.c:3719:9
    #249 0x8cd8c6 in do_arg
/home/hongxu/FOT/binutils/BUILD/libiberty/../../libiberty/cplus-dem.c:4332:8

SUMMARY: AddressSanitizer: stack-overflow
(/home/hongxu/FOT/binutils/BUILD/install/bin/c++filt+0x497286) in
__interceptor_strlen.part.30
==24028==ABORTING

Reply via email to