[Bug binutils/29495] rewrite_elf_program_header looping
https://sourceware.org/bugzilla/show_bug.cgi?id=29495 Alan Modra changed: What|Removed |Added Summary|Bug report |rewrite_elf_program_header ||looping Assignee|unassigned at sourceware dot org |amodra at gmail dot com Last reconfirmed||2022-08-16 Status|UNCONFIRMED |ASSIGNED Ever confirmed|0 |1 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/29495] rewrite_elf_program_header looping
https://sourceware.org/bugzilla/show_bug.cgi?id=29495 --- Comment #1 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Alan Modra : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45d92439aebd0386ef8af76e1796d08cfe457e1d commit 45d92439aebd0386ef8af76e1796d08cfe457e1d Author: Alan Modra Date: Tue Aug 16 17:02:24 2022 +0930 PR29495, rewrite_elf_program_header looping This patch, in order of significance: 1) Replaces some macros with inline functions. 2) Those inline functions catch and avoid arithmetic overflows when comparing addresses. 3) When assigning sections to segments (IS_SECTION_IN_INPUT_SEGMENT) use bed->want_p_paddr_set_to_zero to decide whether lma vs p_paddr or vma vs p_vaddr should be tested. When remapping, use the same test, and use is_note rather than the more restrictive IS_COREFILE_NOTE. It's important that the later tests not be more restrictive. If they are it can lead to the situation triggered by the testcases, where a section seemingly didn't fit and thus needed a new mapping. It didn't fit the new mapping either, and this repeated until memory exhausted. PR 29495 * elf.c (SEGMENT_END, SECTION_SIZE, IS_CONTAINED_BY_VMA): Delete. (IS_CONTAINED_BY_LMA, IS_NOTE, IS_COREFILE_NOTE): Delete. (segment_size, segment_end, section_size): New inline function. (is_contained_by, is_note): Likewise. (rewrite_elf_program_header): Use new functions. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/29495] rewrite_elf_program_header looping
https://sourceware.org/bugzilla/show_bug.cgi?id=29495 Alan Modra changed: What|Removed |Added Resolution|--- |FIXED Status|ASSIGNED|RESOLVED Target Milestone|--- |2.40 --- Comment #2 from Alan Modra --- Fixed for 2.40 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/29433] Detected memory leaks in readelf
https://sourceware.org/bugzilla/show_bug.cgi?id=29433 Alan Modra changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|--- |OBSOLETE --- Comment #1 from Alan Modra --- A memory leak in anything but the latest mainline sources will be ignored, unless the leak makes the tools unusable. Unlike a server, daemon or kernel, the binutils generally do not stay resident long and all memory is freed on process exit. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gprof/29100] Buffer overflow when read function mapping file
https://sourceware.org/bugzilla/show_bug.cgi?id=29100 Alan Modra changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|--- |INVALID --- Comment #1 from Alan Modra --- The calculation would need to overflow a size_t, not an int. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gprof/29100] Buffer overflow when read function mapping file
https://sourceware.org/bugzilla/show_bug.cgi?id=29100 --- Comment #2 from yguoaz at gmail dot com --- (In reply to Alan Modra from comment #1) > The calculation would need to overflow a size_t, not an int. Hi, sizeof(size_t) == sizeof(int) may hold in certain platforms (e.g., a 32 bit machine). In that case, the overflow will happen and the size will wrap to a small value. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gprof/29100] Buffer overflow when read function mapping file
https://sourceware.org/bugzilla/show_bug.cgi?id=29100 yguoaz at gmail dot com changed: What|Removed |Added Resolution|INVALID |--- Status|RESOLVED|UNCONFIRMED --- Comment #3 from yguoaz at gmail dot com --- (In reply to yguoaz from comment #2) > (In reply to Alan Modra from comment #1) > > The calculation would need to overflow a size_t, not an int. > > Hi, sizeof(size_t) == sizeof(int) may hold in certain platforms (e.g., a 32 > bit machine). In that case, the overflow will happen and the size will wrap > to a small value. Changing the status to unconfirmed. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/29489] dlltool is not deterministic
https://sourceware.org/bugzilla/show_bug.cgi?id=29489 Nick Clifton changed: What|Removed |Added CC||nickc at redhat dot com --- Comment #1 from Nick Clifton --- Hi Mike, Please could you elaborate on this ? What specifically do you think should be happening ? Cheers Nick -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gprofng/29470] [test suite] The test suite should be made more flexible
https://sourceware.org/bugzilla/show_bug.cgi?id=29470 Kurt Goebel changed: What|Removed |Added CC||kurt.goebel at oracle dot com Status|NEW |ASSIGNED -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/29483] abort at i386-dis.c:9289
https://sourceware.org/bugzilla/show_bug.cgi?id=29483 --- Comment #1 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by H.J. Lu : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=9096fc28c62741bfb7962eb5dfdee28a7b1d1345 commit 9096fc28c62741bfb7962eb5dfdee28a7b1d1345 Author: H.J. Lu Date: Tue Aug 16 08:25:49 2022 -0700 i386: Add MAX_OPERAND_BUFFER_SIZE When displaying operands, invalid opcodes may overflow operand buffer due to additional styling characters. Each style is encoded with 3 bytes. Define MAX_OPERAND_BUFFER_SIZE for operand buffer size and increase it from 100 bytes to 128 bytes to accommodate 9 sets of styles in an operand. gas/ PR binutils/29483 * testsuite/gas/i386/i386.exp: Run pr29483. * testsuite/gas/i386/pr29483.d: New file. * testsuite/gas/i386/pr29483.s: Likewise. opcodes/ PR binutils/29483 * i386-dis.c (MAX_OPERAND_BUFFER_SIZE): New. (obuf): Replace 100 with MAX_OPERAND_BUFFER_SIZE. (staging_area): Likewise. (op_out): Likewise. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/29483] abort at i386-dis.c:9289
https://sourceware.org/bugzilla/show_bug.cgi?id=29483 H.J. Lu changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED Target Milestone|--- |2.40 --- Comment #2 from H.J. Lu --- Fixed for 2.40. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gprofng/29476] gprofng.texi makeinfo build failure on centos 7
https://sourceware.org/bugzilla/show_bug.cgi?id=29476 Kurt Goebel changed: What|Removed |Added Status|UNCONFIRMED |ASSIGNED Ever confirmed|0 |1 Last reconfirmed||2022-08-16 -- You are receiving this mail because: You are on the CC list for the bug.
Issue 47626 in oss-fuzz: binutils:fuzz_dlltool: Global-buffer-overflow in xstrdup
Updates: Labels: Deadline-Approaching Comment #3 on issue 47626 by sheriffbot: binutils:fuzz_dlltool: Global-buffer-overflow in xstrdup https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47626#c3 This bug is approaching its deadline for being fixed, and will be automatically derestricted within 7 days. If a fix is planned within 2 weeks after the deadline has passed, a grace extension can be granted. - Your friendly Sheriffbot -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment.
[Bug binutils/29489] dlltool is not deterministic
https://sourceware.org/bugzilla/show_bug.cgi?id=29489 --- Comment #2 from Mike Hommey --- The bfd objects used for dlltool should have the BFD_DETERMINISTIC_OUTPUT flag set. -- You are receiving this mail because: You are on the CC list for the bug.
