[Bug binutils/29677] New: Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab`
https://sourceware.org/bugzilla/show_bug.cgi?id=29677 Bug ID: 29677 Summary: Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: critical Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14396 --> https://sourceware.org/bugzilla/attachment.cgi?id=14396&action=edit bug analysis and poc # Reproduce cd binutils-gdb git reset --hard 1d4e62f498b1340569fd58c401f98c287cb5d071 mkdir build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/objdump -d the_bfd_uninit.bin # Output ../../fuzz/poc/the_bfd_uninit.bin: file format mach-o-x86-64 ./objdump: bfd_mach_o_read_symtab_symbol: symbol "" specified invalid type field 0x6: setting to undefined ./objdump: bfd_mach_o_read_symtab_symbol: symbol "" specified invalid type field 0x4: setting to undefined AddressSanitizer:DEADLYSIGNAL = ==474946==ERROR: AddressSanitizer: SEGV on unknown address (pc 0x55795709e9ec bp 0x7ffd19b7eaf0 sp 0x7ffd19b7eae0 T0) ==474946==The signal is caused by a READ memory access. ==474946==Hint: this fault was caused by a dereference of a high value address (see register values below). Dissassemble the provided pc to learn which register was used. #0 0x55795709e9ec in bfd_get_flavour ../bfd/bfd.h:7803 #1 0x5579570a2b2b in compare_symbols ../../binutils/objdump.c:1204 #2 0x7f3971b6940e in msort_with_tmp stdlib/msort.c:82 #3 0x7f3971b693c1 in msort_with_tmp stdlib/msort.c:44 #4 0x7f3971b693c1 in msort_with_tmp stdlib/msort.c:53 #5 0x7f3971b693a4 in msort_with_tmp stdlib/msort.c:44 #6 0x7f3971b693a4 in msort_with_tmp stdlib/msort.c:52 #7 0x7f3971b693a4 in msort_with_tmp stdlib/msort.c:44 #8 0x7f3971b693a4 in msort_with_tmp stdlib/msort.c:52 #9 0x7f3971b693c1 in msort_with_tmp stdlib/msort.c:44 #10 0x7f3971b693c1 in msort_with_tmp stdlib/msort.c:53 #11 0x7f3971b69a55 in msort_with_tmp stdlib/msort.c:44 #12 0x7f3971b69a55 in __GI___qsort_r stdlib/msort.c:296 #13 0x7f3971da0934 in __interceptor_qsort ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:9917 #14 0x5579570ae4fb in disassemble_section ../../binutils/objdump.c:3780 #15 0x5579575a429f in bfd_map_over_sections ../../bfd/section.c:1373 #16 0x5579570b0855 in disassemble_data ../../binutils/objdump.c:4152 #17 0x5579570b80a3 in dump_bfd ../../binutils/objdump.c:5564 #18 0x5579570b837d in display_object_bfd ../../binutils/objdump.c:5627 #19 0x5579570b86b7 in display_any_bfd ../../binutils/objdump.c:5713 #20 0x5579570b8730 in display_file ../../binutils/objdump.c:5734 #21 0x5579570b9fd1 in main ../../binutils/objdump.c:6130 #22 0x7f3971b4ed8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 #23 0x7f3971b4ee3f in __libc_start_main_impl ../csu/libc-start.c:392 #24 0x55795709e584 in _start (/home/holing/pro/github/binutils-gdb/build/binutils/objdump+0xdf0584) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV ../bfd/bfd.h:7803 in bfd_get_flavour ==474946==ABORTING Aborted -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/29677] Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab`
https://sourceware.org/bugzilla/show_bug.cgi?id=29677 2019 changed: What|Removed |Added Build||1d4e62f498b1340569fd58c401f ||98c287cb5d071 Target||objdump -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/29682] Out-of-bound read in function `mips16_gprel_reloc`
https://sourceware.org/bugzilla/show_bug.cgi?id=29682 2019 changed: What|Removed |Added Target||addr2line Severity|normal |critical Build||1d4e62f498b1340569fd58c401f ||98c287cb5d071 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/29682] New: Out-of-bound read in function `mips16_gprel_reloc`
https://sourceware.org/bugzilla/show_bug.cgi?id=29682 Bug ID: 29682 Summary: Out-of-bound read in function `mips16_gprel_reloc` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14398 --> https://sourceware.org/bugzilla/attachment.cgi?id=14398&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard 1d4e62f498b1340569fd58c401f98c287cb5d071 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e mips16_gprel_reloc_oob.bin 0 ``` # Output ``` ./addr2line: ../../fuzz/poc/mips16_gprel_reloc_oob.bin: invalid string offset 4294934328 >= 1447 for section `.strtab' ./addr2line: ../../fuzz/poc/mips16_gprel_reloc_oob.bin: invalid string offset 5153 >= 1447 for section `.strtab' ./addr2line: ../../fuzz/poc/mips16_gprel_reloc_oob.bin(.debug_info): relocation 27 has invalid symbol index 1701143909 ./addr2line: BFD (GNU Binutils) 2.39.50.20221013 assertion fail ../../bfd/elf64-mips.c:4129 ./addr2line: ../../fuzz/poc/mips16_gprel_reloc_oob.bin(.debug_info): relocation 28 has invalid symbol index 1701143909 ./addr2line: BFD (GNU Binutils) 2.39.50.20221013 assertion fail ../../bfd/elf64-mips.c:4129 ./addr2line: ../../fuzz/poc/mips16_gprel_reloc_oob.bin(.debug_info): relocation 29 has invalid symbol index 1701143909 ./addr2line: BFD (GNU Binutils) 2.39.50.20221013 assertion fail ../../bfd/elf64-mips.c:4129 ./addr2line: ../../fuzz/poc/mips16_gprel_reloc_oob.bin(.debug_info): relocation 30 has invalid symbol index 1701143909 ./addr2line: BFD (GNU Binutils) 2.39.50.20221013 assertion fail ../../bfd/elf64-mips.c:4129 ./addr2line: ../../fuzz/poc/mips16_gprel_reloc_oob.bin(.debug_info): relocation 31 has invalid symbol index 1701143909 ./addr2line: BFD (GNU Binutils) 2.39.50.20221013 assertion fail ../../bfd/elf64-mips.c:4129 AddressSanitizer:DEADLYSIGNAL = ==498292==ERROR: AddressSanitizer: SEGV on unknown address (pc 0x5625a008350f bp 0x7ffcbfba44b0 sp 0x7ffcbfba4490 T0) ==498292==The signal is caused by a READ memory access. ==498292==Hint: this fault was caused by a dereference of a high value address (see register values below). Dissassemble the provided pc to learn which register was used. #0 0x5625a008350f in bfd_getl16 ../../bfd/libbfd.c:633 #1 0x5625a0464481 in _bfd_mips_elf_reloc_unshuffle ../../bfd/elfxx-mips.c:2359 #2 0x5625a04578d6 in mips16_gprel_reloc ../../bfd/elf64-mips.c:3665 #3 0x5625a0d7366c in bfd_perform_relocation ../../bfd/reloc.c:689 #4 0x5625a04b1b89 in _bfd_elf_mips_get_relocated_section_contents ../../bfd/elfxx-mips.c:13390 #5 0x5625a007664d in bfd_get_relocated_section_contents ../../bfd/bfd.c:2178 #6 0x5625a0d775c0 in bfd_simple_get_relocated_section_contents ../../bfd/simple.c:285 #7 0x5625a01c4eb1 in read_section ../../bfd/dwarf2.c:737 #8 0x5625a01dc1a0 in _bfd_dwarf2_slurp_debug_info ../../bfd/dwarf2.c:5487 #9 0x5625a01dd750 in _bfd_dwarf2_find_nearest_line_with_alt ../../bfd/dwarf2.c:5783 #10 0x5625a01dd47b in _bfd_dwarf2_find_nearest_line ../../bfd/dwarf2.c:5723 #11 0x5625a04b058e in _bfd_mips_elf_find_nearest_line ../../bfd/elfxx-mips.c:13070 #12 0x5625a006ab1e in find_address_in_section ../../binutils/addr2line.c:197 #13 0x5625a008c8b1 in bfd_map_over_sections ../../bfd/section.c:1373 #14 0x5625a006b8eb in translate_addresses ../../binutils/addr2line.c:337 #15 0x5625a006bfbc in process_file ../../binutils/addr2line.c:470 #16 0x5625a006c5b1 in main ../../binutils/addr2line.c:579 #17 0x7fc5aab14d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 #18 0x7fc5aab14e3f in __libc_start_main_impl ../csu/libc-start.c:392 #19 0x5625a006a244 in _start (/home/holing/pro/github/binutils-gdb/build/binutils/addr2line+0x33f244) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV ../../bfd/libbfd.c:633 in bfd_getl16 ==498292==ABORTING Aborted ``` # Analysis In function `mips_elf64_slurp_one_reloc_table`, `rela.r_offset` is filled with content in the file[1][2], which can be controlled by attacker. Then `rela.r_offset` is assigned to `relent->address`[3]. This value is then used to calculate value of pointer `location`[4], and when this pointer is accessed later[5], the crash occurs. [1] https://github.com/bminor/binutils-gdb/blob/1d4e62f498b1340569fd58c401f98c287c
[Bug binutils/29846] New: NULL pointer segmentation fault when accessing field `the_bfd` in function `compare_symbols`
https://sourceware.org/bugzilla/show_bug.cgi?id=29846 Bug ID: 29846 Summary: NULL pointer segmentation fault when accessing field `the_bfd` in function `compare_symbols` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: minor Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14478 --> https://sourceware.org/bugzilla/attachment.cgi?id=14478&action=edit PoC # Reproduce cd binutils-gdb git reset --hard aaa8dbc1b31233f66131476e03ab8635805e515d mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/objdump -d the_bfd_null.elf # Output ../the_bfd_null.elf: file format elf32-sparc binutils/objdump: ../the_bfd_null.elf: invalid string offset 626704 >= 3037 for section `.dynstr' binutils/objdump: ../the_bfd_null.elf: invalid string offset 557220 >= 3037 for section `.dynstr' binutils/objdump: ../the_bfd_null.elf: invalid string offset 896064 >= 3037 for section `.dynstr' binutils/objdump: ../the_bfd_null.elf: invalid string offset 1232935 >= 3037 for section `.dynstr' binutils/objdump: ../the_bfd_null.elf: invalid string offset 536969381 >= 3037 for section `.dynstr' binutils/objdump: ../the_bfd_null.elf: invalid string offset 536990215 >= 3037 for section `.dynstr' binutils/objdump: ../the_bfd_null.elf: invalid string offset 536903819 >= 3037 for section `.dynstr' binutils/objdump: ../the_bfd_null.elf: invalid string offset 2684360832 >= 3037 for section `.dynstr' binutils/objdump: ../the_bfd_null.elf: invalid string offset 447495 >= 3037 for section `.dynstr' binutils/objdump: ../the_bfd_null.elf: invalid string offset 536990727 >= 3037 for section `.dynstr' binutils/objdump: ../the_bfd_null.elf: invalid string offset 2686440967 >= 3037 for section `.dynstr' binutils/objdump: ../the_bfd_null.elf: invalid string offset 1073709872 >= 3037 for section `.dynstr' binutils/objdump: ../the_bfd_null.elf: invalid string offset 2684396036 >= 3037 for section `.dynstr' binutils/objdump: ../the_bfd_null.elf: invalid string offset 536903844 >= 3037 for section `.dynstr' binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 50 has invalid symbol index 2304 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 51 has invalid symbol index 1041 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 52 has invalid symbol index 7044096 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 53 has invalid symbol index 495360 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 55 has invalid symbol index 1041 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 56 has invalid symbol index 16342016 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 57 has invalid symbol index 507904 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 59 has invalid symbol index 1041 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 60 has invalid symbol index 16596992 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 61 has invalid symbol index 518656 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 62 has invalid symbol index 2304 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 64 has invalid symbol index 6054912 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 65 has invalid symbol index 526336 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 66 has invalid symbol index 2304 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 68 has invalid symbol index 16527360 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 69 has invalid symbol index 534784 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 70 has invalid symbol index 2304 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 71 has invalid symbol index 32786 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 72 has invalid symbol index 3463168 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 73 has invalid symbol index 545536 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 74 has invalid symbol index 2304 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 75 has invalid symbol index 20498 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 76 has invalid symbol index 1664 binutils/objdump: ../the_bfd_null.elf(.rela.plt): relocation 77 has invalid symbol index 557312 binutils/objdump
[Bug binutils/29846] NULL pointer segmentation fault when accessing field `the_bfd` in function `compare_symbols`
https://sourceware.org/bugzilla/show_bug.cgi?id=29846 2019 changed: What|Removed |Added Target||objdump Build||aaa8dbc1b31233f66131476e03a ||b8635805e515d -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/29848] New: Out-of-bound read in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29848 Bug ID: 29848 Summary: Out-of-bound read in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14479 --> https://sourceware.org/bugzilla/attachment.cgi?id=14479&action=edit PoC # Reproduce cd binutils-gdb git reset --hard aaa8dbc1b31233f66131476e03ab8635805e515d mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true echo "" | binutils/addr2line -e ../parse_module_oob.bin # Output = ==72973==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000d3 at pc 0x5650a12e7550 bp 0x7ffcaa77e260 sp 0x7ffcaa77e250 READ of size 1 at 0x602000d3 thread T0 #0 0x5650a12e754f in bfd_getl16 ../../bfd/libbfd.c:633 #1 0x5650a18a6f11 in parse_module ../../bfd/vms-alpha.c:4373 #2 0x5650a18a8fb7 in module_find_nearest_line ../../bfd/vms-alpha.c:4902 #3 0x5650a18a991b in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #4 0x5650a12ceb1e in find_address_in_section ../../binutils/addr2line.c:197 #5 0x5650a12f09fc in bfd_map_over_sections ../../bfd/section.c:1374 #6 0x5650a12cf8eb in translate_addresses ../../binutils/addr2line.c:337 #7 0x5650a12cffbc in process_file ../../binutils/addr2line.c:470 #8 0x5650a12d05b1 in main ../../binutils/addr2line.c:579 #9 0x7f9adfaf7d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 #10 0x7f9adfaf7e3f in __libc_start_main_impl ../csu/libc-start.c:392 #11 0x5650a12ce244 in _start (/binutils-gdb/build/binutils/addr2line+0x343244) 0x602000d3 is located 1 bytes to the right of 2-byte region [0x602000d0,0x602000d2) allocated by thread T0 here: #0 0x7f9adfdaa867 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145 #1 0x5650a12e71d7 in bfd_malloc ../../bfd/libbfd.c:289 #2 0x5650a1892148 in _bfd_malloc_and_read ../../bfd/libbfd.h:970 #3 0x5650a18a8f81 in module_find_nearest_line ../../bfd/vms-alpha.c:4896 #4 0x5650a18a991b in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #5 0x5650a12ceb1e in find_address_in_section ../../binutils/addr2line.c:197 #6 0x5650a12f09fc in bfd_map_over_sections ../../bfd/section.c:1374 #7 0x5650a12cf8eb in translate_addresses ../../binutils/addr2line.c:337 #8 0x5650a12cffbc in process_file ../../binutils/addr2line.c:470 #9 0x5650a12d05b1 in main ../../binutils/addr2line.c:579 #10 0x7f9adfaf7d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 SUMMARY: AddressSanitizer: heap-buffer-overflow ../../bfd/libbfd.c:633 in bfd_getl16 Shadow bytes around the buggy address: 0x0c047fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c047fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c047fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c047fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c047fff8000: fa fa fd fa fa fa 00 04 fa fa 00 04 fa fa 00 04 =>0x0c047fff8010: fa fa 00 01 fa fa fd fd fa fa[02]fa fa fa fa fa 0x0c047fff8020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c047fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c047fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c047fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c047fff8060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user:f7 Container overflow: fc Array cookie:ac Intra object redzone:bb ASan internal: fe Left alloca redzone: ca Right alloca redzone:cb Shadow gap: cc ==72973==ABORTING Aborted (core dumped) # Analysis Function call `bfd_getl16 (ptr + 2)` can access byte `ptr[3]`, but the check `ptr < maxptr` only ensures that `ptr[0]` is accessible, which causes the out-of-bound read.[1] [1] https://github.com/bminor/binutils-gdb/blob/aaa8dbc1b31233f66131476e03ab8635805e
[Bug binutils/29848] Out-of-bound read in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29848 2019 changed: What|Removed |Added Target||addr2line Build||aaa8dbc1b31233f66131476e03a ||b8635805e515d -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/29855] New: Local variable `ch_type` in function `bfd_init_section_decompress_status` can be uninitialized.
https://sourceware.org/bugzilla/show_bug.cgi?id=29855 Bug ID: 29855 Summary: Local variable `ch_type` in function `bfd_init_section_decompress_status` can be uninitialized. Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14483 --> https://sourceware.org/bugzilla/attachment.cgi?id=14483&action=edit PoC # Reproduce cd binutils-gdb git reset --hard 09a5d200e6166522e0d0a9276bd6b2227ac5ace1 mkdir msan && cd msan export CC=clang export CXX=clang++ ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=memory" make all-binutils MAKEINFO=true && true echo "" | binutils/addr2line -e ../ch_type_uninit.bin # Output binutils/addr2line: ../ch_type_uninit.bin: no group info for section '.init_array.2' ==15==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x563380931b2f in _bfd_elf_make_section_from_shdr /binutils-gdb/msan/bfd/../../bfd/elf.c:1238:8 #1 0x56338094e31d in bfd_section_from_shdr /binutils-gdb/msan/bfd/../../bfd/elf.c:2102:13 #2 0x563380902617 in bfd_elf64_object_p /binutils-gdb/msan/bfd/../../bfd/elfcode.h:842:7 #3 0x5633807c61f0 in bfd_check_format_matches /binutils-gdb/msan/bfd/../../bfd/format.c:353:17 #4 0x56338078b06f in process_file /binutils-gdb/msan/binutils/../../binutils/addr2line.c:451:9 #5 0x56338078a7e5 in main /binutils-gdb/msan/binutils/../../binutils/addr2line.c:579:10 #6 0x7f7d2ee55d8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16 #7 0x7f7d2ee55e3f in __libc_start_main csu/../csu/libc-start.c:392:3 #8 0x5633806f95c4 in _start (/binutils-gdb/msan/binutils/addr2line+0x18e5c4) SUMMARY: MemorySanitizer: use-of-uninitialized-value /binutils-gdb/msan/bfd/../../bfd/elf.c:1238:8 in _bfd_elf_make_section_from_shdr Exiting Aborted (core dumped) # Analysis At function `bfd_init_section_decompress_status`[1], local variable is supposed to be initialized by function `bfd_check_compression_header`[2]. However, since this function call is inside an `else if` branch, if the previous `if` branch is taken, the `ch_type` can be uninitialized and thus directly used to assign `sec->compress_status`. Therefore, when the `compress_status` field is used in a branch condition, the memory sanitizer aborts. [1] https://github.com/bminor/binutils-gdb/blob/125b7ff73a691353de114149a3a3951828cfb2be/bfd/compress.c#L532 [2] https://github.com/bminor/binutils-gdb/blob/125b7ff73a691353de114149a3a3951828cfb2be/bfd/compress.c#L568 [3] https://github.com/bminor/binutils-gdb/blob/125b7ff73a691353de114149a3a3951828cfb2be/bfd/compress.c#L589 [4] https://github.com/bminor/binutils-gdb/blob/125b7ff73a691353de114149a3a3951828cfb2be/bfd/elf.c#L1238 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/29855] Local variable `ch_type` in function `bfd_init_section_decompress_status` can be uninitialized.
https://sourceware.org/bugzilla/show_bug.cgi?id=29855 2019 changed: What|Removed |Added Target||addr2line Build||09a5d200e6166522e0d0a9276bd ||6b2227ac5ace1 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/29873] New: Out of bound read at `case DST__K_DELTA_PC_W` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29873 Bug ID: 29873 Summary: Out of bound read at `case DST__K_DELTA_PC_W` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14494 --> https://sourceware.org/bugzilla/attachment.cgi?id=14494&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: DST__K_SET_PC not implemented binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 104 binutils/addr2line: unknown line command 64 binutils/addr2line: unknown line command 64 binutils/addr2line: unknown line command 43 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 83 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 72 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 56 binutils/addr2line: unknown line command 116 binutils/addr2line: DST__K_END_STMT_MODE not implemented binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 67 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 117 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 75 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 67 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 48 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 67 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 75 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 67 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 127 binutils/addr2line: DST__K_END_STMT_MODE not implemented binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 24 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 32 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 102 binutils/addr2line: unknown line command 36 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 38 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 127 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 100 binutils/addr2line: unknown line command 59 binutils/addr2line: unknown line command 115 binutils/addr2line: unknown line command 100 binutils/addr2line: unknown line command 40 binutils/addr2line: unknown line command 87 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 67 binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/a
[Bug binutils/29874] New: Out of bound read at `case DST__K_INCR_LINUM` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29874 Bug ID: 29874 Summary: Out of bound read at `case DST__K_INCR_LINUM` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14495 --> https://sourceware.org/bugzilla/attachment.cgi?id=14495&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: DST__K_SET_PC not implemented binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: unknown line command 30 binutils/addr2line: unknown line command 75 binutils/addr2line: unknown line command 69 binutils/addr2line: unknown line command 80 binutils/addr2line: unknown line command 36 binutils/addr2line: DST__K_END_STMT_MODE not implemented binutils/addr2line: unknown line command 108 binutils/addr2line: unknown line command 80 binutils/addr2line: unknown line command 44 binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: unknown line command 24 binutils/addr2line: unknown line command 50 binutils/addr2line: DST__K_RESET_LINUM_INCR not implemented binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: unknown line command 87 binutils/addr2line: unknown line command 99 binutils/addr2line: unknown line command 73 binutils/addr2line: DST__K_END_STMT_MODE not implemented binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 104 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 99 binutils/addr2line: unknown line command 102 binutils/addr2line: unknown line command 75 binutils/addr2line: unknown line command 120 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 28 binutils/addr2line: unknown line command 127 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 100 binutils/addr2line: unknown line command 59 binutils/addr2line: unknown line command 115 binutils/addr2line: unknown line command 100 binutils/addr2line: unknown line command 40 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 67 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 67 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 99 binutils/addr2line: unknown line command 116 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 115 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 125 binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: DST__K_SET_PC_L not implemented binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 49 binutils/addr2line: unknown line command 68 binutils/addr2line: unknown line command 115 binutils/addr2line: unknown line command 68 binutils/addr2line: unknown line command 26 binutils/addr2line: unknown line command 82 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 83 binutils/addr2line: unknown line command 32 binutils/addr2line: unknown line command 99 binutils/addr2line: unknown line command 25 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 116 binutils/addr2line: DST__K_END_STMT_MODE not implemented binutils/addr2line: unknown line command 38 binutils/addr2line: unknown line command 112 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: unknown line command 42 binutils/addr2line: unknown line command 80 binutils/addr2line: unknown line command 71 binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: DST__K_END_STMT_MODE not implemented binutils/addr2line: unknown line command 118 binutils/addr2line: DST__K_END_STMT_MODE not implemented binutils/addr2line: DST__K_SET_PC_W not implemented binutils/addr2line: DST__K_SET_PC not implemented binutils/addr2line: DST__K_RESET_LINUM_INCR not implemented binutil
[Bug binutils/29875] New: Out of bound read at `case DST__K_INCR_LINUM_W` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29875 Bug ID: 29875 Summary: Out of bound read at `case DST__K_INCR_LINUM_W` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14496 --> https://sourceware.org/bugzilla/attachment.cgi?id=14496&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 63 binutils/addr2line: unknown line command 66 binutils/addr2line: unknown line command 66 binutils/addr2line: unknown line command 73 binutils/addr2line: DST__K_RESET_LINUM_INCR not implemented binutils/addr2line: unknown line command 69 binutils/addr2line: unknown line command 75 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 116 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 50 binutils/addr2line: unknown line command 114 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 114 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 114 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 66 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 101 binutils/addr2line: unknown line command 91 binutils/addr2line: unknown line command 92 binutils/addr2line: unknown line command 93 binutils/addr2line: unknown line command 94 binutils/addr2line: unknown line command 95 binutils/addr2line: unknown line command 73 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 49 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 72 binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: unknown line command 61 binutils/addr2line: unknown line command 72 binutils/addr2line: DST__K_SET_STMTNUM not implemented binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 49 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 83 binutils/addr2line: unknown line command 76 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 49 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 117 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 61 binutils/addr2line: unknown line command 72 binutils/addr2line: DST__K_SET_STMTNUM not implemented binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 49 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 83 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 85 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 83 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 72 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 56 binutils/addr2line: unknown line command 116 binutils/addr2line: unknown line command 96 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 125 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 67 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 117 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 76 binutil
[Bug binutils/29876] New: Out of bound read at `case DST__K_LINE_NUM` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29876 Bug ID: 29876 Summary: Out of bound read at `case DST__K_LINE_NUM` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14497 --> https://sourceware.org/bugzilla/attachment.cgi?id=14497&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: DST__K_SET_PC not implemented binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: DST__K_SET_STMTNUM not implemented binutils/addr2line: unknown line command 68 binutils/addr2line: unknown line command 83 binutils/addr2line: unknown line command 49 binutils/addr2line: DST__K_RESET_LINUM_INCR not implemented binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: unknown line command 87 binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: unknown line command 32 binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: unknown line command 45 binutils/addr2line: DST__K_SET_LINUM_INCR not implemented binutils/addr2line: unknown line command 58 binutils/addr2line: DST__K_SET_LINUM_INCR not implemented = ==174957==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61136868 at pc 0x55e028da0f5e bp 0x7ffe4823f1c0 sp 0x7ffe4823f1b0 READ of size 1 at 0x61136868 thread T0 #0 0x55e028da0f5d in parse_module ../../bfd/vms-alpha.c:4580 #1 0x55e028da1fad in module_find_nearest_line ../../bfd/vms-alpha.c:4902 #2 0x55e028da2911 in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #3 0x55e0287ceb1e in find_address_in_section ../../binutils/addr2line.c:197 #4 0x55e0287e9f43 in bfd_map_over_sections ../../bfd/section.c:1366 #5 0x55e0287cf8eb in translate_addresses ../../binutils/addr2line.c:337 #6 0x55e0287cffbc in process_file ../../binutils/addr2line.c:470 #7 0x55e0287d05b1 in main ../../binutils/addr2line.c:579 #8 0x7f127bbffd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 #9 0x7f127bbffe3f in __libc_start_main_impl ../csu/libc-start.c:392 #10 0x55e0287ce244 in _start (/binutils-gdb/build/binutils/addr2line+0x343244) 0x61136868 is located 0 bytes to the right of 232-byte region [0x61136780,0x61136868) allocated by thread T0 here: #0 0x7f127beb2867 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145 #1 0x55e0287e08d5 in bfd_malloc ../../bfd/libbfd.c:289 #2 0x55e028d8b13a in _bfd_malloc_and_read ../../bfd/libbfd.h:970 #3 0x55e028da1f77 in module_find_nearest_line ../../bfd/vms-alpha.c:4896 #4 0x55e028da2911 in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #5 0x55e0287ceb1e in find_address_in_section ../../binutils/addr2line.c:197 #6 0x55e0287e9f43 in bfd_map_over_sections ../../bfd/section.c:1366 #7 0x55e0287cf8eb in translate_addresses ../../binutils/addr2line.c:337 #8 0x55e0287cffbc in process_file ../../binutils/addr2line.c:470 #9 0x55e0287d05b1 in main ../../binutils/addr2line.c:579 #10 0x7f127bbffd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 SUMMARY: AddressSanitizer: heap-buffer-overflow ../../bfd/vms-alpha.c:4580 in parse_module Shadow bytes around the buggy address: 0x0c227fffecb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c227fffecc0: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00 0x0c227fffecd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c227fffece0: 00 00 00 00 00 00 00 00 fa fa fa fa fa fa fa fa 0x0c227fffecf0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x0c227fffed00: 00 00 00 00 00 00 00 00 00 00 00 00 00[fa]fa fa 0x0c227fffed10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c227fffed20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c227fffed30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c227fffed40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c227fffed50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow
[Bug binutils/29877] New: Out of bound read at `case DST__K_MODBEG` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29877 Bug ID: 29877 Summary: Out of bound read at `case DST__K_MODBEG` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14498 --> https://sourceware.org/bugzilla/attachment.cgi?id=14498&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 8 binutils/addr2line: unknown source command 130 binutils/addr2line: unknown source command 130 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 79 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 246 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 240 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 64 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 252 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 14 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 114 binutils/addr2line: unknown source command 118 binutils/addr2line: unknown source command 77 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 108 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 54 binutils/addr2line: unknown source command 54 binutils/addr2line: unknown source command 54 binutils/addr2line: unknown source command 49 binutils/addr2line: unknown source command 54 binutils/addr2line: unknown source command 54 binutils/addr2line: unknown source command 54 binutils/addr2line: unknown source command 54 binutils/addr2line: unknown source command 54 binutils/addr2line: u
[Bug binutils/29878] New: Out of bound read at `case DST__K_RTNBEG` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29878 Bug ID: 29878 Summary: Out of bound read at `case DST__K_RTNBEG` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14499 --> https://sourceware.org/bugzilla/attachment.cgi?id=14499&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 8 binutils/addr2line: unknown source command 130 binutils/addr2line: unknown source command 130 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 79 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 246 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 240 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 240 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 64 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 114 binutils/addr2line: unknown source command 118 binutils/addr2line: unknown source command 77 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 108 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 8 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 = ==178722==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a00b88 at pc 0x5620f46e597c bp 0x7ffc73d6b330 sp 0x7ffc73d6b320 READ of size 1 at 0x61a00b88 thread T0 #0 0x5620f46e597b in _bfd_vms_save_counted_string ../../bfd/vms-misc.c:170 #1 0x5620f403e062 in parse_module ../../bfd/vms-alpha.c:4404 #2 0x5620f403ffad in module_find_nearest_line ../../bfd/vms-alpha.c:4902 #3 0x5620f4040911 in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #4 0x5620f3a6cb1e in find_address_in_section ../../binutils/addr2line.c:197 #5 0x5620f3a87f43 in bfd_map_over_sections ../../bfd/section.c:1366 #6 0x5620f3a6d8eb in translate_addresses ../../binutils/addr2line.c:337 #7 0x5620f3a6dfbc in process_file ../../binutils/addr2line.c:
[Bug binutils/29879] New: Out of bound read at `case DST__K_RTNEND` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29879 Bug ID: 29879 Summary: Out of bound read at `case DST__K_RTNEND` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14500 --> https://sourceware.org/bugzilla/attachment.cgi?id=14500&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 130 binutils/addr2line: unknown source command 12 binutils/addr2line: unknown source command 120 binutils/addr2line: unknown source command 130 binutils/addr2line: unknown source command 130 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 235 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 246 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 240 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 64 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 252 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 14 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 114 binutils/addr2line: unknown source command 118 binutils/addr2line: unknown source command 77 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 246 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 241 binutils/addr2line: unknown source command 54 binutils/addr2line: unknown source command 54 binutils/addr2line: unknown source command 54 binutils/addr2line: unknown source command 49 binutils/addr2line: unknown source command 54 binutils/addr2line: u
[Bug binutils/29880] New: Out of bound read at `case DST__K_SET_ABS_PC` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29880 Bug ID: 29880 Summary: Out of bound read at `case DST__K_SET_ABS_PC` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14501 --> https://sourceware.org/bugzilla/attachment.cgi?id=14501&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: DST__K_RESET_LINUM_INCR not implemented binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 89 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 94 binutils/addr2line: DST__K_SET_PC not implemented binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 81 binutils/addr2line: DST__K_RESET_LINUM_INCR not implemented binutils/addr2line: DST__K_RESET_LINUM_INCR not implemented binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: DST__K_SET_PC_W not implemented binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 84 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 48 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 32 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 69 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 104 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 28 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 96 binutils/addr2line: DST__K_RESET_LINUM_INCR not implemented binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 83 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 103 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 88 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 68 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 31 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 42 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 100 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 67 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 60 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 73 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 102 binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: DST__K_BEG_STMT_MODE not implemented binutils/addr2line: unknown line command 111 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 100 binutils/addr2line: DST__K_SET_PC_W not implemented binutils/addr2line: unknown line command 110 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 111 binutils/addr2line: unknown line command 69 binutils/addr2line: unknown line command 72 binutils/addr2line: DST__K_SET_PC_W not implemented binutils/addr2line: unknown line command 111 binutils/addr2line: unknown line command 80 binutils/addr2line: unknown line command 112 binutils/addr2line: unknown line command 109 binutils/addr2line: unknown line command 81 binutils/addr2line: unknown line command 111 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 108 binutils/addr2line: unknown line command 111 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 111 binutils/addr2line: unknown line command 80 binutils/addr2line: unknown line command 109 binutils/addr2line: unknown line command 111 binutils/addr2line: unknown line command 80 binutils/addr2line: DST__K_SET_LINUM_INCR not implemented
[Bug binutils/29881] New: Out of bound read at `case DST__K_SOURCE` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29881 Bug ID: 29881 Summary: Out of bound read at `case DST__K_SOURCE` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14502 --> https://sourceware.org/bugzilla/attachment.cgi?id=14502&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 128 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 240 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 240 binutils/addr2line: unknown source command 120 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 104 binutils/addr2line: unknown source command 240 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 9 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 26 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 34 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2lin
[Bug binutils/29882] New: Out of bound read at `case DST__K_SRC_DECLFILE` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29882 Bug ID: 29882 Summary: Out of bound read at `case DST__K_SRC_DECLFILE` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14503 --> https://sourceware.org/bugzilla/attachment.cgi?id=14503&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 104 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 15 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 91 binutils/addr2line: unknown source command 0 = ==177878==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a00b83 at pc 0x55d65a5bf97c bp 0x7ffd028b3480 sp 0x7ffd028b3470 READ of size 1 at 0x61a00b83 thread T0 #0 0x55d65a5bf97b in _bfd_vms_save_counted_string ../../bfd/vms-misc.c:170 #1 0x55d659f183cb in parse_module ../../bfd/vms-alpha.c:4457 #2 0x55d659f19fad in module_find_nearest_line ../../bfd/vms-alpha.c:4902 #3 0x55d659f1a911 in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #4 0x55d659946b1e in find_address_in_section ../../binutils/addr2line.c:197 #5 0x55d659961f43 in bfd_map_over_sections ../../bfd/section.c:1366 #6 0x55d6599478eb in translate_addresses ../../binutils/addr2line.c:337 #7 0x55d659947fbc in process_file ../../binutils/addr2line.c:470 #8 0x55d6599485b1 in main ../../binutils/addr2line.c:579 #9 0x7f1b1ce60d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 #10 0x7f1b1ce60e3f in __libc_start_main_impl ../csu/libc-start.c:392 #11 0x55d659946244 in _start (/binutils-gdb/build/binutils/addr2line+0x343244) 0x61a00b83 is located 3 bytes to the right of 1280-byte region [0x61a00680,0x61a00b80) allocated by thread T0 here: #0 0x7f1b1d113867 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145 #1 0x55d6599588d5 in bfd_malloc ../../bfd/libbfd.c:289 #2 0x55d659f0313a in _bfd_malloc_and_read ../../bfd/libbfd.h:970 #3 0x55d659f19f77 in module_find_nearest_line ../../bfd/vms-alpha.c:4896 #4 0x55d659f1a911 in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #5 0x55d659946b1e in find_address_in_section ../../binutils/addr2line.c:197 #6 0x55d659961f43 in bfd_map_over_sections ../../bfd/section.c:1366 #7 0x55d6599478eb in translate_addresses ../../binutils/addr2line.c:337 #8 0x55d659947fbc in process_file ../../binutils/addr2line.c:470 #9 0x55d6599485b1 in main ../../binutils/addr2line.c:579 #10 0x7f1b1ce60d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 SUMMARY: AddressSanitizer: heap-buffer-overflow ../../bfd/vms-misc.c:170 in _bfd_vms_save_counted_string Shadow bytes around the buggy address: 0x0c347fff8120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c347fff8130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c347fff8140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c347fff8150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c347fff8160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x0c347fff8170:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa
[Bug binutils/29883] New: Out of bound read at `case DST__K_SRC_DEFLINES_B` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29883 Bug ID: 29883 Summary: Out of bound read at `case DST__K_SRC_DEFLINES_B` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14504 --> https://sourceware.org/bugzilla/attachment.cgi?id=14504&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 114514 ``` # Output ``` binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 = ==183026==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a00b80 at pc 0x561d2a1b6645 bp 0x7fff69913630 sp 0x7fff69913620 READ of size 1 at 0x61a00b80 thread T0 #0 0x561d2a1b6644 in parse_module ../../bfd/vms-alpha.c:4484 #1 0x561d2a1b7fad in module_find_nearest_line ../../bfd/vms-alpha.c:4902 #2 0x561d2a1b8911 in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #3 0x561d29be4b1e in find_address_in_section ../../binutils/addr2line.c:197 #4 0x561d29bfff43 in bfd_map_over_sections ../../bfd/section.c:1366 #5 0x561d29be58eb in translate_addresses ../../binutils/addr2line.c:337 #6 0x561d29be5fbc in process_file ../../binutils/addr2line.c:470 #7 0x561d29be65b1 in main ../../binutils/addr2line.c:579 #8 0x7f6aca2d4d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 #9 0x7f6aca2d4e3f in __libc_start_main_impl ../csu/libc-start.c:392 #10 0x561d29be4244 in _start (/binutils-gdb/build/binutils/addr2line+0x343244) 0x61a00b80 is located 0 bytes to the right of 1280-byte region [0x61a00680,0x61a00b80) allocated by thread T0 here: #0 0x7f6aca587867 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145 #1 0x561d29bf68d5 in bfd_malloc ../../bfd/libbfd.c:289 #2 0x561d2a1a113a in _bfd_malloc_and_read ../../bfd/libbfd.h:970 #3 0x561d2a1b7f77 in module_find_nearest_line ../../bfd/vms-alpha.c:4896 #4 0x561d2a1b8911 in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #5 0x561d29be4b1e in find_address_in_section ../../binutils/addr2line.c:197 #6 0x561d29bfff43 in bfd_map_over_sections ../../bfd/section.c:1366 #7 0x561d29be58eb in translate_addresses ../../binutils/addr2line.c:337 #8 0x561d29be5fbc in process_file ../../binutils/addr2line.c:470 #9 0x561d29be65b1 in main ../../binutils/addr2line.c:579 #10 0x7f6aca2d4d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 SUMMARY: AddressSanitizer: heap-buffer-overflow ../../bfd/vms-alpha.c:4484 in parse_module Shadow bytes around the buggy address: 0x0c347fff8120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c347fff8130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c347fff8140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c347fff8150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c347fff8160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x0c347fff8170:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c347fff8180: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c347fff8190: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c347fff81a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c347fff81b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c347fff81c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user:f7 Container overflow: fc Array cookie:ac Intra object redzone:bb ASan internal: fe Left alloca redzone: ca Right alloca redzone:cb Shadow gap: cc ==183026==ABORTING Aborted (core dumped) ``` # Analysis `src_ptr[DST_S_B_SRC_UNSBYTE]` is accessed without bound check. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/29884] New: Out of bound read at `case DST__K_SRC_DEFLINES_W` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29884 Bug ID: 29884 Summary: Out of bound read at `case DST__K_SRC_DEFLINES_W` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14505 --> https://sourceware.org/bugzilla/attachment.cgi?id=14505&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 = ==180046==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a00b80 at pc 0x55726d8bcc4e bp 0x7ffc7e02b040 sp 0x7ffc7e02b030 READ of size 1 at 0x61a00b80 thread T0 #0 0x55726d8bcc4d in bfd_getl16 ../../bfd/libbfd.c:633 #1 0x55726de7c833 in parse_module ../../bfd/vms-alpha.c:4499 #2 0x55726de7dfad in module_find_nearest_line ../../bfd/vms-alpha.c:4902 #3 0x55726de7e911 in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #4 0x55726d8aab1e in find_address_in_section ../../binutils/addr2line.c:197 #5 0x55726d8c5f43 in bfd_map_over_sections ../../bfd/section.c:1366 #6 0x55726d8ab8eb in translate_addresses ../../binutils/addr2line.c:337 #7 0x55726d8abfbc in process_file ../../binutils/addr2line.c:470 #8 0x55726d8ac5b1 in main ../../binutils/addr2line.c:579 #9 0x7f1ca
[Bug binutils/29885] New: Out of bound read at `case DST__K_SRC_INCRLNUM_B` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29885 Bug ID: 29885 Summary: Out of bound read at `case DST__K_SRC_INCRLNUM_B` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14506 --> https://sourceware.org/bugzilla/attachment.cgi?id=14506&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 114514 ``` # Output ``` binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 8 binutils/addr2line: unknown source command 130 binutils/addr2line: unknown source command 130 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 235 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 246 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 = ==183476==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x612002d0 at pc 0x55ad10f16a49 bp 0x7ffd426b55e0 sp 0x7ffd426b55d0 READ of size 1 at 0x612002d0 thread T0 #0 0x55ad10f16a48 in parse_module ../../bfd/vms-alpha.c:4512 #1 0x55ad10f17fad in module_find_nearest_line ../../bfd/vms-alpha.c:4902 #2 0x55ad10f18911 in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #3 0x55ad10944b1e in find_address_in_section ../../binutils/addr2line.c:197 #4 0x55ad1095ff43 in bfd_map_over_sections ../../bfd/section.c:1366 #5 0x55ad109458eb in translate_addresses ../../binutils/addr2line.c:337 #6 0x55ad10945fbc in process_file ../../binutils/addr2line.c:470 #7 0x55ad109465b1 in main ../../binutils/addr2line.c:579 #8 0x7f00232a2d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 #9 0x7f00232a2e3f in __libc_start_main_impl ../csu/libc-start.c:392 #10 0x55ad10944244 in _start (/binutils-gdb/build/binutils/addr2line+0x343244) 0x612002d0 is located 0 bytes to the right of 272-byte region [0x612001c0,0x612002d0) allocated by thread T0 here: #0 0x7f0023555867 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145 #1 0x55ad109568d5 in bfd_malloc ../../bfd/libbfd.c:289 #2 0x55ad10f0113a in _bfd_malloc_and_read ../../bfd/libbfd.h:970 #3 0x55ad10f17f77 in module_find_nearest_line ../../bfd/vms-alpha.c:4896 #4 0x55ad10f18911 in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #5 0x55ad10944b1e in find_address_in_section ../../binutils/addr2line.c:197 #6 0x55ad1095ff43 in bfd_map_over_sections ../../bfd/section.c:1366 #7 0x55ad109458eb in translate_addresses ../../binutils/addr2line.c:337 #8 0x55ad10945fbc in process_file ../../binutils/addr2line.c:470 #9 0x55ad109465b1 in main ../../binutils/addr2line.c:579 #10 0x7f00232a2d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 SUMMARY: AddressSanitizer: heap-buffer-overflow ../../bfd/vms-alpha.c:4512 in parse_module Shadow bytes around the buggy address: 0x0c247fff8000: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00 0x0c247fff8010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c247fff8020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fa fa 0x0c247fff8030: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00 0x0c247fff8040: 00 00 00 00 00
[Bug binutils/29886] New: Out of bound read at `case DST__K_SRC_SETFILE` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29886 Bug ID: 29886 Summary: Out of bound read at `case DST__K_SRC_SETFILE` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14507 --> https://sourceware.org/bugzilla/attachment.cgi?id=14507&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 227 binutils/addr2line: unknown source command 185 binutils/addr2line: unknown source command 185 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 31 binutils/addr2line: unknown source command 14 binutils/addr2line: unknown source command 180 binutils/addr2line: unknown source command 205 binutils/addr2line: unknown source command 183 binutils/addr2line: unknown source command 76 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 72 binutils/addr2line: unknown source command 72 binutils/addr2line: unknown source command 72 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 128 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown so
[Bug binutils/29887] New: Out of bound read when accessing `file_table` at `case DST__K_SRC_SETFILE` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29887 Bug ID: 29887 Summary: Out of bound read when accessing `file_table` at `case DST__K_SRC_SETFILE` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14508 --> https://sourceware.org/bugzilla/attachment.cgi?id=14508&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 18 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 119 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 212 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 18 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 44 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 116 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 18 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 68 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 176 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 18 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 137 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 248 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 18 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 177 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 64 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 18 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 219 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 48 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 18 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 26 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 188 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 18 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 243 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 60 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 18 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 70 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 8 = ==174360==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6113e388 at pc 0x564c5b6f bp
[Bug binutils/29888] New: Out of bound read at `case DST__K_SRC_SETLNUM_L` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29888 Bug ID: 29888 Summary: Out of bound read at `case DST__K_SRC_SETLNUM_L` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14509 --> https://sourceware.org/bugzilla/attachment.cgi?id=14509&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 8 binutils/addr2line: unknown source command 130 = ==178354==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a00b80 at pc 0x562eac5f24fc bp 0x7ffd5773ede0 sp 0x7ffd5773edd0 READ of size 1 at 0x61a00b80 thread T0 #0 0x562eac5f24fb in bfd_getl32 ../../bfd/libbfd.c:728 #1 0x562eacbb1bcb in parse_module ../../bfd/vms-alpha.c:4527 #2 0x562eacbb2fad in module_find_nearest_line ../../bfd/vms-alpha.c:4902 #3 0x562eacbb3911 in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #4 0x562eac5dfb1e in find_address_in_section ../../binutils/addr2line.c:197 #5 0x562eac5faf43 in bfd_map_over_sections ../../bfd/section.c:1366 #6 0x562eac5e08eb in translate_addresses ../../binutils/addr2line.c:337 #7 0x562eac5e0fbc in process_file ../../binutils/addr2line.c:470 #8 0x562eac5e15b1 in main ../../binutils/addr2line.c:579 #9 0x7fdb3ed4bd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 #10 0x7fdb3ed4be3f in __libc_start_main_impl ../csu/libc-start.c:392 #11 0x562eac5df244 in _start (/binutils-gdb/build/binutils/addr2line+0x343244) 0x61a00b80 is located 0 bytes to the right of 1280-byte region [0x61a00680,0x61a00b80) allocated by thread T0 here: #0 0x7fdb3effe867 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145 #1 0x562eac5f18d5 in bfd_malloc ../../bfd/libbfd.c:289 #2 0x562eacb9c13a in _bfd_malloc_and_read ../../bfd/libbfd.h:970 #3 0x562eacbb2f77 in module_find_nearest_line ../../bfd/vms-alpha.c:4896 #4 0x562eacbb3911 in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #5 0x562eac5dfb1e in find_address_in_section ../../binutils/addr2line.c:197 #6 0x562eac5faf43 in bfd_map_over_sections ../../bfd/section.c:1366 #7 0x562eac5e08eb in translate_addresses ../../binutils/addr2line.c:337 #8 0x562eac5e0fbc in process_file ../../binutils/addr2line.c:470 #9 0x562eac5e15b1 in main ../../binutils/addr2line.c:579 #10 0x7fdb3ed4bd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 SUMMARY: AddressSanitizer: heap-buffer-overflow ../../bfd/libbfd.c:728 in bfd_getl32 Shadow bytes around the buggy address: 0x0c347fff8120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c347fff8130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c347fff8140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c347fff8150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c347fff8160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x0c347fff8170:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c347fff8180: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c347fff8190: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c347fff81a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c347fff81b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c347fff81c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user:f7 Container overflow: fc Array cookie:ac Intra object redzone:bb ASan internal: fe Left alloca redzone: ca Right alloca redzone:cb Shadow gap: cc ==178354==ABORTING Aborted (co
[Bug binutils/29889] New: Out of bound read at `case DST__K_SRC_SETREC_L` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29889 Bug ID: 29889 Summary: Out of bound read at `case DST__K_SRC_SETREC_L` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14510 --> https://sourceware.org/bugzilla/attachment.cgi?id=14510&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 52 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 192 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 66 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 203 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 233 binutils/addr2line: unknown source command 128 binutils/addr2line: unknown source command 193 binutils/addr2line: unknown source command 56 binutils/addr2line: unknown source command 15 binutils/addr2line: unknown source command 159 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 233 binutils/addr2line: unknown source command 128 binutils/addr2line: unknown source command 193 binutils/addr2line: unknown source command 56 binutils/addr2line: unknown source command 20 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 233 binutils/addr2line: unknown source command 233 binutils/addr2line: unknown source command 225 binutils/addr2line: unknown source command 128 = ==180966==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6113c9e8 at pc 0x55daa0e054b2 bp 0x7fff33277080 sp 0x7fff33277070 READ of size 1 at 0x6113c9e8 thread T0 #0 0x55daa0e054b1 in bfd_getl32 ../../bfd/libbfd.c:727 #1 0x55daa13c4c8b in parse_module ../../bfd/vms-alpha.c:4541 #2 0x55daa13c5fad in module_find_nearest_line ../../bfd/vms-alpha.c:4902 #3 0x55daa13c6911 in _bfd_vms_find_nearest_line ../../bfd/vms-alph
[Bug binutils/29890] New: Out of bound read at `case DST__K_SRC_SETREC_W` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29890 Bug ID: 29890 Summary: Out of bound read at `case DST__K_SRC_SETREC_W` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14511 --> https://sourceware.org/bugzilla/attachment.cgi?id=14511&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 52 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 192 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 66 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 255 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 binutils/addr2line: unknown source command 0 = ==181531==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a00b81 at pc 0x55c21968bc4e bp 0x7ffe6ee52570 sp 0x7ffe6ee52560 READ of size 1 at 0x61a00b81 thread T0 #0 0x55c21968bc4d in bfd_getl16 ../../bfd/libbfd.c:633 #1 0x55c219c4bda0 in parse_module ../../bfd/vms-alpha.c:4549 #2 0x55c219c4cfad in module_find_nearest_line ../../bfd/vms-alpha.c:4902 #3 0x55c219c4d911 in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #4 0x55c219679b1e in find_address_in_section ../../binutils/addr2line.c:197 #5 0x55c219694f43 in bfd_map_over_sections ../../bfd/section.c:1366 #6 0x55c21967a8eb in translate_addresses ../../binutils/addr2line.c:337 #7 0x55c21967afbc in process_file ../../binutils/addr2line.c:470 #8 0x55c21967b5b1 in main ../../binutils/addr2line.c:579 #9 0x7fce40321d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 #10 0x7fce40321e3f in __libc_start_main_impl ../csu/libc-start.c:392 #11 0x55c219679244 in _start (/binutils-gdb/build/binutils/addr2line+0x343244) 0x61a00b81 is located 1 bytes to the right of 1280-byte region [0x61a00680,0x61a00b80) allocated by thread T0 here: #0 0x7fce405d4867 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145 #1 0x55c21968b8d5 in bfd_malloc ../../bfd/libbfd.c:289 #2 0x55c219c3613a in _bfd_malloc_and_read ../../bfd/libbfd.h:970 #3 0x55c219c4cf77 in module_find_nearest_line ../../bfd/vms-alpha.c:4896 #4 0x55c219c4d911 in _bfd_vms_find_nearest_line ../../bfd/vms-alpha.c:4982 #5 0x55c219679b1e in find_address_in_section ../../binutils/addr2line.c:197 #6 0x55c219694f43 in bfd_map_over_sections ../../bfd/section.c:1366 #7 0x55c21967a8eb in translate_addresses ../../binutils/addr2line.c:337 #8 0x55c21967afbc in process_file ../../binutils/addr2line.c:470 #9 0x55c21967b5b1 in main ../../binutils/addr2line.c:579 #10 0x7fce40321d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 SUMMA
[Bug binutils/29891] New: Out of bound read at `case DST__K_TERM_W` handler in function `parse_module`
https://sourceware.org/bugzilla/show_bug.cgi?id=29891 Bug ID: 29891 Summary: Out of bound read at `case DST__K_TERM_W` handler in function `parse_module` Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14512 --> https://sourceware.org/bugzilla/attachment.cgi?id=14512&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 117 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 63 binutils/addr2line: unknown line command 116 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: DST__K_END_STMT_MODE not implemented binutils/addr2line: unknown line command 73 binutils/addr2line: DST__K_END_STMT_MODE not implemented binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 38 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 27 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 92 binutils/addr2line: unknown line command 94 binutils/addr2line: unknown line command 95 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 85 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 83 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 72 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 100 binutils/addr2line: unknown line command 59 binutils/addr2line: unknown line command 115 binutils/addr2line: unknown line command 100 binutils/addr2line: unknown line command 40 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 112 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 63 binutils/addr2line: unknown line command 116 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 63 binutils/addr2line: unknown line command 55 binutils/addr2line: unknown line command 49 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 39 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 116 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 117 binutils/addr2line: unknown line command 73 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 39 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 127 binutils/addr2line: unknown line command 65 binutils/addr2line: unknown line command 28 binutils/addr2line: unknown line command 49 binutils/addr2line: unknown line command 116 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented binutils/addr2line: unknown line command 76 binutils/addr2line: unknown line command 72 binutils/addr2line: unknown line command 116 binutils/addr2line: DST__K_SET_LINUM_INCR_W not implemented
[Bug binutils/29892] New: Field `file_table` of `struct module *module` is uninitialized
https://sourceware.org/bugzilla/show_bug.cgi?id=29892 Bug ID: 29892 Summary: Field `file_table` of `struct module *module` is uninitialized Product: binutils Version: 2.40 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: r3tr0spect2019 at gmail dot com Target Milestone: --- Created attachment 14513 --> https://sourceware.org/bugzilla/attachment.cgi?id=14513&action=edit PoC # Reproduce ```bash cd binutils-gdb git reset --hard f2f58a399cf3f946983398cdfe52d0eaa72bf877 mkdir build && cd build ../configure --disable-gdb --disable-gdbserver --disable-gdbsupport --disable-libdecnumber --disable-readline --disable-sim --disable-libbacktrace --disable-gas --disable-ld --disable-werror --enable-targets=all CPPFLAGS=-DDEBUG CFLAGS="-g -O0 -fsanitize=address" make all-binutils MAKEINFO=true && true binutils/addr2line -e poc.bin 0 ``` # Output ``` /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 52 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 192 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 66 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 95 /binutils-gdb/build/binutils/addr2line: unknown source command 99 /binutils-gdb/build/binutils/addr2line: unknown source command 116 /binutils-gdb/build/binutils/addr2line: unknown source command 105 /binutils-gdb/build/binutils/addr2line: unknown source command 103 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 95 /binutils-gdb/build/binutils/addr2line: unknown source command 84 /binutils-gdb/build/binutils/addr2line: unknown source command 88 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 148 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 161 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unknown source command 0 /binutils-gdb/build/binutils/addr2line: unkno
