Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 11956
--> https://sourceware.org/bugzilla/attachment.cgi?id=11956&action=edit
Poc to trigger bug
Triggered by "
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 11955
--> https://sourceware.org/bugzilla/attachment.cgi?id=11955&action=edit
Poc to trigger bug
Triggered by "
https://sourceware.org/bugzilla/show_bug.cgi?id=24898
--- Comment #5 from Mingi Cho ---
Hi,
I have tested this bug using the binary compiled with "-O3" and ASAN options as
following.
CC=clang-5.0 CFLAGS="-m32 -Wextra -Wno-missing-field-initializers
-fsanitize=address -fno-omit-frame-pointer -g
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 11946
--> https://sourceware.org/bugzilla/attachment.cgi?id=11946&action=edit
Poc to trigger bug
Triggered by "./obj
https://sourceware.org/bugzilla/show_bug.cgi?id=24273
--- Comment #2 from Mingi Cho ---
Hi Nick,
I used the latest binutils sources, and compiled with following configuration:
CC=clang-5.0 CXX=clang++-5.0 CFLAGS="-m32 -g -O0 -fsanitize=address
-fsanitize-recover=address" CXXFLAGS="-m32 -g -O0 -
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 11652
--> https://sourceware.org/bugzilla/attachment.cgi?id=11652&action=edit
Poc to trigger bug
Triggered by "./obj
: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 11651
--> https://sourceware.org/bugzilla/attachment.cgi?id=11651&action=edit
Poc to
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 11644
--> https://sourceware.org/bugzilla/attachment.cgi?id=11644&action=edit
Poc to trigger bug
Tr
: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 11089
--> https://sourceware.org/bugzilla/attachment.cgi?id=11089&action=edit
POC to trigger bug
Triggered by "./nm -l $POC"
https://sourceware.org/bugzilla/show_bug.cgi?id=22809
--- Comment #4 from Mingi Cho ---
Hi Nick,
I have tested the bug in x86 Ubuntu system. When hdr->sh_size is 0x
then malloc(hdr->sh_size +1) returns a valid pointer with small size at
_bfd_elf_parse_attributes function and the bug is
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10999
--> https://sourceware.org/bugzilla/attachment.cgi?id=10999&action=edit
POC to trigger bug
Triggered by "./objdum
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10998
--> https://sourceware.org/bugzilla/attachment.cgi?id=10998&action=edit
POC to trigger bug
Triggered by "./objdum
https://sourceware.org/bugzilla/show_bug.cgi?id=22809
--- Comment #1 from Mingi Cho ---
Created attachment 10794
--> https://sourceware.org/bugzilla/attachment.cgi?id=10794&action=edit
PE file to trigger the bug
--
You are receiving this mail because:
You are on the CC list for the bug.
_
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10793
--> https://sourceware.org/bugzilla/attachment.cgi?id=10793&action=edit
ELF file to trigger the bug
Triggered by "
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10646
--> https://sourceware.org/bugzilla/attachment.cgi?id=10646&action=edit
poc of the crash
Triggered by "./readelf -w
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10645
--> https://sourceware.org/bugzilla/attachment.cgi?id=10645&action=edit
poc of the crash
Triggered by "
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10644
--> https://sourceware.org/bugzilla/attachment.cgi?id=10644&action=edit
poc of the crash
Triggered by "./objdump -x
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10643
--> https://sourceware.org/bugzilla/attachment.cgi?id=10643&action=edit
poc of the crash
Triggered by "
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10642
--> https://sourceware.org/bugzilla/attachment.cgi?id=10642&action=edit
poc of the crash
Triggered by "./objdump -W $PO
https://sourceware.org/bugzilla/show_bug.cgi?id=22443
--- Comment #9 from Mingi Cho ---
Created attachment 10619
--> https://sourceware.org/bugzilla/attachment.cgi?id=10619&action=edit
Proposed patch
Hi Nick,
I have tested with your patch and added checking for null pointers because the
symbo
https://sourceware.org/bugzilla/show_bug.cgi?id=22443
--- Comment #6 from Mingi Cho ---
Created attachment 10616
--> https://sourceware.org/bugzilla/attachment.cgi?id=10616&action=edit
Proposed patch
Hi Nick,
I tested with the patch which you suggested. But in my case the problem still
occurs
https://sourceware.org/bugzilla/show_bug.cgi?id=22443
--- Comment #5 from Mingi Cho ---
Created attachment 10615
--> https://sourceware.org/bugzilla/attachment.cgi?id=10615&action=edit
minimized testcase
--
You are receiving this mail because:
You are on the CC list for the bug.
_
: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10591
--> https://sourceware.org/bugzilla/attachment.cgi?id=10591&action=edit
p
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10569
--> https://sourceware.org/bugzilla/attachment.cgi?id=10569&action=edit
POC file
Triggered by "./readelf -w $PO
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10568
--> https://sourceware.org/bugzilla/attachment.cgi?id=10568&action=edit
poc of the crash
Triggered by "./obj
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10566
--> https://sourceware.org/bugzilla/attachment.cgi?id=10566&action=edit
poc of the crash
Triggered by "./rea
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10562
--> https://sourceware.org/bugzilla/attachment.cgi?id=10562&action=edit
poc of the crash
Triggered by "./objdump -x $PO
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10560
--> https://sourceware.org/bugzilla/attachment.cgi?id=10560&action=edit
POC of the crash
Triggered by "./objdump -x
: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10535
--> https://sourceware.org/bugzilla/attachment.cgi?id=10535&action=edit
POC to trigg
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 10533
--> https://sourceware.org/bugzilla/attachment.cgi?id=10533&action=edit
poc for heap corruption
Triggered by &qu
30 matches
Mail list logo
