Attachment 10271 Details for Bug 21786 – crash state

crash state

stack-overflow.asan (text/plain), 3.21 KB, created by Ned Williamson on 2017-07-19 01:02:50 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Ned Williamson

Created: 2017-07-19 01:02:50 UTC

Size: 3.21 KB

patch

obsolete

>=================================================================
>==10804==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffc3687b770 at pc 0x00000045dc75 bp 0x7ffc3687b610 sp 0x7ffc3687adb0
>READ of size 5 at 0x7ffc3687b770 thread T0
>    #0 0x45dc74 in StrtolFixAndCheck(void*, char const*, char**, char*, int) (/home/ned/dev/binutils-clean/binutils-gdb/binutils/objdump+0x45dc74)
>    #1 0x4b19bf in __interceptor_strtol (/home/ned/dev/binutils-clean/binutils-gdb/binutils/objdump+0x4b19bf)
>    #2 0xbda4c8 in _bfd_xcoff_read_ar_hdr /home/ned/dev/binutils-clean/binutils-gdb/bfd/coff-rs6000.c:1504:16
>    #3 0x7634f8 in _bfd_get_elt_at_filepos /home/ned/dev/binutils-clean/binutils-gdb/bfd/archive.c:658:44
>    #4 0x4f3ce5 in display_any_bfd /home/ned/dev/binutils-clean/binutils-gdb/binutils/./objdump.c:3665:13
>    #5 0x4f3a79 in display_file /home/ned/dev/binutils-clean/binutils-gdb/binutils/./objdump.c:3713:3
>    #6 0x4f31f5 in main /home/ned/dev/binutils-clean/binutils-gdb/binutils/./objdump.c:4015:6
>    #7 0x7f328c63082f in __libc_start_main /build/glibc-bfm8X4/glibc-2.23/csu/../csu/libc-start.c:291
>    #8 0x41a4f8 in _start (/home/ned/dev/binutils-clean/binutils-gdb/binutils/objdump+0x41a4f8)
>
>Address 0x7ffc3687b770 is located in stack of thread T0 at offset 272 in frame
>    #0 0xbda37f in _bfd_xcoff_read_ar_hdr /home/ned/dev/binutils-clean/binutils-gdb/bfd/coff-rs6000.c:1451
>
>  This frame has 2 object(s):
>    [32, 120) 'hdr'
>    [160, 272) 'hdr45' <== Memory access at offset 272 overflows this variable
>HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext
>      (longjmp and C++ exceptions *are* supported)
>SUMMARY: AddressSanitizer: stack-buffer-overflow (/home/ned/dev/binutils-clean/binutils-gdb/binutils/objdump+0x45dc74) in StrtolFixAndCheck(void*, char const*, char**, char*, int)
>Shadow bytes around the buggy address:
>  0x100006d07690: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>  0x100006d076a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>  0x100006d076b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>  0x100006d076c0: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
>  0x100006d076d0: 00 00 00 00 00 00 00 00 00 00 00 f2 f2 f2 f2 f2
>=>0x100006d076e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00[f3]f3
>  0x100006d076f0: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
>  0x100006d07700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>  0x100006d07710: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>  0x100006d07720: f1 f1 f1 f1 04 f2 00 f2 f2 f2 00 f2 f2 f2 00 f3
>  0x100006d07730: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
>Shadow byte legend (one shadow byte represents 8 application bytes):
>  Addressable:           00
>  Partially addressable: 01 02 03 04 05 06 07 
>  Heap left redzone:       fa
>  Freed heap region:       fd
>  Stack left redzone:      f1
>  Stack mid redzone:       f2
>  Stack right redzone:     f3
>  Stack after return:      f5
>  Stack use after scope:   f8
>  Global redzone:          f9
>  Global init order:       f6
>  Poisoned by user:        f7
>  Container overflow:      fc
>  Array cookie:            ac
>  Intra object redzone:    bb
>  ASan internal:           fe
>  Left alloca redzone:     ca
>  Right alloca redzone:    cb
>==10804==ABORTING

Actions: View

Attachments on bug 21786: 10269 | 10270 | 10271