Summary: | stack-buffer-overflow in bfd_get_string | ||
---|---|---|---|
Product: | binutils | Reporter: | Alexandre Adamski <aadamski> |
Component: | binutils | Assignee: | Not yet assigned to anyone <unassigned> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | nickc |
Priority: | P2 | ||
Version: | 2.29 | ||
Target Milestone: | --- | ||
Host: | Target: | ||
Build: | Last reconfirmed: | ||
Attachments: |
testcase
report |
Description
Alexandre Adamski
2017-06-13 17:51:28 UTC
Created attachment 10112 [details]
testcase
Created attachment 10113 [details]
report
Additional Information: The command used was `objdump -D <file>`. The compilation flags used were `-g -O2 -fno-omit-frame-pointer -fsanitize=address -fno-sanitize-recover=undefined`. The configuration settings used were `--enable-targets=all --disable-shared`. (In reply to Nick Clifton from comment #4) > Are you able to test out patches and see if they make a difference ? If so > please could you try out the uploaded patch which might make a difference. > For me, the bug goes away, but I cannot tell if I have really fixed the > problem, or if there is still some kind of stack corruption going on. I tried your patch with both the raw and the minimized testcases; it seems not to crash anymore. I have started an instance of AFL in "crash exploration" mode in order to generate more diverse testcases. I will report back in a few hours. Thanks a lot for all your bug fixes, you're doing god's work! :-) The master branch has been updated by Nick Clifton <nickc@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=62b76e4b6e0b4cb5b3e0053d1de4097b32577049 commit 62b76e4b6e0b4cb5b3e0053d1de4097b32577049 Author: Nick Clifton <nickc@redhat.com> Date: Thu Jun 15 13:08:47 2017 +0100 Fix address violation parsing a corrupt ieee binary. PR binutils/21581 (ieee_archive_p): Use a static buffer to avoid compiler bugs. |