Summary: | Memory leak in readelf, request_dump_bynumber | ||
---|---|---|---|
Product: | binutils | Reporter: | Heqing HUANG <featherrain26> |
Component: | binutils | Assignee: | Alan Modra <amodra> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | P2 | ||
Version: | 2.32 | ||
Target Milestone: | 2.34 | ||
Host: | Target: | ||
Build: | Last reconfirmed: | ||
Attachments: | POC file |
The master branch has been updated by Alan Modra <amodra@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a4f2b7c5d931f2aa27851b59ae5817a6ee43cfcb commit a4f2b7c5d931f2aa27851b59ae5817a6ee43cfcb Author: Alan Modra <amodra@gmail.com> Date: Mon Jan 13 22:53:02 2020 +1030 Re: PR23560, PR23561, readelf memory leaks PR 25360 PR 25361 Dyslexia strikes again. Fix git commit a788aedd86da983faf0afef3cb41461118a2e9f2 ChangeLog. Fixed. |
Created attachment 12182 [details] POC file Hi, there. There is a memory leak in file binutils/readelf.c, get_data function. Here is the reproducing environment and procedure: Distributor ID: Ubuntu Description: Ubuntu 16.04.6 LTS Release: 16.04 Codename: xenial gcc: 5.4.0 compilation: CFLAGS="-fsanitize=address,undefined" ./configure ./readelf -agteSdcWw --dyn-syms -D poc Here is the error message: ================================================================= ==16847==ERROR: LeakSanitizer: detected memory leaks Direct leak of 180 byte(s) in 5 object(s) allocated from: #0 0x7ffff6f02602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602) #1 0x4d0694 in xmalloc (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4d0694) #2 0x4c19ef in xcmalloc (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4c19ef) #3 0x4af8ca in display_debug_frames (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4af8ca) #4 0x46172f in display_debug_section (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x46172f) #5 0x461f4b in process_section_contents (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x461f4b) #6 0x47c8e2 in process_object (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47c8e2) #7 0x47e950 in process_file (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47e950) #8 0x47ecd1 in main (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47ecd1) #9 0x7ffff5db382f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Direct leak of 90 byte(s) in 5 object(s) allocated from: #0 0x7ffff6f02602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602) #1 0x4d0694 in xmalloc (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4d0694) #2 0x4c19ef in xcmalloc (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4c19ef) #3 0x4af7f3 in display_debug_frames (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x4af7f3) #4 0x46172f in display_debug_section (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x46172f) #5 0x461f4b in process_section_contents (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x461f4b) #6 0x47c8e2 in process_object (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47c8e2) #7 0x47e950 in process_file (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47e950) #8 0x47ecd1 in main (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47ecd1) #9 0x7ffff5db382f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Direct leak of 19 byte(s) in 1 object(s) allocated from: #0 0x7ffff6f0279a in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x9879a) #1 0x41b632 in request_dump_bynumber (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x41b632) #2 0x42b94f in process_section_headers (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x42b94f) #3 0x47c6fd in process_object (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47c6fd) #4 0x47e950 in process_file (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47e950) #5 0x47ecd1 in main (/playground/playground/binutils-2.32-r/binutils-2.32/binutils/readelf+0x47ecd1) #6 0x7ffff5db382f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) SUMMARY: AddressSanitizer: 289 byte(s) leaked in 11 allocation(s). Regards,