Bug 29492

Summary: program nm-new bug report
Product: binutils Reporter: Shuang Po <sophrosx>
Component: binutilsAssignee: Not yet assigned to anyone <unassigned>
Status: RESOLVED MOVED    
Severity: normal    
Priority: P2    
Version: 2.40   
Target Milestone: ---   
Host: Target:
Build: Last reconfirmed:
Attachments: nm-new testcases

Description Shuang Po 2022-08-15 08:07:21 UTC 
Created attachment 14280 [details]
nm-new testcases

Hello,

I detected the memory leak and dead loop problems through fuzz testing, which I think be a vulnerability.

The configuration of binutils is:

$  ./configure --disable-shared && make -j

and compiled with gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0

I use the program nm-new in ~/binutils-gdb/binutils/nm-new with parameter "-C ./dead_loop_input", and after waiting 1 hours, the program neither giving any outputs nor terminating. What is more, the program nm-new occupied all the memory.

The testcase that trigger such results are in the attachment.

Thanks & Best Regards
Comment 1 Alan Modra 2022-08-15 09:07:30 UTC 
The endless looping is all in the rust demangler.  Please report these bugs to the gcc project at https://gcc.gnu.org/bugzilla/

It is helpful to report the symbols being demangled rather than supply object files.  They are:
1) _RYXBAL_OFFGLOBTABLE_
2) _RYFGNUSLT_FHStNB10ay_start
3) _RYDGLOBOFFSET_TABLE_
4) _RYFGDIC6gnu_compilediBtOhighlightEH_FRAME_HDR
5) _RYFUDGC6ShigdefaulttiBtOhighlightEH_FRAME_HDR
6) _RYFUDGC6Shighdignu_compiledhlightEH_FRAME_HDR
7) _RYFIMYeB_xDGLtSarray_start
8) _RYdMMYTopFinFGAarral_start
9) _RMYADGC0hdpnit_Grray_start
10) _RYNSMICu2FiFGtDBrray_s
11) _RYTOdPjesistePDGC1onRLab_e
12) _RIYADGO0Rdpnit_Grray_start
Comment 2 Shuang Po 2022-08-15 09:20:31 UTC 
(In reply to Alan Modra from comment #1)
> The endless looping is all in the rust demangler.  Please report these bugs
> to the gcc project at https://gcc.gnu.org/bugzilla/
> 
> It is helpful to report the symbols being demangled rather than supply
> object files.  They are:
> 1) _RYXBAL_OFFGLOBTABLE_
> 2) _RYFGNUSLT_FHStNB10ay_start
> 3) _RYDGLOBOFFSET_TABLE_
> 4) _RYFGDIC6gnu_compilediBtOhighlightEH_FRAME_HDR
> 5) _RYFUDGC6ShigdefaulttiBtOhighlightEH_FRAME_HDR
> 6) _RYFUDGC6Shighdignu_compiledhlightEH_FRAME_HDR
> 7) _RYFIMYeB_xDGLtSarray_start
> 8) _RYdMMYTopFinFGAarral_start
> 9) _RMYADGC0hdpnit_Grray_start
> 10) _RYNSMICu2FiFGtDBrray_s
> 11) _RYTOdPjesistePDGC1onRLab_e
> 12) _RIYADGO0Rdpnit_Grray_start

Thank you~