Dear all, The following bug was found with AFLFast, a fork of AFL, in a 24 hour fuzzing session on Binutils. Thanks also to Van-Thuan Pham. The assembler fails with an assertion violation for the following execution on Ubuntu 16.04 x86_64 and 14.04 x86_64 for Binutils v2.26.1 and trunk. It works fine for v2.24: $ printf "#10\"\n\" " > test $ ./as test test: Assembler messages: test:1: Warning: unterminated string; newline inserted test:2: Warning: unterminated string; newline inserted test:3: Internal error! Assertion failure in ignore_rest_of_line at read.c:3758. Please report this bug. After printing a warning message, ignore_rest_of_line in read.c attempts to skip to the end of line but finds itself no eol. Best regards, - Marcel
The master branch has been updated by Nick Clifton <nickc@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f49547a604b4dd2c75e3636d4a422d52edc4fa6c commit f49547a604b4dd2c75e3636d4a422d52edc4fa6c Author: Nick Clifton <nickc@redhat.com> Date: Mon Dec 5 17:36:45 2016 +0000 Fix fault in assembler when passed a bogus input file. PR gas/20902 * read.c (next_char_of_string): Do end advance past the end of the buffer.
Hi Marcel, Thanks for reporting this bug. I have checked in a patch to stop the assembler's parser from running off the end of the input string buffer, which should fix the problem. Cheers Nick
The master branch has been updated by Alan Modra <amodra@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0c56b5cfb68cd099e00f6fdb5ad08061c7b16b79 commit 0c56b5cfb68cd099e00f6fdb5ad08061c7b16b79 Author: Alan Modra <amodra@gmail.com> Date: Fri Jan 25 09:34:14 2019 +1030 PR24125, Assertion failure with embedded NULs in string An assertion that can be triggered by user input is wrong, so remove it. I believe the NUL would have been accepted before the PR20902 patch. PR 20902 PR 24125 * read.c (stringer): Delete assertion.