Bug 24891 - objdump memory leaks when parsing malformed archive
Summary: objdump memory leaks when parsing malformed archive
Status: RESOLVED FIXED
Alias: None
Product: binutils
Classification: Unclassified
Component: binutils (show other bugs)
Version: 2.33
: P2 normal
Target Milestone: 2.33
Assignee: Alan Modra
URL:
Keywords:
: 26060 (view as bug list)
Depends on:
Blocks:
 
Reported: 2019-08-08 00:15 UTC by Vincent Ulitzsch
Modified: 2020-05-29 12:54 UTC (History)
1 user (show)

See Also:
Host:
Target:
Build:
Last reconfirmed: 2019-08-28 00:00:00

Attachments
A file that causes the memory leak for objdump when being called like this: objdump -x leak (257 bytes, application/x-archive)
2019-08-08 00:15 UTC, Vincent Ulitzsch 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Vincent Ulitzsch 2019-08-08 00:15:53 UTC 
Created attachment 11942 [details]
A file that causes the memory leak for objdump when being called like this: objdump -x leak

objdump has several memory leaks when reading a malformed archive. The allocations in questions seem to happen in archive.c, when opening a nested file:
  /* It's not an element of a nested archive;
	 open the external file as a bfd.  */
      n_bfd = open_nested_file (filename, archive);
The n_bdf struct has several members that are not freed, for example:
      n_bfd->filename = xstrdup (filename);
Attached is a file that triggers the memory leaks. Find below an ASAN trace that should help with debugging:

[vincent@vincent build-binutils]$ ./binutils/objdump -x ./leak-c1325380ba3eb282d0b4e376d5153c4fb4ecc5b0 
In archive ../build_binutils_fuzzer/leak-c1325380ba3eb282d0b4e376d5153c4fb4ecc5b0:

�:     file format tekhex
�
architecture: UNKNOWN!, flags 0x00000000:

start address 0x00000000

Sections:
Idx Name          Size      VMA       LMA       File off  Algn
  0 $$^A          00000000  00000000  00000000  00000000  2**0
                  
SYMBOL TABLE:
no symbols


./binutils/objdump: ../build_binutils_fuzzer/leak-c1325380ba3eb282d0b4e376d5153c4fb4ecc5b0: malformed archive

=================================================================
==2786==ERROR: LeakSanitizer: detected memory leaks

Indirect leak of 52832 byte(s) in 13 object(s) allocated from:
    #0 0x500f60 in malloc (/home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/objdump+0x500f60)
    #1 0xa45b3e in objalloc_create /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/libiberty/../../libiberty/objalloc.c:95:23
    #2 0x6901d5 in bfd_hash_table_init_n /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/hash.c:385:28
    #3 0x697d20 in _bfd_new_bfd /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/opncls.c:84:8
    #4 0x697d83 in _bfd_new_bfd_contained_in /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/opncls.c:103:10
    #5 0x660664 in _bfd_create_empty_archive_element_shell /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:279:10
    #6 0x662edc in _bfd_get_elt_at_filepos /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:706:15
    #7 0x6641ed in bfd_generic_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:828:10
    #8 0x663f62 in bfd_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:796:10
    #9 0x664ad8 in bfd_generic_archive_p /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:905:15
    #10 0x68d76f in bfd_check_format_matches /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:322:14
    #11 0x68c70e in bfd_check_format /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:94:10
    #12 0x539bc9 in display_any_bfd /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4174:7
    #13 0x5393c8 in display_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4248:3
    #14 0x538be1 in main /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4567:6
    #15 0x7f8d35749f32 in __libc_start_main (/lib64/libc.so.6+0x23f32)

Indirect leak of 52832 byte(s) in 13 object(s) allocated from:
    #0 0x500f60 in malloc (/home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/objdump+0x500f60)
    #1 0xa45b3e in objalloc_create /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/libiberty/../../libiberty/objalloc.c:95:23
    #2 0x697c1d in _bfd_new_bfd /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/opncls.c:74:18
    #3 0x697d83 in _bfd_new_bfd_contained_in /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/opncls.c:103:10
    #4 0x660664 in _bfd_create_empty_archive_element_shell /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:279:10
    #5 0x662edc in _bfd_get_elt_at_filepos /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:706:15
    #6 0x6641ed in bfd_generic_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:828:10
    #7 0x663f62 in bfd_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:796:10
    #8 0x664ad8 in bfd_generic_archive_p /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:905:15
    #9 0x68d76f in bfd_check_format_matches /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:322:14
    #10 0x68c70e in bfd_check_format /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:94:10
    #11 0x539bc9 in display_any_bfd /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4174:7
    #12 0x5393c8 in display_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4248:3
    #13 0x538be1 in main /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4567:6
    #14 0x7f8d35749f32 in __libc_start_main (/lib64/libc.so.6+0x23f32)

Indirect leak of 3640 byte(s) in 13 object(s) allocated from:
    #0 0x500f60 in malloc (/home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/objdump+0x500f60)
    #1 0x693e4c in bfd_malloc /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/libbfd.c:275:9
    #2 0x694104 in bfd_zmalloc /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/libbfd.c:360:15
    #3 0x697b01 in _bfd_new_bfd /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/opncls.c:62:18
    #4 0x697d83 in _bfd_new_bfd_contained_in /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/opncls.c:103:10
    #5 0x660664 in _bfd_create_empty_archive_element_shell /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:279:10
    #6 0x662edc in _bfd_get_elt_at_filepos /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:706:15
    #7 0x6641ed in bfd_generic_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:828:10
    #8 0x663f62 in bfd_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:796:10
    #9 0x664ad8 in bfd_generic_archive_p /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:905:15
    #10 0x68d76f in bfd_check_format_matches /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:322:14
    #11 0x68c70e in bfd_check_format /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:94:10
    #12 0x539bc9 in display_any_bfd /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4174:7
    #13 0x5393c8 in display_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4248:3
    #14 0x538be1 in main /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4567:6
    #15 0x7f8d35749f32 in __libc_start_main (/lib64/libc.so.6+0x23f32)

Indirect leak of 3224 byte(s) in 13 object(s) allocated from:
    #0 0x5011ae in calloc (/home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/objdump+0x5011ae)
    #1 0x660fac in _bfd_calloc_wrapper /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:347:10
    #2 0xa3ec89 in htab_create_typed_alloc /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/libiberty/../../libiberty/hashtab.c:360:29
    #3 0xa3eba4 in htab_create_alloc /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/libiberty/../../libiberty/hashtab.c:285:10
    #4 0x660c0a in _bfd_add_bfd_to_archive_cache /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:361:20
    #5 0x663515 in _bfd_get_elt_at_filepos /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:739:7
    #6 0x6641ed in bfd_generic_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:828:10
    #7 0x663f62 in bfd_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:796:10
    #8 0x664ad8 in bfd_generic_archive_p /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:905:15
    #9 0x68d76f in bfd_check_format_matches /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:322:14
    #10 0x68c70e in bfd_check_format /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:94:10
    #11 0x539bc9 in display_any_bfd /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4174:7
    #12 0x5393c8 in display_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4248:3
    #13 0x538be1 in main /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4567:6
    #14 0x7f8d35749f32 in __libc_start_main (/lib64/libc.so.6+0x23f32)

Indirect leak of 1534 byte(s) in 13 object(s) allocated from:
    #0 0x500f60 in malloc (/home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/objdump+0x500f60)
    #1 0x693e4c in bfd_malloc /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/libbfd.c:275:9
    #2 0x694104 in bfd_zmalloc /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/libbfd.c:360:15
    #3 0x661da9 in _bfd_generic_read_ar_hdr_mag /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:589:27
    #4 0x660fd8 in _bfd_generic_read_ar_hdr /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:477:10
    #5 0x662a54 in _bfd_get_elt_at_filepos /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:658:44
    #6 0x6641ed in bfd_generic_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:828:10
    #7 0x663f62 in bfd_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:796:10
    #8 0x664ad8 in bfd_generic_archive_p /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:905:15
    #9 0x68d76f in bfd_check_format_matches /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:322:14
    #10 0x68c70e in bfd_check_format /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:94:10
    #11 0x539bc9 in display_any_bfd /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4174:7
    #12 0x5393c8 in display_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4248:3
    #13 0x538be1 in main /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4567:6
    #14 0x7f8d35749f32 in __libc_start_main (/lib64/libc.so.6+0x23f32)

Indirect leak of 1456 byte(s) in 13 object(s) allocated from:
    #0 0x5011ae in calloc (/home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/objdump+0x5011ae)
    #1 0x660fac in _bfd_calloc_wrapper /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:347:10
    #2 0xa3ec57 in htab_create_typed_alloc /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/libiberty/../../libiberty/hashtab.c:357:21
    #3 0xa3eba4 in htab_create_alloc /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/libiberty/../../libiberty/hashtab.c:285:10
    #4 0x660c0a in _bfd_add_bfd_to_archive_cache /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:361:20
    #5 0x663515 in _bfd_get_elt_at_filepos /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:739:7
    #6 0x6641ed in bfd_generic_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:828:10
    #7 0x663f62 in bfd_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:796:10
    #8 0x664ad8 in bfd_generic_archive_p /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:905:15
    #9 0x68d76f in bfd_check_format_matches /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:322:14
    #10 0x68c70e in bfd_check_format /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:94:10
    #11 0x539bc9 in display_any_bfd /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4174:7
    #12 0x5393c8 in display_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4248:3
    #13 0x538be1 in main /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4567:6
    #14 0x7f8d35749f32 in __libc_start_main (/lib64/libc.so.6+0x23f32)

Indirect leak of 312 byte(s) in 13 object(s) allocated from:
    #0 0x500f60 in malloc (/home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/objdump+0x500f60)
    #1 0xa45b11 in objalloc_create /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/libiberty/../../libiberty/objalloc.c:91:29
    #2 0x6901d5 in bfd_hash_table_init_n /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/hash.c:385:28
    #3 0x697d20 in _bfd_new_bfd /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/opncls.c:84:8
    #4 0x697d83 in _bfd_new_bfd_contained_in /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/opncls.c:103:10
    #5 0x660664 in _bfd_create_empty_archive_element_shell /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:279:10
    #6 0x662edc in _bfd_get_elt_at_filepos /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:706:15
    #7 0x6641ed in bfd_generic_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:828:10
    #8 0x663f62 in bfd_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:796:10
    #9 0x664ad8 in bfd_generic_archive_p /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:905:15
    #10 0x68d76f in bfd_check_format_matches /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:322:14
    #11 0x68c70e in bfd_check_format /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:94:10
    #12 0x539bc9 in display_any_bfd /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4174:7
    #13 0x5393c8 in display_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4248:3
    #14 0x538be1 in main /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4567:6
    #15 0x7f8d35749f32 in __libc_start_main (/lib64/libc.so.6+0x23f32)

Indirect leak of 312 byte(s) in 13 object(s) allocated from:
    #0 0x500f60 in malloc (/home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/objdump+0x500f60)
    #1 0xa45b11 in objalloc_create /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/libiberty/../../libiberty/objalloc.c:91:29
    #2 0x697c1d in _bfd_new_bfd /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/opncls.c:74:18
    #3 0x697d83 in _bfd_new_bfd_contained_in /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/opncls.c:103:10
    #4 0x660664 in _bfd_create_empty_archive_element_shell /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:279:10
    #5 0x662edc in _bfd_get_elt_at_filepos /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:706:15
    #6 0x6641ed in bfd_generic_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:828:10
    #7 0x663f62 in bfd_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:796:10
    #8 0x664ad8 in bfd_generic_archive_p /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:905:15
    #9 0x68d76f in bfd_check_format_matches /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:322:14
    #10 0x68c70e in bfd_check_format /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:94:10
    #11 0x539bc9 in display_any_bfd /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4174:7
    #12 0x5393c8 in display_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4248:3
    #13 0x538be1 in main /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4567:6
    #14 0x7f8d35749f32 in __libc_start_main (/lib64/libc.so.6+0x23f32)

Indirect leak of 26 byte(s) in 13 object(s) allocated from:
    #0 0x500f60 in malloc (/home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/objdump+0x500f60)
    #1 0xa48af7 in xmalloc /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/libiberty/../../libiberty/xmalloc.c:147:12
    #2 0xa48cac in xstrdup /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/libiberty/../../libiberty/xstrdup.c:34:24
    #3 0x6630f7 in _bfd_get_elt_at_filepos /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:724:25
    #4 0x6641ed in bfd_generic_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:828:10
    #5 0x663f62 in bfd_openr_next_archived_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:796:10
    #6 0x664ad8 in bfd_generic_archive_p /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/archive.c:905:15
    #7 0x68d76f in bfd_check_format_matches /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:322:14
    #8 0x68c70e in bfd_check_format /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/bfd/../../bfd/format.c:94:10
    #9 0x539bc9 in display_any_bfd /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4174:7
    #10 0x5393c8 in display_file /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4248:3
    #11 0x538be1 in main /home/vincent/Documents/Research/fuzzing/binutils-gdb/build-binutils/binutils/../../binutils/objdump.c:4567:6
    #12 0x7f8d35749f32 in __libc_start_main (/lib64/libc.so.6+0x23f32)

SUMMARY: AddressSanitizer: 116168 byte(s) leaked in 117 allocation(s).
Comment 1 Sourceware Commits 2019-08-28 23:32:07 UTC 
The master branch has been updated by Alan Modra <amodra@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=83cf0d04dcdc9a4e7f105a517390e4c1af444340

commit 83cf0d04dcdc9a4e7f105a517390e4c1af444340
Author: Alan Modra <amodra@gmail.com>
Date:   Wed Aug 28 16:34:34 2019 +0930

    PR24891, objdump memory leaks when parsing malformed archive
    
    BFD was leaking memory in bfd_check_format_matches.  As part of
    deciding the proper format of an archive, BFD looks at the format of
    the first file stored.  That file's bfd was left open for reasons
    given in a comment removed in git commit 0e71e4955cd1 that said:
                 /* We ought to close `first' here, but we can't, because
                    we have no way to remove it from the archive cache.
                    It's close to impossible to figure out when we can
                    release bfd_ardata.  FIXME.  */
    Well, things have changed since that comment was true and we now can
    remove files from the archive cache.  Closing the first file is good
    and cures some of the leaks.  Other leaks are caused by
    bfd_check_format_matches throwing away bfd tdata before trying a new
    match.  That lost the element cache set up when format checking the
    first element in the archive.  The easiest and cleanest fix is to
    simply disable the caching when checking the first element.
    
    	PR 24891
    	* bfd.c (struct bfd): Add no_element_cache.
    	* archive.c (_bfd_get_elt_at_filepos): Don't add element to
    	archive cache when no_element_cache.
    	(bfd_generic_archive_p): Set no_element_cache when opening first
    	element to check format.  Close first element too.
    	(do_slurp_bsd_armap): Don't zero ardata->cache here.
    	* bfd-in2.h: Regenerate.
Comment 2 Alan Modra 2019-08-29 00:48:45 UTC 
Fixed.
Comment 3 Alan Modra 2019-08-29 00:51:52 UTC 
Since the leak can and does occur on archives without any fuzzing, putting the importance and priority back to normal.
Comment 4 H.J. Lu 2020-05-29 12:54:22 UTC 
*** Bug 26060 has been marked as a duplicate of this bug. ***