Bug 27965 - nm-new stuck in infinite loop while demangling rust symbol
Summary: nm-new stuck in infinite loop while demangling rust symbol
Status: RESOLVED MOVED
Alias: None
Product: binutils
Classification: Unclassified
Component: binutils (show other bugs)
Version: 2.37
: P2 normal
Target Milestone: ---
Assignee: Alan Modra
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-06-08 02:21 UTC by terrynini38514
Modified: 2021-06-08 10:03 UTC (History)
0 users

See Also:
Host:
Target:
Build:
Last reconfirmed:


Attachments
damagle loop POC (89 bytes, text/x-matlab)
2021-06-08 02:21 UTC, terrynini38514
Details
attachment-442918-0.html (838 bytes, text/html)
2021-06-08 10:03 UTC, terrynini38514
Details

Note You need to log in before you can comment on or make changes to this bug.
Description terrynini38514 2021-06-08 02:21:13 UTC
Created attachment 13485 [details]
damagle loop POC

The POC was attached and it can be reproduced in latest version of binutils.
The POC cause nm-new stuck in infinite loop at rust-demangle.c:1024 and rust-demangle.c:747 while using the nm-new with option -C.

And I want to apply for CVE, if that requires me to do anything more, like attach a valid patch or something ? Please let me know, thanks.
Comment 1 Alan Modra 2021-06-08 03:34:39 UTC
I've verified that your testcase does cause infinite recursion and a segfault, both with current binutils and with libiberty/rust-demangle.c from gcc, however gcc is the project that owns libiberty.  The correct place to report problems in the demangler is https://gcc.gnu.org/bugzilla/.  I've marked this bug as moved but will leave it up to you to create a new gcc bug.
Comment 2 terrynini38514 2021-06-08 10:03:11 UTC
Created attachment 13487 [details]
attachment-442918-0.html

Thank you very much, I'm waiting gcc to create my account for reporting.

amodra at gmail dot com <sourceware-bugzilla@sourceware.org> 於 2021年6月8日 週二
上午11:34寫道:

> https://sourceware.org/bugzilla/show_bug.cgi?id=27965
>
> Alan Modra <amodra at gmail dot com> changed:
>
>            What    |Removed                     |Added
>
> ----------------------------------------------------------------------------
>              Status|UNCONFIRMED                 |RESOLVED
>          Resolution|---                         |MOVED
>            Assignee|unassigned at sourceware dot org   |amodra at gmail
> dot com
>
> --- Comment #1 from Alan Modra <amodra at gmail dot com> ---
> I've verified that your testcase does cause infinite recursion and a
> segfault,
> both with current binutils and with libiberty/rust-demangle.c from gcc,
> however
> gcc is the project that owns libiberty.  The correct place to report
> problems
> in the demangler is https://gcc.gnu.org/bugzilla/.  I've marked this bug
> as
> moved but will leave it up to you to create a new gcc bug.
>
> --
> You are receiving this mail because:
> You reported the bug.