29492 – program nm-new bug report

Bug 29492 - program nm-new bug report

Summary: program nm-new bug report

Status:	RESOLVED MOVED

Alias:	None

Product:	binutils
Classification:	Unclassified
Component:	binutils (show other bugs)
Version:	2.40

Importance:	P2 normal
Target Milestone:	---
Assignee:	Not yet assigned to anyone

URL:
Keywords:

Depends on:
Blocks:

Reported:	2022-08-15 08:07 UTC by Shuang Po
Modified:	2022-08-15 09:20 UTC (History)
CC List:	0 users

See Also:
Host:
Target:
Build:
Last reconfirmed:

Attachments
nm-new testcases (32.67 KB, application/x-zip-compressed) 2022-08-15 08:07 UTC, Shuang Po	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Shuang Po 2022-08-15 08:07:21 UTC

Created attachment 14280 [details]
nm-new testcases

Hello,

I detected the memory leak and dead loop problems through fuzz testing, which I think be a vulnerability.

The configuration of binutils is:

$  ./configure --disable-shared && make -j

and compiled with gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0

I use the program nm-new in ~/binutils-gdb/binutils/nm-new with parameter "-C ./dead_loop_input", and after waiting 1 hours, the program neither giving any outputs nor terminating. What is more, the program nm-new occupied all the memory.

The testcase that trigger such results are in the attachment.

Thanks & Best Regards

Comment 1 Alan Modra 2022-08-15 09:07:30 UTC

The endless looping is all in the rust demangler.  Please report these bugs to the gcc project at https://gcc.gnu.org/bugzilla/

It is helpful to report the symbols being demangled rather than supply object files.  They are:
1) _RYXBAL_OFFGLOBTABLE_
2) _RYFGNUSLT_FHStNB10ay_start
3) _RYDGLOBOFFSET_TABLE_
4) _RYFGDIC6gnu_compilediBtOhighlightEH_FRAME_HDR
5) _RYFUDGC6ShigdefaulttiBtOhighlightEH_FRAME_HDR
6) _RYFUDGC6Shighdignu_compiledhlightEH_FRAME_HDR
7) _RYFIMYeB_xDGLtSarray_start
8) _RYdMMYTopFinFGAarral_start
9) _RMYADGC0hdpnit_Grray_start
10) _RYNSMICu2FiFGtDBrray_s
11) _RYTOdPjesistePDGC1onRLab_e
12) _RIYADGO0Rdpnit_Grray_start

Comment 2 Shuang Po 2022-08-15 09:20:31 UTC

(In reply to Alan Modra from comment #1)
> The endless looping is all in the rust demangler.  Please report these bugs
> to the gcc project at https://gcc.gnu.org/bugzilla/
> 
> It is helpful to report the symbols being demangled rather than supply
> object files.  They are:
> 1) _RYXBAL_OFFGLOBTABLE_
> 2) _RYFGNUSLT_FHStNB10ay_start
> 3) _RYDGLOBOFFSET_TABLE_
> 4) _RYFGDIC6gnu_compilediBtOhighlightEH_FRAME_HDR
> 5) _RYFUDGC6ShigdefaulttiBtOhighlightEH_FRAME_HDR
> 6) _RYFUDGC6Shighdignu_compiledhlightEH_FRAME_HDR
> 7) _RYFIMYeB_xDGLtSarray_start
> 8) _RYdMMYTopFinFGAarral_start
> 9) _RMYADGC0hdpnit_Grray_start
> 10) _RYNSMICu2FiFGtDBrray_s
> 11) _RYTOdPjesistePDGC1onRLab_e
> 12) _RIYADGO0Rdpnit_Grray_start

Thank you~