https://sourceware.org/bugzilla/show_bug.cgi?id=17512
--- Comment #33 from Hanno Boeck <hanno at hboeck dot de> --- Created attachment 7869 --> https://sourceware.org/bugzilla/attachment.cgi?id=7869&action=edit ihex stack overflow Hi Nick, thanks. One fixed, one more fuzzed :-) ==25054== ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fffdcc2b2d8 at pc 0x4fa49a bp 0x7fffdcc2b1e0 sp 0x7fffdcc2b1d8 READ of size 1 at 0x7fffdcc2b2d8 thread T0 #0 0x4fa499 in ihex_scan /data/binutils/binutils-gdb-asan/bfd/ihex.c:324:0 #1 0x4fc449 in ihex_object_p /data/binutils/binutils-gdb-asan/bfd/ihex.c:526:0 #2 0x4cf130 in bfd_check_format_matches /data/binutils/binutils-gdb-asan/bfd/format.c:305:0 #3 0x41284d in display_object_bfd /data/binutils/binutils-gdb-asan/binutils/./objdump.c:3313:0 #4 0x412b85 in display_any_bfd /data/binutils/binutils-gdb-asan/binutils/./objdump.c:3389:0 #5 0x412bf6 in display_file /data/binutils/binutils-gdb-asan/binutils/./objdump.c:3410:0 #6 0x41370e in main /data/binutils/binutils-gdb-asan/binutils/./objdump.c:3692:0 #7 0x7f7d7cc57a64 in __libc_start_main ??:0:0 #8 0x402f78 in _start ??:0:0 Address 0x7fffdcc2b2d8 is located at offset 104 in frame <ihex_scan> of T0's stack: This frame has 3 object(s): [32, 36) 'error' [96, 104) 'hdr' [160, 180) 'secbuf' HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext (longjmp and C++ exceptions *are* supported) Shadow bytes around the buggy address: 0x10007b97d600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10007b97d610: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10007b97d620: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10007b97d630: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10007b97d640: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 =>0x10007b97d650: f1 f1 04 f4 f4 f4 f2 f2 f2 f2 00[f4]f4 f4 f2 f2 0x10007b97d660: f2 f2 00 00 04 f4 00 00 00 00 00 00 00 00 00 00 0x10007b97d670: 00 00 00 00 f1 f1 f1 f1 00 01 f4 f4 00 00 00 00 0x10007b97d680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10007b97d690: 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00 00 0x10007b97d6a0: 00 00 00 00 00 00 f3 f3 f3 f3 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap righ redzone: fb Freed Heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 ASan internal: fe ==25054== ABORTING -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
