Bug ID: 20897
           Summary: AS: dumping stats in folder leads to a crash
           Product: binutils
           Version: 2.28 (HEAD)
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: gas
          Assignee: unassigned at sourceware dot org
          Reporter: boehme.marcel at gmail dot com
  Target Milestone: ---

Dear all,

The following bug was found with AFLFast, a fork of AFL, in a 24 hour fuzzing
session on Binutils. Thanks also to Van-Thuan Pham.

The assembler crashes for the following execution on Ubuntu 16.04 x86_64 and
14.04 x86_64 for Binutils v2.24, v2.26.1, and trunk:

$ touch a
$ as --statistics -o/ a
Assembler messages:
Fatal error: can't create /: Is a directory
as: total time in assembly: 0.000000
as: data size 135168
frag chains:
Segmentation fault

Valgrind says:
==121985== Invalid read of size 8
==121985==    at 0x4E2393: subsegs_print_statistics (subsegs.c:301)
==121985==    by 0x412394: dump_statistics (as.c:1058)
==121985==    by 0x9D7F71: xatexit_cleanup (xatexit.c:98)
==121985==    by 0x9D8C85: xexit (xexit.c:50)
==121985==    by 0x479EC1: as_fatal (messages.c:286)
==121985==    by 0x47B306: output_file_create (output-file.c:43)
==121985==    by 0x407BA7: main (as.c:1256)
==121985==  Address 0x90 is not stack'd, malloc'd or (recently) free'd

Best regards,
- Marcel

You are receiving this mail because:
You are on the CC list for the bug.
bug-binutils mailing list

Reply via email to