https://sourceware.org/bugzilla/show_bug.cgi?id=23054
Bug ID: 23054 Summary: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1) Product: binutils Version: 2.30 Status: UNCONFIRMED Severity: normal Priority: P2 Component: gas Assignee: unassigned at sourceware dot org Reporter: sergej at schumilo dot de Target Milestone: --- Created attachment 10942 --> https://sourceware.org/bugzilla/attachment.cgi?id=10942&action=edit as-new executable, ASAN reports and crashing inputs Dear all, after reporting the following bugs to the Ubuntu security team (https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763096), we were ask to report them directly to the binutils developers: ---------------------------------------------------- Dear all, The following binutils as-new memory corruptions were found by a modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL). I have attached the crashing inputs and each ASAN report. Steps to reproduce: Build current verison of binutils: ``` pull-lp-source binutils cd binutils-2.30 CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" ./configure CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" make ``` run inputs under ASAN: ``` ASAN_OPTIONS=halt_on_error=false:allow_addr2line=true ./as-new $file ``` We can verify those issues for as-new binuitils-2.30-15ubuntu1 (Ubuntu 16.04.4 LTS / sources from "pull-lp-source bintuils"). Credits: Sergej Schumilo, Cornelius Aschermann (both of Ruhr-Universität Bochum) Best regards, Sergej Schumilo -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils