https://sourceware.org/bugzilla/show_bug.cgi?id=24048
--- Comment #2 from zerokeeper <0x0keeper at gmail dot com> --- update,update!i'm so sorry.the second comment is bug 24049,i comment worng. this first comment AddressSanitizer symbolize ==14781==ERROR: LeakSanitizer: detected memory leaks Direct leak of 528 byte(s) in 1 object(s) allocated from: #0 0x7fc1cf81e602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602) #1 0x555afc in xmalloc xmalloc.c:147 SUMMARY: AddressSanitizer: 528 byte(s) leaked in 1 allocation(s). now i fuzz a new poc to memory leak in readelf.c:425 ➜ binutils-2.31 ./binutils/readelf -a binutils-readelf--memory-leak-filedata ELF Header: Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 Class: ELF64 Data: 2's complement, little endian Version: 1 (current) OS/ABI: UNIX - System V ABI Version: 0 Type: <unknown>: 1002 Machine: Advanced Micro Devices X86-64 Version: 0x1 Entry point address: 0x400720 Start of program headers: 64 (bytes into file) Start of section headers: 28880 (bytes into file) Flags: 0x0 Size of this header: 64 (bytes) Size of program headers: 56 (bytes) Number of program headers: 10 Size of section headers: 64 (bytes) Number of section headers: 37 Section header string table index: 34 Section Headers: [Nr] Name Type Address Offset Size EntSize Flags Link Info Align [ 0] NULL 0000000000000000 00000000 0000000000000000 0000000000000000 0 0 0 [ 1] .intÿ PROGBITS 0000000000400270 00000270 000000000000001c 0000000000000000 A 0 0 1 [ 2] .note.ABI-tag NOTE 000000000040028c 0000028c 0000000000000020 0000000000000000 A 0 0 4294967277 [ 3] .gnu.hash ........... ........... Version symbols section '.gnu.version' contains 11 entries: Addr: 0000000000400514 Offset: 0x000514 Link: 4 (.dynsym) 000: 0 (*local*) 0 (*local*) 0 (*local*) 2 (GLIBCXX_3.4) 004: 3 (GLIBC_2.2.5) 3 (GLIBC_2.2.5) 0 (*local*) 2 (GLIBCXX_3.4) 008: 0 (*local*) 2 (GLIBCXX_3.4) 2 (GLIBCXX_3.4) Version needs section '.gnu.version_r' contains 2 entries: Addr: 0x0000000000400530 Offset: 0x000530 Link: 5 (.dynstr) 000000: Version: 1 File: libc.so.6 Cnt: 1 0x0010: Name: GLIBC_2.2.5 Flags: none Version: 3 0x0020: Version: 1 File: libstdc++.so.6 Cnt: 1 0x0030: Name: GLIBCXX_3.4 Flags: none Version: 2 Displaying notes found in: .note.ABI-tag readelf: Warning: Corrupt note: alignment 4294967277, expecting 4 or 8 ================================================================= ==21374==ERROR: LeakSanitizer: detected memory leaks Direct leak of 33 byte(s) in 1 object(s) allocated from: #0 0x7f8f21c8b602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602) #1 0x425ffb in get_data /root/fuzz/binutils-2.31/binutils/readelf.c:425 SUMMARY: AddressSanitizer: 33 byte(s) leaked in 1 allocation(s). here is code readelf.c:425 410 411 if (fseek (filedata->handle, archive_file_offset + offset, SEEK_SET)) 412 { 413 if (reason) 414 error (_("Unable to seek to 0x%lx for %s\n"), 415 archive_file_offset + offset, reason); 416 return NULL; 417 } 418 419 mvar = var; 420 if (mvar == NULL) 421 { 422 /* Check for overflow. */ 423 if (nmemb < (~(bfd_size_type) 0 - 1) / size) 424 /* + 1 so that we can '\0' terminate invalid string table sections. */ 425 mvar = malloc ((size_t) amt + 1); 426 427 if (mvar == NULL) 428 { 429 if (reason) 430 error (_("Out of memory allocating %s bytes for %s\n"), 431 bfd_vmatoa ("u", amt), reason); 432 return NULL; 433 } -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils