Issue 43796 in oss-fuzz: binutils:fuzz_as: Direct-leak in xmalloc
Updates: Labels: -restrict-view-commit -deadline-approaching Deadline-Exceeded Comment #3 on issue 43796 by sheriffbot: binutils:fuzz_as: Direct-leak in xmalloc https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43796#c3 This bug has exceeded our disclosure deadline. It has been opened to the public. - Your friendly Sheriffbot -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment.
[Bug gas/29067] gas: -gsomething-not-already-a-long-option does not get a diagnostic
https://sourceware.org/bugzilla/show_bug.cgi?id=29067 H.J. Lu changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|--- |FIXED Target Milestone|--- |2.39 Version|unspecified |2.39 (HEAD) --- Comment #2 from H.J. Lu --- Fixed by commit 6ea673e2d643b7b2283aa73d35b02dfc9aa7115f Author: H.J. Lu Date: Sat Apr 16 10:46:05 2022 -0700 as: Reject unknown -gXXX option * as.c (parse_args): Reject unknown -gXXX option. * testsuite/gas/all/empty.s: New file. * testsuite/gas/all/pr29067.d: Likewise. * testsuite/gas/all/pr29067.err: Likewise. * testsuite/gas/all/gas.exp: Run pr29067. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gprofng/29015] On Intel Skylake the call tree is incorrect
https://sourceware.org/bugzilla/show_bug.cgi?id=29015 Kurt Goebel changed: What|Removed |Added Status|UNCONFIRMED |NEW Ever confirmed|0 |1 CC||kurt.goebel at oracle dot com Last reconfirmed||2022-04-19 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 Ian Lance Taylor changed: What|Removed |Added CC||ian at airs dot com --- Comment #5 from Ian Lance Taylor --- I want to mention that the gold linker supports a --warn-execstack (and --no-warn-execstack) option. It would be helpful if GNU ld used the same spelling. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #4 from Nick Clifton --- Working on a fix. It adds two new warnings to the linker: warning: enabling an executable stack because of an executable .note.GNU-stack section in and: warning: enabling an executable stack because does not have a .note.GNU-stack section Testing is taking longer than expected because that second warning is triggered by a lot of tests in the linker testsuite -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #3 from Rui Ueyama --- Right. Unless you know the default behavior of GNU ld, it is very hard to foresee that adding a benign assembler file to your project could make it significantly vulnerable to the traditional stack overflow attack. It can be used for the supply chain attack. If you can sneak in an assembly file, the last thing to create a remote vulnerability is to find a buffer overflow bug. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #2 from Andreas Schwab --- More often, it's the lack of the stack note in an assembler source that inadvertently makes the stack executable, on platforms where it is the default. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 Nick Clifton changed: What|Removed |Added Status|UNCONFIRMED |ASSIGNED Assignee|unassigned at sourceware dot org |nickc at redhat dot com CC||nickc at redhat dot com Ever confirmed|0 |1 Last reconfirmed||2022-04-19 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 --- Comment #1 from Andreas Schwab --- Nested functions by itself don't require executable stacks, only when the address of such a function is passed outside its scope. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 Martin Liska changed: What|Removed |Added CC||mliska at suse dot cz -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/29072] New: ld silently make the program stack area executable if nested function is used
https://sourceware.org/bugzilla/show_bug.cgi?id=29072 Bug ID: 29072 Summary: ld silently make the program stack area executable if nested function is used Product: binutils Version: unspecified Status: UNCONFIRMED Severity: normal Priority: P2 Component: ld Assignee: unassigned at sourceware dot org Reporter: rui314 at gmail dot com Target Milestone: --- GCC's nested function (https://gcc.gnu.org/onlinedocs/gcc/Nested-Functions.html) depends on the executable stack, so the feature has a huge implication on a generated program's security. Essentially, using the nested function feature makes the entire program vulnerable to a simple buffer overflow attack. GNU ld makes the stack area executable if at least one object file contains a `.note.GNU-stack` section with `SHF_EXECINSTR`. GCC emits such section if the nested function feature is used. I think this surprises users. If you link against an object file that contains such note section, the program's entire executable becomes executable without any notice. Frankly, this looks very dangerous to me. Can we make a change to GNU ld so that it at least print out a warning message for the executable stack? If a user explicitly requests the executable stack by passing `-z execstack`, then we can mute the warning. -- You are receiving this mail because: You are on the CC list for the bug.