https://sourceware.org/bugzilla/show_bug.cgi?id=26007
Bug ID: 26007 Summary: [objdump] memory exhaustion Product: binutils Version: 2.35 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: dkcjd2000 at gmail dot com Target Milestone: --- Created attachment 12553 --> https://sourceware.org/bugzilla/attachment.cgi?id=12553&action=edit crash test case Hello, I'm currently developing a new fuzzing feature, and I found a possible memory leak of objdump with memory exhaustion. I downloaded from git master, and I built it with Ubuntu 16.04 with gcc 5.4.0 with ASAN, and the following command to build objdump from the source: CFLAGS="-O1 -fsanitize=address -U_FORTIFY_SOURCE" ./configure; make clean all; Both with or without ASAN, objdump show memory exhaustion. You can reproduce the crash with the following command: ./objdump -d <attached file> The AddressSanitizer message of the crash is: ==6194==AddressSanitizer CHECK failed: ../../../../src/libsanitizer/sanitizer_common/sanitizer_posix.cc:121 "(("unable to mmap" && 0)) != (0)" (0x0, 0x0) #0 0x7fed3dbb7631 (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa0631) #1 0x7fed3dbbc5e3 in __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xa55e3) #2 0x7fed3dbc4611 (/usr/lib/x86_64-linux-gnu/libasan.so.2+0xad611) #3 0x7fed3db39c0c (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x22c0c) #4 0x7fed3dbaf5d2 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x985d2) #5 0x6409e3 in _objalloc_alloc (/home/cheong/results/crashes/objdump_crash/objdump.master_asan+0x6409e3) #6 0x4acee2 in bfd_alloc (/home/cheong/results/crashes/objdump_crash/objdump.master_asan+0x4acee2) #7 0x5876f9 in bfd_elf32_slurp_reloc_table (/home/cheong/results/crashes/objdump_crash/objdump.master_asan+0x5876f9) #8 0x50e98d in _bfd_elf_canonicalize_dynamic_reloc (/home/cheong/results/crashes/objdump_crash/objdump.master_asan+0x50e98d) #9 0x4db3ac in _bfd_x86_elf_get_synthetic_symtab (/home/cheong/results/crashes/objdump_crash/objdump.master_asan+0x4db3ac) #10 0x582c38 in elf_i386_get_synthetic_symtab (/home/cheong/results/crashes/objdump_crash/objdump.master_asan+0x582c38) #11 0x40bf90 in dump_bfd (/home/cheong/results/crashes/objdump_crash/objdump.master_asan+0x40bf90) #12 0x40c9e7 in display_any_bfd (/home/cheong/results/crashes/objdump_crash/objdump.master_asan+0x40c9e7) #13 0x40cb6d in display_file (/home/cheong/results/crashes/objdump_crash/objdump.master_asan+0x40cb6d) #14 0x413e47 in main (/home/cheong/results/crashes/objdump_crash/objdump.master_asan+0x413e47) #15 0x7fed3d56982f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) #16 0x403268 in _start (/home/cheong/results/crashes/objdump_crash/objdump.master_asan+0x403268) -- You are receiving this mail because: You are on the CC list for the bug.