[Bug gas/24009] read.c stringer should return when an error occured
https://sourceware.org/bugzilla/show_bug.cgi?id=24009 --- Comment #3 from wuheng --- (In reply to Nick Clifton from comment #2) > Hi Wu Heng, > > Thanks for reporting this bug, and for supplying a patch. > > I have checked your patch in, along with a new ChangeLog entry. > > Cheers > Nick Thank you for verifying and merging this patch. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/24005] objdump integer overflow in load_specific_debug_section
https://sourceware.org/bugzilla/show_bug.cgi?id=24005 Nick Clifton changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED CC||nickc at redhat dot com Resolution|--- |FIXED --- Comment #3 from Nick Clifton --- Hi mhsec, Thanks for reporting this problem. Unfortunately your proposed patch will not work as it will prevent the tools from handling 64-bit binaries with very large section sizes. Instead I have checked in an alternative patch which checks for integer overflow before attempting to allocate any memory, which prevents the heap corruption from happening. Cheers Nick -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/24039] integer overflow in libiberty, heap overflow will be triggered
https://sourceware.org/bugzilla/show_bug.cgi?id=24039 mhsec changed: What|Removed |Added CC||tfx_sec at hotmail dot com -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/24001] A memory leak issue was discovered in function debug_init in debug.c
https://sourceware.org/bugzilla/show_bug.cgi?id=24001 --- Comment #2 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Nick Clifton : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=cf0ad5bbf2d3fdb751b5f3f49e55d251d48c7416 commit cf0ad5bbf2d3fdb751b5f3f49e55d251d48c7416 Author: Nick Clifton Date: Fri Jan 4 12:11:51 2019 + Fix ridiculously small memory leak. PR 24001 * objcopy.c (copy_object): Free dhandle after writing out the debug information. * objdump.c (dump_bfd): Free dhandle after printing out the debug information. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/24001] A memory leak issue was discovered in function debug_init in debug.c
https://sourceware.org/bugzilla/show_bug.cgi?id=24001 Nick Clifton changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED CC||nickc at redhat dot com Resolution|--- |FIXED --- Comment #3 from Nick Clifton --- Well this is the most trivial bug report that I have ever had to look at. Honestly is it really worth reporting a memory leak of a few tens of bytes, especially when they are released when the programs terminate ? Anyway, I have gone ahead and fixed it because it was simple to trace down the uses of the allocated structure and add a couple of free() statements. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/24005] objdump integer overflow in load_specific_debug_section
https://sourceware.org/bugzilla/show_bug.cgi?id=24005 --- Comment #2 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Nick Clifton : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca commit 11fa9f134fd658075c6f74499c780df045d9e9ca Author: Nick Clifton Date: Fri Jan 4 13:44:34 2019 + Fix a possible integer overflow problem when examining corrupt binaries using a 32-bit binutil. PR 24005 * objdump.c (load_specific_debug_section): Check for integer overflow before attempting to allocate contents. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/24005] objdump integer overflow in load_specific_debug_section
https://sourceware.org/bugzilla/show_bug.cgi?id=24005 --- Comment #5 from Nick Clifton --- (In reply to mhsec from comment #4) > I think the problem still exist if file size more than 0x1. A file bigger than 100 gigabytes ? Yes that probably would cause problems for lots of tools, not just objdump. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug gas/24010] macro.c get_any_string should check bounds in the while-loop
https://sourceware.org/bugzilla/show_bug.cgi?id=24010 Nick Clifton changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED CC||nickc at redhat dot com Resolution|--- |FIXED --- Comment #2 from Nick Clifton --- Hi Wu Heng, Thanks (again) for the bug report and patch. I have applied the patch along with a new ChangeLog entry. Cheers Nick -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/24005] objdump integer overflow in load_specific_debug_section
https://sourceware.org/bugzilla/show_bug.cgi?id=24005 --- Comment #6 from mhsec --- It's 4GB, not 100GB. Of course I also think that this situation does not have to be considered. So my patch might work. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/24043] Heap-buffer-overflow problem in function d_expression_1 in cp-demangle.c, as demonstrated by c++filt
https://sourceware.org/bugzilla/show_bug.cgi?id=24043 Nick Clifton changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED CC||nickc at redhat dot com Resolution|--- |MOVED --- Comment #4 from Nick Clifton --- Hi wcventure, Thanks for reporting this problem. Unfortunately the cp-demangle.c source file, although used by the binutils, is actually maintained by the gcc project. Therefore please could you report this bug here: https://gcc.gnu.org/bugzilla/enter_bug.cgi?product=gcc_remember=on_restrictlogin=on=Log%20in Cheers Nick -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/24055] _bfd_xcoff_swap_aux_in smashes the stack
https://sourceware.org/bugzilla/show_bug.cgi?id=24055 Nick Clifton changed: What|Removed |Added Status|UNCONFIRMED |ASSIGNED Last reconfirmed||2019-01-04 Ever confirmed|0 |1 --- Comment #4 from Nick Clifton --- (In reply to Wolfgang Thaller from comment #3) Hi Wolfgang, Yes you are right - my patch is completely wrong. :-( It looks like we need to revisit the callers of swap_aux_in and make sure that they allocate enough space for the auxillary entries. *sigh* Would you like to have a go at this ? :-) If not then I will look at it my copious free time... Cheers Nick -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug gas/24010] macro.c get_any_string should check bounds in the while-loop
https://sourceware.org/bugzilla/show_bug.cgi?id=24010 --- Comment #1 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Nick Clifton : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1b2ed39c3a7ee2870f3d16a510d31e8d5916afbc commit 1b2ed39c3a7ee2870f3d16a510d31e8d5916afbc Author: Wu Heng Date: Fri Jan 4 16:18:59 2019 + Fix potential buffer overrun whilst scanning macro strings. PR 24010 * macro.c (get_any_string): Check for end of input whilst scanning for separators. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/24005] objdump integer overflow in load_specific_debug_section
https://sourceware.org/bugzilla/show_bug.cgi?id=24005 --- Comment #4 from mhsec --- (In reply to Nick Clifton from comment #3) > Hi mhsec, > > Thanks for reporting this problem. Unfortunately your proposed patch > will not work as it will prevent the tools from handling 64-bit binaries > with very large section sizes. > > Instead I have checked in an alternative patch which checks for integer > overflow before attempting to allocate any memory, which prevents the > heap corruption from happening. > > Cheers > Nick Hi Nick I think the problem still exist if file size more than 0x1. `amt > bfd_get_file_size (abfd)` -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug gas/24009] read.c stringer should return when an error occured
https://sourceware.org/bugzilla/show_bug.cgi?id=24009 --- Comment #1 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Nick Clifton : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bdfb4455977ffdd2d3f8dc81f25f6ba1ea2a7f49 commit bdfb4455977ffdd2d3f8dc81f25f6ba1ea2a7f49 Author: Wu Heng Date: Fri Jan 4 15:58:02 2019 + Fix bug parsing angle bracketed string sequences. PR 24009 * read.c (stringer): Fix handling of missing '>' character at end of <...> sequence. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug gas/24009] read.c stringer should return when an error occured
https://sourceware.org/bugzilla/show_bug.cgi?id=24009 Nick Clifton changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED CC||nickc at redhat dot com Resolution|--- |FIXED --- Comment #2 from Nick Clifton --- Hi Wu Heng, Thanks for reporting this bug, and for supplying a patch. I have checked your patch in, along with a new ChangeLog entry. Cheers Nick -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/24043] Heap-buffer-overflow problem in function d_expression_1 in cp-demangle.c, as demonstrated by c++filt
https://sourceware.org/bugzilla/show_bug.cgi?id=24043 --- Comment #5 from wcventure --- This issue is moved to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629 -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/24055] _bfd_xcoff_swap_aux_in smashes the stack
https://sourceware.org/bugzilla/show_bug.cgi?id=24055 --- Comment #5 from Wolfgang Thaller --- I'll have some free time left this weekend, so I'll have another look at those call sites and report back. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/24064] New: bfd/warning.m4 warning detection broken when !defined(__GNUC__)
https://sourceware.org/bugzilla/show_bug.cgi?id=24064 Bug ID: 24064 Summary: bfd/warning.m4 warning detection broken when !defined(__GNUC__) Product: binutils Version: 2.32 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: andrew at ishiboo dot com Target Milestone: --- Created attachment 11511 --> https://sourceware.org/bugzilla/attachment.cgi?id=11511=edit Adjust bfd/warning.m4 egrep patterns `bfd/warning.m4` performs `egrep` checks against the preprocessor output of `__GNUC__`: > # Set WARN_WRITE_STRINGS if the compiler supports -Wwrite-strings. > WARN_WRITE_STRINGS="" > AC_EGREP_CPP([^[0-3]$],[__GNUC__],,WARN_WRITE_STRINGS="-Wwrite-strings") This will incorrectly enable `-Wwrite-strings` if a non-GNU compiler is being used and `__GNUC__` is not defined by the preprocessor. The pattern for these checks needs to be adjusted to also treat `__GNUC__` in the output as "unsupported". This breaks when Oracle Studio compiler is used, as `-W` is not a warning switch, and it errors: > $ cc -Wwrite-strings > cc: -W option with unknown program write-strings -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/21420] Compiling emacs 25.2 with ld.bdf fails (segmentation fault)
https://sourceware.org/bugzilla/show_bug.cgi?id=21420 dilyan.palauzov at aegee dot org changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |OBSOLETE --- Comment #5 from dilyan.palauzov at aegee dot org --- With emacs 26.1, gcc (8.2.1 or 7.4.1) and most recent linkers, this does not seem to be anymore the case. In particular, the stripped binaries produced by ld.bfd ane smaller: With gcc 7.4.1 20181222 and linkers 2.31.51.20190103: 39536744bytes build-bfd/src/emacs 5394936bytes build-bfd/src/temacs 39545000bytes build-gold/src/emacs 5403192bytes build-gold/src/temacs With gcc 8.2.1 20190101 and linkers 2.31.51.20190103: 40253520bytes build-bfd/src/emacs 6100896bytes build-bfd/src/temacs 40265872bytes build-gold/src/emacs 6113248bytes build-gold/src/temacs -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils