https://sourceware.org/bugzilla/show_bug.cgi?id=26154
Bug ID: 26154
Summary: nm-new: attempting free on address which was not
malloc()
Product: binutils
Version: 2.34
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: feidiyin at gmail dot com
Target Milestone: ---
Created attachment 12645
--> https://sourceware.org/bugzilla/attachment.cgi?id=12645&action=edit
The Poc to trigger this bug
When I was fuzzing nm-new with ASAN, I got this ERROR:
==1352==ERROR: AddressSanitizer: attempting free on address which was not
malloc()-ed: 0xf3f03b60 in thread T0
#0 0xf7ad1a84 in free (/usr/lib32/libasan.so.2+0x96a84)
#1 0x84784a3 in _bfd_coff_free_symbols
/home/yinqidi/experiment/binutils-2.34/bfd/coffgen.c:1782
#2 0x84784a3 in _bfd_coff_close_and_cleanup
/home/yinqidi/experiment/binutils-2.34/bfd/coffgen.c:3180
#3 0x80b8254 in bfd_close_all_done
/home/yinqidi/experiment/binutils-2.34/bfd/opncls.c:789
#4 0x80b8254 in bfd_close
/home/yinqidi/experiment/binutils-2.34/bfd/opncls.c:759
#5 0x805ae7c in display_file
/home/yinqidi/experiment/binutils-2.34/binutils/nm.c:1392
#6 0x804f335 in main
/home/yinqidi/experiment/binutils-2.34/binutils/nm.c:1860
#7 0xf7898636 in __libc_start_main (/lib/i386-linux-gnu/libc.so.6+0x18636)
#8 0x8050efb
(/home/yinqidi/experiment/binutils-2.34/binutils/nm-new+0x8050efb)
0xf3f03b60 is located 736 bytes inside of 1745-byte region
[0xf3f03880,0xf3f03f51)
allocated by thread T0 here:
#0 0xf7ad1f8e in calloc (/usr/lib32/libasan.so.2+0x96f8e)
#1 0x80aae3e in bfd_malloc
/home/yinqidi/experiment/binutils-2.34/bfd/libbfd.c:275
#2 0x80aae3e in bfd_zmalloc
/home/yinqidi/experiment/binutils-2.34/bfd/libbfd.c:360
#3 0x867ba8b
(/home/yinqidi/experiment/binutils-2.34/binutils/nm-new+0x867ba8b)
SUMMARY: AddressSanitizer: bad-free ??:0 free
==1352==ABORTING
--
You are receiving this mail because:
You are on the CC list for the bug.
