[Bug binutils/17512] libbfd/binutils: crashes on fuzzed samples

From: nickc at redhat dot com
Subject: [Bug binutils/17512] libbfd/binutils: crashes on fuzzed samples
Date: Tue, 03 Feb 2015 14:37:13 +0000


--- Comment #189 from Nick Clifton <nickc at redhat dot com> ---
Hi Alexander,

> Problems with `objdump -afphxgGtTrRwW --special-syms` (32-bit)
> More problems found with 32-bit binutils: built with -m32 on 64-bit host.

> Errors:
>       2 Argument 'size' of function malloc has a fishy (possibly negative)
> value: ...
>       1 Conditional jump or move depends on uninitialised value(s)
>       2 Invalid free() / delete / delete[] / realloc()
>     221 Invalid read of size ...
>     344 Invalid write of size ...
>      59 Process terminating with default action of signal 11 (SIGSEGV)

These should all be fixed now.


