[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/24058] New: objdump memory leaks in readelf.c
From: |
0x0keeper at gmail dot com |
Subject: |
[Bug binutils/24058] New: objdump memory leaks in readelf.c |
Date: |
Thu, 03 Jan 2019 12:25:32 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=24058
Bug ID: 24058
Summary: objdump memory leaks in readelf.c
Product: binutils
Version: 2.31
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: 0x0keeper at gmail dot com
Target Milestone: ---
Created attachment 11509
--> https://sourceware.org/bugzilla/attachment.cgi?id=11509&action=edit
binutil-objdump-memory-leaks-readelf
hi,binutils team.i found there is memory leaks in readelf.c, when used objdump.
here is AddressSanitizer info.
./objdump -W poc
........
==21635==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 54 byte(s) in 2 object(s) allocated from:
#0 0x4b91a8 in __interceptor_malloc
(/root/fuzz/binutils-2.31/binutils/readelf+0x4b91a8)
#1 0x4eb374 in get_data /root/fuzz/binutils-2.31/binutils/readelf.c:425:9
#2 0x5548f0 in get_section_contents
/root/fuzz/binutils-2.31/binutils/readelf.c:13243:20
#3 0x5548f0 in process_notes_at
/root/fuzz/binutils-2.31/binutils/readelf.c:18179
#4 0x5126a9 in process_note_sections
/root/fuzz/binutils-2.31/binutils/readelf.c:18456:10
#5 0x5126a9 in process_notes
/root/fuzz/binutils-2.31/binutils/readelf.c:18492
#6 0x5126a9 in process_object
/root/fuzz/binutils-2.31/binutils/readelf.c:18850
#7 0x4ee043 in process_file
/root/fuzz/binutils-2.31/binutils/readelf.c:19259:13
#8 0x4ee043 in main /root/fuzz/binutils-2.31/binutils/readelf.c:19318
#9 0x7fb198cba82f in __libc_start_main
/build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
SUMMARY: AddressSanitizer: 54 byte(s) leaked in 2 allocation(s).
code in binutils-2.31/binutils/readelf.c:425:9
https://github.com/bminor/binutils-gdb/blob/master/binutils/readelf.c#L424
mvar = var;
if (mvar == NULL)
{
/* Check for overflow. */
if (nmemb < (~(bfd_size_type) 0 - 1) / size)
/* + 1 so that we can '\0' terminate invalid string table sections. */
mvar = malloc ((size_t) amt + 1);
if (mvar == NULL)
{
if (reason)
error (_("Out of memory allocating %s bytes for %s\n"),
bfd_vmatoa ("u", amt), reason);
return NULL;
}
((char *) mvar)[amt] = '\0';
}
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug binutils/24058] New: objdump memory leaks in readelf.c,
0x0keeper at gmail dot com <=