bug-binutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Memory leak in binutils


From: Xiaohan Wu
Subject: Memory leak in binutils
Date: Wed, 4 Dec 2019 19:14:06 +0800

Hello,  I got a memory leak bug in binutils.

ASAN log:

==29347==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 3 byte(s) in 1 object(s) allocated from:
    #0 0x483514 in __strdup /src/llvm-project/compiler-rt/lib/asan/asan_interceptors.cpp:468:3
    #1 0x6e76d0 in get_field /src/binutils-gdb/opcodes/microblaze-dis.c:46:11
    #2 0x6e6826 in print_insn_microblaze /src/binutils-gdb/opcodes/microblaze-dis.c
    #3 0x4ca15d in LLVMFuzzerTestOneInput /src/binutils-gdb/fuzz/fuzz_disassemble.c:71:13
    #4 0x51a8c6 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:556:15
    #5 0x516ee0 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:470:3
    #6 0x51c4bf in fuzzer::Fuzzer::MutateAndTestOne() /src/libfuzzer/FuzzerLoop.cpp:698:19
    #7 0x51fcfd in fuzzer::Fuzzer::Loop(std::__1::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/libfuzzer/FuzzerLoop.cpp:830:5
    #8 0x4d8f81 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:824:6
    #9 0x4ca6f7 in main /src/libfuzzer/FuzzerMain.cpp:19:10
    #10 0x7f6ac80e982f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Direct leak of 3 byte(s) in 1 object(s) allocated from:
    #0 0x483514 in __strdup /src/llvm-project/compiler-rt/lib/asan/asan_interceptors.cpp:468:3
    #1 0x6e76d0 in get_field /src/binutils-gdb/opcodes/microblaze-dis.c:46:11
    #2 0x6e64b9 in print_insn_microblaze /src/binutils-gdb/opcodes/microblaze-dis.c:296:36
    #3 0x4ca15d in LLVMFuzzerTestOneInput /src/binutils-gdb/fuzz/fuzz_disassemble.c:71:13
    #4 0x51a8c6 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:556:15
    #5 0x516ee0 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:470:3
    #6 0x51c4bf in fuzzer::Fuzzer::MutateAndTestOne() /src/libfuzzer/FuzzerLoop.cpp:698:19
    #7 0x51fcfd in fuzzer::Fuzzer::Loop(std::__1::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/libfuzzer/FuzzerLoop.cpp:830:5
    #8 0x4d8f81 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:824:6
    #9 0x4ca6f7 in main /src/libfuzzer/FuzzerMain.cpp:19:10
    #10 0x7f6ac80e982f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

SUMMARY: AddressSanitizer: 6 byte(s) leaked in 2 allocation(s).
INFO: to ignore leaks on libFuzzer side use -detect_leaks=0.

MS: 1 ChangeByte-; base unit: a1be622c3abbca83b3dff1e93a6b232e18dd7e98
0xc6,0xc,0x0,0x4,0x26,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x50,
\xc6\x0c\x00\x04&\x00\x00\x00\x00\x00\x00\x00\x00P
artifact_prefix='./'; Test unit written to ./leak-0dbec89599a608e357f7a41d42cc041ae064df6a
Base64: xgwABCYAAAAAAAAAAFA=


And leak file attached.

Yours,
Skyvast

Attachment: leak-0dbec89599a608e357f7a41d42cc041ae064df6a
Description: Binary data


reply via email to

[Prev in Thread] Current Thread [Next in Thread]