bug-binutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Issue 386713387: binutils:fuzz_objcopy: Heap-use-after-free in bfd_errms

From: buganizer-system
Subject: Issue 386713387: binutils:fuzz_objcopy: Heap-use-after-free in bfd_errmsg
Date: Fri, 03 Jan 2025 05:59:28 -0800
Replying to this email means your email address will be shared with the team that works on this product.
https://issues.oss-fuzz.com/issues/386713387

Reference Info: 386713387 binutils:fuzz_objcopy: Heap-use-after-free in bfd_errmsg
component:  Public Trackers > 1362134 > OSS Fuzz
status:  New
reporter:  87...@developer.gserviceaccount.com
cc:  am...@gmail.com, bug-binutils@gnu.org, da...@adalogics.com, and 2 more
collaborators:  co...@oss-fuzz.com
type:  Vulnerability
access level:  Limited visibility
priority:  P2
severity:  S1
hotlist:  Reproducible, Stability-LibFuzzer, Stability-Memory-AddressSanitizer
retention:  Component default
Project:  binutils
Reported:  Jan 3, 2025

87...@developer.gserviceaccount.com added comment #1:
Detailed Report: https://oss-fuzz.com/testcase?key=4818358834364416

Project: binutils
Fuzzing Engine: libFuzzer
Fuzz Target: fuzz_objcopy
Job Type: libfuzzer_asan_binutils
Platform Id: linux

Crash Type: Heap-use-after-free READ 8
Crash Address: 0x51200000d6c0
Crash State:
  bfd_errmsg
  bfd_nonfatal_message
  copy_file
 
Sanitizer: address (ASAN)

Recommended Security Severity: High

Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_binutils&range=202501010658:202501020621

Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=4818358834364416

Issue filed automatically.

See https://google.github.io/oss-fuzz/advanced-topics/reproducing for instructions to reproduce this bug locally.
When you fix this bug, please
  * mention the fix revision(s).
  * state whether the bug was a short-lived regression or an old bug in any stable releases.
  * add any other useful information.
This information can help downstream consumers.

If you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues. Comments on individual Monorail issues are not monitored.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse
without an upstream patch, then the bug report will automatically
become visible to the public.


Generated by Google IssueTracker notification system.

You're receiving this email because you are subscribed to updates on Google IssueTracker issue 386713387
Unsubscribe from this issue.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]