[Bug ld/19317] plugin needed to handle lto object should not be output for plugin generated files when doing incremental link
https://sourceware.org/bugzilla/show_bug.cgi?id=19317 H.J. Lu changed: What|Removed |Added Status|NEW |WAITING --- Comment #1 from H.J. Lu --- A testcase? -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/19325] assertion fail ../../bfd/elf64-ppc.c:14650 on powerpc64le-linux-gnu
https://sourceware.org/bugzilla/show_bug.cgi?id=19325 Matthias Klose changed: What|Removed |Added Target||powerpc64le-linux-gnu -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/19325] New: assertion fail ../../bfd/elf64-ppc.c:14650 on powerpc64le-linux-gnu
https://sourceware.org/bugzilla/show_bug.cgi?id=19325 Bug ID: 19325 Summary: assertion fail ../../bfd/elf64-ppc.c:14650 on powerpc64le-linux-gnu Product: binutils Version: 2.26 Status: NEW Severity: normal Priority: P2 Component: ld Assignee: unassigned at sourceware dot org Reporter: doko at debian dot org Target Milestone: --- Created attachment 8829 --> https://sourceware.org/bugzilla/attachment.cgi?id=8829&action=edit test case seen when building with the current GCC 5 branch, and binutils from the 2.26 branch. The assertion is triggered several times (not seen on x86_64). The link still fails onx x86_64-linux-gnu. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug ld/19325] assertion fail ../../bfd/elf64-ppc.c:14650 on powerpc64le-linux-gnu
https://sourceware.org/bugzilla/show_bug.cgi?id=19325 Matthias Klose changed: What|Removed |Added CC||amodra at gmail dot com -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/19323] [FG-VD-15-113] BinUtils-2.25 Objdump Heap Overflow Vulnerability Notification
https://sourceware.org/bugzilla/show_bug.cgi?id=19323 Kushal Shah changed: What|Removed |Added Status|RESOLVED|REOPENED Resolution|INVALID |--- --- Comment #2 from Kushal Shah --- Hi Alan, I re-ran the PoC using both readelf and objdump and I saw that the "readelf" tool returns an out-of-memory error and "objdump" crashes with a Segmentation Fault and using Valgrind we can see that there is a Heap Overflow caused by Objdump. I am attaching both the "out-of-memory" error obtained using readelf and also the gdb and valgrind output confirming the heap overflow vulnerability in objdump. I would also like to request you if you could share the out-of-memory error output returned by objdump using the PoC and reproduction steps provided previously? Vulnerability Confirmation using GDB & Valgrind: - ##--Valgrind Output--## # valgrind --tool=memcheck --leak-check=full --track-origins=yes --show-reachable=yes --keep-stacktraces=alloc-and-free --num-callers=40 --track-fds=yes -v binutils-gdb/binutils/objdump -s /root/Desktop/file1 /dev/null ==13429== Invalid write of size 4 ==13429==at 0x82499B7: bfd_elf32_swap_phdr_in (elfcode.h:367) ==13429==by 0x824D0B4: bfd_elf32_object_p (elfcode.h:782) ==13429==by 0x81E00F6: bfd_check_format_matches.part.1 (format.c:305) ==13429==by 0x806734F: display_object_bfd (objdump.c:3418) ==13429==by 0x806734F: display_any_bfd (objdump.c:3509) ==13429==by 0x8053ECA: display_file (objdump.c:3530) ==13429==by 0x8053ECA: main (objdump.c:3813) ==13429== Address 0x420bdf0 is 0 bytes after a block of size 4,064 alloc'd ==13429==at 0x40291CC: malloc (vg_replace_malloc.c:296) ==13429==by 0x851B130: objalloc_create (objalloc.c:95) ==13429==by 0x81F049B: _bfd_new_bfd (opncls.c:73) ==13429==by 0x81F049B: bfd_fopen (opncls.c:199) ==13429==by 0x81F049B: bfd_openr (opncls.c:287) ==13429==by 0x8053E83: display_file (objdump.c:3523) ==13429==by 0x8053E83: main (objdump.c:3813) ==13429== ==13429== Invalid write of size 4 ==13429==at 0x82499FF: bfd_elf32_swap_phdr_in (elfcode.h:369) ==13429==by 0x824D0B4: bfd_elf32_object_p (elfcode.h:782) ==13429==by 0x81E00F6: bfd_check_format_matches.part.1 (format.c:305) ==13429==by 0x806734F: display_object_bfd (objdump.c:3418) ==13429==by 0x806734F: display_any_bfd (objdump.c:3509) ==13429==by 0x8053ECA: display_file (objdump.c:3530) ==13429==by 0x8053ECA: main (objdump.c:3813) ==13429== Address 0x420bdf4 is 4 bytes after a block of size 4,064 alloc'd ==13429==at 0x40291CC: malloc (vg_replace_malloc.c:296) ==13429==by 0x851B130: objalloc_create (objalloc.c:95) ==13429==by 0x81F049B: _bfd_new_bfd (opncls.c:73) ==13429==by 0x81F049B: bfd_fopen (opncls.c:199) ==13429==by 0x81F049B: bfd_openr (opncls.c:287) ==13429==by 0x8053E83: display_file (objdump.c:3523) ==13429==by 0x8053E83: main (objdump.c:3813) ==13429== ==13429== Invalid write of size 4 ==13429==at 0x8249A0E: bfd_elf32_swap_phdr_in (elfcode.h:370) ==13429==by 0x824D0B4: bfd_elf32_object_p (elfcode.h:782) ==13429==by 0x81E00F6: bfd_check_format_matches.part.1 (format.c:305) ==13429==by 0x806734F: display_object_bfd (objdump.c:3418) ==13429==by 0x806734F: display_any_bfd (objdump.c:3509) ==13429==by 0x8053ECA: display_file (objdump.c:3530) ==13429==by 0x8053ECA: main (objdump.c:3813) ==13429== Address 0x420bdf8 is 8 bytes after a block of size 4,064 alloc'd ==13429==at 0x40291CC: malloc (vg_replace_malloc.c:296) ==13429==by 0x851B130: objalloc_create (objalloc.c:95) ==13429==by 0x81F049B: _bfd_new_bfd (opncls.c:73) ==13429==by 0x81F049B: bfd_fopen (opncls.c:199) ==13429==by 0x81F049B: bfd_openr (opncls.c:287) ==13429==by 0x8053E83: display_file (objdump.c:3523) ==13429==by 0x8053E83: main (objdump.c:3813) ==13429== ==13429== Invalid write of size 4 ==13429==at 0x8249A1A: bfd_elf32_swap_phdr_in (elfcode.h:371) ==13429==by 0x824D0B4: bfd_elf32_object_p (elfcode.h:782) ==13429==by 0x81E00F6: bfd_check_format_matches.part.1 (format.c:305) ==13429==by 0x806734F: display_object_bfd (objdump.c:3418) ==13429==by 0x806734F: display_any_bfd (objdump.c:3509) ==13429==by 0x8053ECA: display_file (objdump.c:3530) ==13429==by 0x8053ECA: main (objdump.c:3813) ==13429== Address 0x420bdfc is 12 bytes after a block of size 4,064 alloc'd ==13429==at 0x40291CC: malloc (vg_replace_malloc.c:296) ==13429==by 0x851B130: objalloc_create (objalloc.c:95) ==13429==by 0x81F049B: _bfd_new_bfd (opncls.c:73) ==13429==by 0x81F049B: bfd_fopen (opncls.c:199) ==13429==by 0x81F049B: bfd_openr (opncls.c:287) ==13429==by 0x8053E83: display_file (objdump.c:3523) ==13429==by 0x8053E83: main (objdump.c:3813) ==1342
[Bug ld/19325] assertion fail ../../bfd/elf64-ppc.c:14650 on powerpc64le-linux-gnu
https://sourceware.org/bugzilla/show_bug.cgi?id=19325 --- Comment #1 from Alan Modra --- I just built current gcc-5, and instead see lto1: internal compiler error: Segmentation fault 0x8b112f crash_signal /src/gcc.git/gcc/toplev.c:383 0x7bcd6d lto_file_decl_data_get_var_decl /src/gcc.git/gcc/lto-streamer.h:1222 -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/19323] [FG-VD-15-113] BinUtils-2.25 Objdump Heap Overflow Vulnerability Notification
https://sourceware.org/bugzilla/show_bug.cgi?id=19323 Alan Modra changed: What|Removed |Added Severity|critical|normal --- Comment #3 from Alan Modra --- objdump -s /tmp/pr19323 objdump: /tmp/pr19323: Memory exhausted Hmm, I suppose your binutils is 32-bit, in which case trying to allocate 0x10 bytes is the same as allocating 0 bytes, which would explain why you see a buffer overrun. -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug gold/19326] New: Swift linker script unparsable
https://sourceware.org/bugzilla/show_bug.cgi?id=19326 Bug ID: 19326 Summary: Swift linker script unparsable Product: binutils Version: 2.27 (HEAD) Status: NEW Severity: normal Priority: P2 Component: gold Assignee: ccoutant at gmail dot com Reporter: markus at trippelsdorf dot de CC: ian at airs dot com Target Milestone: --- The Swift language uses a linker script when building binaries. Unfortunately gold cannot parse it. ld.bfd is fine: markus@x4 x86_64 % cat swift.ld SECTIONS { .swift2_protocol_conformances : { .swift2_protocol_conformances_start = . ; QUAD(SIZEOF(.swift2_protocol_conformances) - 8) ; *(.swift2_protocol_conformances) ; } } INSERT AFTER .dtors markus@x4 x86_64 % ld.bfd -T swift.ld ld.bfd: no input files markus@x4 x86_64 % ld.gold -T swift.ld ld.gold: error: swift.ld:10:8: syntax error, unexpected STRING ld.gold: fatal error: unable to parse script file swift.ld -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils