date:20170621

[Bug gold/21090] gcc compiled with --enable-default-pie show errors in binutils testsuite

2017-06-21 Thread cvs-commit at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=21090

--- Comment #28 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by H.J. Lu :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6b7373708821500a7388a8248b6c19fa1826c514

commit 6b7373708821500a7388a8248b6c19fa1826c514
Author: H.J. Lu 
Date:   Wed Jun 21 15:22:05 2017 -0700

Pass $NOPIE_CFLAGS and $NOPIE_LDFLAGS to some ELF tests

Some ELF tests will fail when PIE is used.

PR ld/21090
* testsuite/ld-elf/shared.exp: Pass $NOPIE_CFLAGS and
$NOPIE_LDFLAGS if non-PIE is required.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug gold/21090] gcc compiled with --enable-default-pie show errors in binutils testsuite

2017-06-21 Thread cvs-commit at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=21090

--- Comment #27 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by H.J. Lu :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e5c89b096d9cb9e5956e98cd5863519c87c6890b

commit e5c89b096d9cb9e5956e98cd5863519c87c6890b
Author: H.J. Lu 
Date:   Wed Jun 21 14:57:53 2017 -0700

Pass $NOPIE_CFLAGS to NOCROSSREFS tests

PR ld/21090
* testsuite/ld-scripts/crossref.exp: Also pass $NOPIE_CFLAGS
to CC.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug gold/21090] gcc compiled with --enable-default-pie show errors in binutils testsuite

2017-06-21 Thread cvs-commit at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=21090

--- Comment #26 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by H.J. Lu :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=68193357e8d0fb53a229114713db9f0385f60ed8

commit 68193357e8d0fb53a229114713db9f0385f60ed8
Author: H.J. Lu 
Date:   Wed Jun 21 14:45:16 2017 -0700

Pass $NOPIE_LDFLAGS size tests

PR ld/21090
* testsuite/ld-size/size.exp: Pass $NOPIE_LDFLAGS to size-4a,
size-4b, size-5a, size-5b, size-6 and size-8 tests.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug gold/21090] gcc compiled with --enable-default-pie show errors in binutils testsuite

2017-06-21 Thread hjl.tools at gmail dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21090

H.J. Lu  changed:

   What|Removed |Added

 CC||hjl.tools at gmail dot com

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug ld/21593] .startof.SECNAME and .sizeof.SECNAME should be local

2017-06-21 Thread hjl.tools at gmail dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21593

H.J. Lu  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED
   Target Milestone|--- |2.29

--- Comment #1 from H.J. Lu  ---
Fixed by:

commit 7dba9362c172f1073487536eb137feb2da30b0ff
Author: Alan Modra 
Date:   Fri Jun 16 19:41:41 2017 +0930

Rewrite __start and __stop symbol handling

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21648] SEGV on unknown address in display_debug_frames

2017-06-21 Thread nickc at redhat dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21648

Nick Clifton  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 CC||nickc at redhat dot com
 Resolution|--- |FIXED

--- Comment #4 from Nick Clifton  ---
Hi Alexandre,

  Thanks for reporting this bug.

  This was a problem in the DWARF parser where it was reading a 64-bit
  value and then only checking the bottom 32-bits to see if they were in
  range!  I have applied a fairly large patch to fix this problem, and
  catch others like it in the future.

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21648] SEGV on unknown address in display_debug_frames

2017-06-21 Thread cvs-commit at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=21648

--- Comment #3 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by Nick Clifton :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7f2c8a1d37af46c46828909b7b748c79aa4b7ff0

commit 7f2c8a1d37af46c46828909b7b748c79aa4b7ff0
Author: Nick Clifton 
Date:   Wed Jun 21 18:05:44 2017 +0100

Fix address violation when reading corrupt DWARF data.

PR binutils/21648
* dwarf.c (LEB): Rename to SKIP_ULEB and READ_ULEB.  Add check for
reading a value that is too big for the containing variable.
(SLEB): Rename to SKIP_SLEB and READ_SLEB.  Add similar check.
Replace uses of LEB and SLEB with appropriate new macro.
(display_debug_frames): Use an unsigned int for the 'reg'
variable.  Use a signed long for the 'l' variable.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21646] SEGV on unknown address in bfd_getb32

2017-06-21 Thread cvs-commit at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=21646

--- Comment #3 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by Nick Clifton :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6879f5a99e25c068fec34126b6b0fe4325223aa0

commit 6879f5a99e25c068fec34126b6b0fe4325223aa0
Author: Nick Clifton 
Date:   Wed Jun 21 16:36:44 2017 +0100

Fix addrss violation when processing a corrupt SH COFF binary.

PR binutils/21646
* coff-sh.c (sh_reloc): Check for an out of range reloc.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21646] SEGV on unknown address in bfd_getb32

2017-06-21 Thread nickc at redhat dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21646

Nick Clifton  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 CC||nickc at redhat dot com
 Resolution|--- |FIXED

--- Comment #4 from Nick Clifton  ---
Hi Alexandre,

  Thanks for reporting this bug.

  This was a case where the SH backend was not checking the relocations to
  see if they contained valid offsets inot the section being relocated.  I
  added a simple check and now this test passes.

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21647] SEGV on unknown address in _bfd_vms_slurp_egsd

2017-06-21 Thread nickc at redhat dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21647

Nick Clifton  changed:

   What|Removed |Added

 CC||nickc at redhat dot com

--- Comment #3 from Nick Clifton  ---
Hi Alexandre,

  I think that this bug has already been fixed by a previous patch.  Please
  could you test it again, and if you are happy, close this PR ?

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21639] heap-buffer-overflow in _bfd_vms_save_sized_string

2017-06-21 Thread nickc at redhat dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21639

Nick Clifton  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 CC||nickc at redhat dot com
 Resolution|--- |FIXED

--- Comment #4 from Nick Clifton  ---
Hi Alexandre,

  Thanks for reporting this bug.

  I have checked in a patch to fix this bug, and I hope, other bugs similar
  to it.

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21639] heap-buffer-overflow in _bfd_vms_save_sized_string

2017-06-21 Thread cvs-commit at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=21639

--- Comment #3 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by Nick Clifton :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7adc0a8174f1233f6d92edd0671c18c9870e64e7

commit 7adc0a8174f1233f6d92edd0671c18c9870e64e7
Author: Nick Clifton 
Date:   Wed Jun 21 15:21:11 2017 +0100

Fix address violation parsing a corrupt Alpha VMS binary file.

PR binutils/21639
* vms-misc.c (_bfd_vms_save_sized_string): Use unsigned int as
type of the size parameter.
(_bfd_vms_save_counted_string): Add second parameter - the maximum
length of the counted string.
* vms.h (_bfd_vms_save_sized_string): Update prototype.
(_bfd_vms_save_counted_string): Likewise.
* vms-alpha.c (_bfd_vms_slurp_eisd): Update calls to
_bfd_vms_save_counted_string.
(_bfd_vms_slurp_ehdr): Likewise.
(_bfd_vms_slurp_egsd): Likewise.
(Parse_module): Likewise.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21653] SEGV on unknown address in setup_sections

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21653

--- Comment #2 from Alexandre Adamski  ---
Created attachment 10209
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10209=edit
101107335742c098ad15634068b864be.35b6cb14f553b74eda060c665efbc06b.txt

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21653] SEGV on unknown address in setup_sections

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21653

--- Comment #1 from Alexandre Adamski  ---
Created attachment 10208
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10208=edit
101107335742c098ad15634068b864be.35b6cb14f553b74eda060c665efbc06b.min

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21653] New: SEGV on unknown address in setup_sections

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21653

Bug ID: 21653
   Summary: SEGV on unknown address in setup_sections
   Product: binutils
   Version: 2.29 (HEAD)
Status: UNCONFIRMED
  Severity: critical
  Priority: P2
 Component: binutils
  Assignee: unassigned at sourceware dot org
  Reporter: aadamski at quarkslab dot com
  Target Milestone: ---

Hello there,

I have been fuzzing objdump with American Fuzzy Lop + ASAN/UBSAN.

Please find attached the minimized file causing the issue ("Input") and the
ASAN report log ("Output"). Below is the reduced stacktrace with links to the
corresponding source lines on a GitHub mirror.

The configuration settings used were `--enable-targets=all --disable-shared`.
The compilation flags used were `-g -O2 -fno-omit-frame-pointer
-fsanitize=address -fno-sanitize-recover=all`. The command used was `objdump
-afpxDSsgetTrR `.

Let me know if there is any additional information I can provide.

--

Input: 101107335742c098ad15634068b864be.35b6cb14f553b74eda060c665efbc06b.min
Output: 101107335742c098ad15634068b864be.35b6cb14f553b74eda060c665efbc06b.txt

Error in "setup_sections": SEGV on unknown address 0x60200100010f (pc
0x76f72c3a bp 0x7fffdc90 sp 0x7fffd418 T0)
  in setup_sections at bfd/som.c:2195
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/som.c#L2195)
  in som_object_p at bfd/som.c:2511
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/som.c#L2511)
  in bfd_check_format_matches at bfd/format.c:311
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/format.c#L311)
  in display_object_bfd at binutils/objdump.c:3608
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3608)
  in display_any_bfd at binutils/objdump.c:3699
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3699)
  in display_file at binutils/objdump.c:3720
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3720)
  in main at binutils/objdump.c:4024
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L4024)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21645] SEGV on unknown address in bfd_getb16

2017-06-21 Thread cvs-commit at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=21645

--- Comment #3 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by Nick Clifton :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=20bd1b6ba53491e4979c03a4f679d0d17b9b9046

commit 20bd1b6ba53491e4979c03a4f679d0d17b9b9046
Author: Nick Clifton 
Date:   Wed Jun 21 13:18:46 2017 +0100

Fix seg-fault in the BFD parsing a corrupt input binary.

PR binutils/21645
* reloc.c (bfd_generic_get_relocated_section_contents): Fail if
bfd_get_full_section_contents returns no contents.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21638] SEGV on unknown address in bfd_getl16

2017-06-21 Thread nickc at redhat dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21638

Nick Clifton  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 CC||nickc at redhat dot com
 Resolution|--- |FIXED

--- Comment #4 from Nick Clifton  ---
Hi Alexandre,

  Thanks for reporting this bug.  I have checked in a patch to fix the
  problem, so I think that this PR can now be closed.

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21638] SEGV on unknown address in bfd_getl16

2017-06-21 Thread cvs-commit at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=21638

--- Comment #3 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by Nick Clifton :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3de58d950c984bce176d883a8e7bcf3415be8c84

commit 3de58d950c984bce176d883a8e7bcf3415be8c84
Author: Nick Clifton 
Date:   Wed Jun 21 12:04:07 2017 +0100

Fix potential address violation parsing a corrupt Alpha VMS file.

PR binutils/21638
* vms-alpha.c (_bfd_vms_slurp_egsd): Check for an undersized
record.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21637] SEGV on unknown address in _bfd_vms_slurp_egsd

2017-06-21 Thread nickc at redhat dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21637

Nick Clifton  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 CC||nickc at redhat dot com
 Resolution|--- |FIXED

--- Comment #4 from Nick Clifton  ---
Hi Alexandre,

  Thanks for reporting this bug.

  Yet again the VMS parser is assuming valid input.  I have checked in a patch
  to fix this set of issues.

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21637] SEGV on unknown address in _bfd_vms_slurp_egsd

2017-06-21 Thread cvs-commit at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=21637

--- Comment #3 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by Nick Clifton :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=cb06d03ad92ffcfaa09c3f065837cb39e9e1486d

commit cb06d03ad92ffcfaa09c3f065837cb39e9e1486d
Author: Nick Clifton 
Date:   Wed Jun 21 11:13:49 2017 +0100

Fix address violation parsing a corrupt IEEE Alpha binary.

PR binutils/21637
* vms-alpha.c (_bfd_vms_slurp_egsd): Check for an empty section
list.
(image_set_ptr): Likewise.
(alpha_vms_fix_sec_rel): Likewise.
(alpha_vms_slurp_relocs): Likewise.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21636] SEGV on unknown address in ieee_object_p

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21636

Alexandre Adamski  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 Resolution|--- |FIXED

--- Comment #4 from Alexandre Adamski  ---
(In reply to Nick Clifton from comment #3)
> Hi Alexandre,
> 
>   I could not reproduce this failure.  I suspect because it has already been
>   fixed by one of the previous patches.  Please could you check, and if you
>   agree that it is fixed, please could you close this PR.
> 
> Cheers
>   Nick

I could totally reproduce it with the version at commit
#a6cab9afd2c81465265c8d09569e3e6ef43d2954, but it sounds like you fixed it
minutes ago when fixing PR 21633. Closing the PR now!

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug ld/13402] using "-Wl,--relax" on the AVR port causes lss file and debug information to "lose sync" with generated code

2017-06-21 Thread saaadhu at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=13402

Senthil Kumar Selvaraj  changed:

   What|Removed |Added

 Status|NEW |ASSIGNED
 CC||saaadhu at gcc dot gnu.org

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21636] SEGV on unknown address in ieee_object_p

2017-06-21 Thread nickc at redhat dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21636

Nick Clifton  changed:

   What|Removed |Added

 CC||nickc at redhat dot com

--- Comment #3 from Nick Clifton  ---
Hi Alexandre,

  I could not reproduce this failure.  I suspect because it has already been
  fixed by one of the previous patches.  Please could you check, and if you
  agree that it is fixed, please could you close this PR.

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21633] SEGV on unknown address in ieee_archive_p

2017-06-21 Thread nickc at redhat dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21633

Nick Clifton  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 CC||nickc at redhat dot com
 Resolution|--- |FIXED

--- Comment #4 from Nick Clifton  ---
Hi Alexandre,

  Thanks for reporting this bug.

  You have found yet another place in the IEEE parser where it just assumes
  that the input is valid.  I have checked in a patch to fix this particular
  problem - and a few others like it - so I hope that things will be better
  now.

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21633] SEGV on unknown address in ieee_archive_p

2017-06-21 Thread cvs-commit at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=21633

--- Comment #3 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by Nick Clifton :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c458d0079cc5e8ff29256355e6532ad2f96a8aa6

commit c458d0079cc5e8ff29256355e6532ad2f96a8aa6
Author: Nick Clifton 
Date:   Wed Jun 21 10:54:04 2017 +0100

Fix address violation when parsing a corrupt IEEE binary.

PR binutils/21633
* ieee.c (ieee_slurp_sections): Check for a NULL return from
read_id.
(ieee_archive_p): Likewise.
(ieee_object_p): Likewise.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug ld/20789] [avr] Relaxation does not correctly adjust DIFF reloc with negative value

2017-06-21 Thread saaadhu at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=20789

Senthil Kumar Selvaraj  changed:

   What|Removed |Added

 Status|ASSIGNED|RESOLVED
 CC||saaadhu at gcc dot gnu.org
 Resolution|--- |FIXED

--- Comment #2 from Senthil Kumar Selvaraj  ---
Fixed in binutils 2.28

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21640] SEGV on unknown address in setup_group

2017-06-21 Thread nickc at redhat dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21640

Nick Clifton  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 CC||nickc at redhat dot com
 Resolution|--- |FIXED

--- Comment #4 from Nick Clifton  ---
Hi Alexandre,

  Thanks for reporting this bug.

  The problem was in the BFD library's section group parser, which was
  basically assuming that the groups were valid.  I have checked in a
  patch to fix the problem, so everything should be OK now.

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21640] SEGV on unknown address in setup_group

2017-06-21 Thread cvs-commit at gcc dot gnu.org

https://sourceware.org/bugzilla/show_bug.cgi?id=21640

--- Comment #3 from cvs-commit at gcc dot gnu.org  ---
The master branch has been updated by Nick Clifton :

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ce49701009db42a9a53e5dcf172a6a211b1025b3

commit ce49701009db42a9a53e5dcf172a6a211b1025b3
Author: Nick Clifton 
Date:   Wed Jun 21 10:36:58 2017 +0100

Fix seg-fault reading a corrupt ELF binary.

PR binutils/21640
* elf.c (setup_group): Zero the group section pointer list after
allocation so that loops can be caught.  Check for NULL pointers
when processing a group list.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21651] heap-buffer-overflow in add_symbol

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21651

--- Comment #4 from Alexandre Adamski  ---
Created attachment 10207
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10207=edit
5deafefa1ca077a686a06b18e93f6e2e.484ddbe005142cc897588a715f2572f7.txt

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21651] heap-buffer-overflow in add_symbol

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21651

--- Comment #1 from Alexandre Adamski  ---
Created attachment 10204
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10204=edit
282cc553a70cccddc4535d4bb3db5692.6a1a70e215d3fd538023ab8e5737b3c8.min

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21651] heap-buffer-overflow in add_symbol

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21651

--- Comment #3 from Alexandre Adamski  ---
Created attachment 10206
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10206=edit
5deafefa1ca077a686a06b18e93f6e2e.484ddbe005142cc897588a715f2572f7.min

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21651] New: heap-buffer-overflow in add_symbol

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21651

Bug ID: 21651
   Summary: heap-buffer-overflow in add_symbol
   Product: binutils
   Version: 2.29 (HEAD)
Status: UNCONFIRMED
  Severity: normal
  Priority: P2
 Component: binutils
  Assignee: unassigned at sourceware dot org
  Reporter: aadamski at quarkslab dot com
  Target Milestone: ---

Hello there,

I have been fuzzing objdump with American Fuzzy Lop + ASAN/UBSAN.

Please find attached the minimized file causing the issue ("Input") and the
ASAN report log ("Output"). Below is the reduced stacktrace with links to the
corresponding source lines on a GitHub mirror.

The configuration settings used were `--enable-targets=all --disable-shared`.
The compilation flags used were `-g -O2 -fno-omit-frame-pointer
-fsanitize=address -fno-sanitize-recover=all`. The command used was `objdump
-afpxDSsgetTrR `.

Let me know if there is any additional information I can provide.

--

Input: 282cc553a70cccddc4535d4bb3db5692.6a1a70e215d3fd538023ab8e5737b3c8.min
Output: 282cc553a70cccddc4535d4bb3db5692.6a1a70e215d3fd538023ab8e5737b3c8.txt

Error in "add_symbol": heap-buffer-overflow
  in add_symbol at bfd/vms-alpha.c:1125
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-alpha.c#L1125)
  in _bfd_vms_slurp_egsd at bfd/vms-alpha.c:1307
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-alpha.c#L1307)
  in _bfd_vms_slurp_object_records at bfd/vms-alpha.c:2456
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-alpha.c#L2456)
  in alpha_vms_object_p at bfd/vms-alpha.c:2640
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-alpha.c#L2640)
  in bfd_check_format_matches at bfd/format.c:311
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/format.c#L311)
  in display_object_bfd at binutils/objdump.c:3608
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3608)
  in display_any_bfd at binutils/objdump.c:3699
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3699)
  in display_file at binutils/objdump.c:3720
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3720)
  in main at binutils/objdump.c:4024
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L4024)

Input: 5deafefa1ca077a686a06b18e93f6e2e.484ddbe005142cc897588a715f2572f7.min
Output: 5deafefa1ca077a686a06b18e93f6e2e.484ddbe005142cc897588a715f2572f7.txt

Error in "add_symbol": heap-buffer-overflow
  in add_symbol at bfd/vms-alpha.c:1120
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-alpha.c#L1120)
  in _bfd_vms_slurp_egsd at bfd/vms-alpha.c:1265
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-alpha.c#L1265)
  in _bfd_vms_slurp_object_records at bfd/vms-alpha.c:2456
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-alpha.c#L2456)
  in alpha_vms_object_p at bfd/vms-alpha.c:2640
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-alpha.c#L2640)
  in bfd_check_format_matches at bfd/format.c:311
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/format.c#L311)
  in display_object_bfd at binutils/objdump.c:3608
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3608)
  in display_any_bfd at binutils/objdump.c:3699
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3699)
  in display_file at binutils/objdump.c:3720
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3720)
  in main at binutils/objdump.c:4024
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L4024)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21651] heap-buffer-overflow in add_symbol

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21651

--- Comment #2 from Alexandre Adamski  ---
Created attachment 10205
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10205=edit
282cc553a70cccddc4535d4bb3db5692.6a1a70e215d3fd538023ab8e5737b3c8.txt

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21650] heap-buffer-overflow in _bfd_vms_save_counted_string

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21650

--- Comment #1 from Alexandre Adamski  ---
Created attachment 10202
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10202=edit
946dab2dbf7e45c5e47d80a2a48606db.2b95a3716de63f7e4611b8e988fc1615.min

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21650] New: heap-buffer-overflow in _bfd_vms_save_counted_string

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21650

Bug ID: 21650
   Summary: heap-buffer-overflow in _bfd_vms_save_counted_string
   Product: binutils
   Version: 2.29 (HEAD)
Status: UNCONFIRMED
  Severity: normal
  Priority: P2
 Component: binutils
  Assignee: unassigned at sourceware dot org
  Reporter: aadamski at quarkslab dot com
  Target Milestone: ---

Hello there,

I have been fuzzing objdump with American Fuzzy Lop + ASAN/UBSAN.

Please find attached the minimized file causing the issue ("Input") and the
ASAN report log ("Output"). Below is the reduced stacktrace with links to the
corresponding source lines on a GitHub mirror.

The configuration settings used were `--enable-targets=all --disable-shared`.
The compilation flags used were `-g -O2 -fno-omit-frame-pointer
-fsanitize=address -fno-sanitize-recover=all`. The command used was `objdump
-afpxDSsgetTrR `.

Let me know if there is any additional information I can provide.

--

Input: 946dab2dbf7e45c5e47d80a2a48606db.2b95a3716de63f7e4611b8e988fc1615.min
Output: 946dab2dbf7e45c5e47d80a2a48606db.2b95a3716de63f7e4611b8e988fc1615.txt

Error in "_bfd_vms_save_counted_string": heap-buffer-overflow
  in _bfd_vms_save_counted_string at bfd/vms-misc.c:160
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-misc.c#L160)
  in _bfd_vms_slurp_egsd at bfd/vms-alpha.c:1192
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-alpha.c#L1192)
  in _bfd_vms_slurp_object_records at bfd/vms-alpha.c:2456
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-alpha.c#L2456)
  in alpha_vms_object_p at bfd/vms-alpha.c:2640
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-alpha.c#L2640)
  in bfd_check_format_matches at bfd/format.c:311
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/format.c#L311)
  in display_object_bfd at binutils/objdump.c:3608
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3608)
  in display_any_bfd at binutils/objdump.c:3699
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3699)
  in display_file at binutils/objdump.c:3720
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3720)
  in main at binutils/objdump.c:4024
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L4024)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21650] heap-buffer-overflow in _bfd_vms_save_counted_string

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21650

--- Comment #2 from Alexandre Adamski  ---
Created attachment 10203
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10203=edit
946dab2dbf7e45c5e47d80a2a48606db.2b95a3716de63f7e4611b8e988fc1615.txt

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21648] SEGV on unknown address in display_debug_frames

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21648

--- Comment #2 from Alexandre Adamski  ---
Created attachment 10199
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10199=edit
2f3028374138e0990bb8725e14c19138.93474bf24dbdf59dd66beb8d6d58fd36.txt

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21649] heap-buffer-overflow in setup_sections

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21649

--- Comment #2 from Alexandre Adamski  ---
Created attachment 10201
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10201=edit
9238478e7ff0e0de84dcf92b48a47452.1702b9f00cff0abf7060d94d799aed54.txt

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21648] SEGV on unknown address in display_debug_frames

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21648

--- Comment #1 from Alexandre Adamski  ---
Created attachment 10198
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10198=edit
2f3028374138e0990bb8725e14c19138.93474bf24dbdf59dd66beb8d6d58fd36.min

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21649] heap-buffer-overflow in setup_sections

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21649

--- Comment #1 from Alexandre Adamski  ---
Created attachment 10200
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10200=edit
9238478e7ff0e0de84dcf92b48a47452.1702b9f00cff0abf7060d94d799aed54.min

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21649] New: heap-buffer-overflow in setup_sections

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21649

Bug ID: 21649
   Summary: heap-buffer-overflow in setup_sections
   Product: binutils
   Version: 2.29 (HEAD)
Status: UNCONFIRMED
  Severity: normal
  Priority: P2
 Component: binutils
  Assignee: unassigned at sourceware dot org
  Reporter: aadamski at quarkslab dot com
  Target Milestone: ---

Hello there,

I have been fuzzing objdump with American Fuzzy Lop + ASAN/UBSAN.

Please find attached the minimized file causing the issue ("Input") and the
ASAN report log ("Output"). Below is the reduced stacktrace with links to the
corresponding source lines on a GitHub mirror.

The configuration settings used were `--enable-targets=all --disable-shared`.
The compilation flags used were `-g -O2 -fno-omit-frame-pointer
-fsanitize=address -fno-sanitize-recover=all`. The command used was `objdump
-afpxDSsgetTrR `.

Let me know if there is any additional information I can provide.

--

Input: 9238478e7ff0e0de84dcf92b48a47452.1702b9f00cff0abf7060d94d799aed54.min
Output: 9238478e7ff0e0de84dcf92b48a47452.1702b9f00cff0abf7060d94d799aed54.txt

Error in "setup_sections": heap-buffer-overflow
  in setup_sections at bfd/som.c:2125
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/som.c#L2125)
  in som_object_p at bfd/som.c:2511
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/som.c#L2511)
  in bfd_check_format_matches at bfd/format.c:311
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/format.c#L311)
  in display_object_bfd at binutils/objdump.c:3608
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3608)
  in display_any_bfd at binutils/objdump.c:3699
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3699)
  in display_file at binutils/objdump.c:3720
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3720)
  in main at binutils/objdump.c:4024
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L4024)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21648] New: SEGV on unknown address in display_debug_frames

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21648

Bug ID: 21648
   Summary: SEGV on unknown address in display_debug_frames
   Product: binutils
   Version: 2.29 (HEAD)
Status: UNCONFIRMED
  Severity: critical
  Priority: P2
 Component: binutils
  Assignee: unassigned at sourceware dot org
  Reporter: aadamski at quarkslab dot com
  Target Milestone: ---

Hello there,

I have been fuzzing objdump with American Fuzzy Lop + ASAN/UBSAN.

Please find attached the minimized file causing the issue ("Input") and the
ASAN report log ("Output"). Below is the reduced stacktrace with links to the
corresponding source lines on a GitHub mirror.

The configuration settings used were `--enable-targets=all --disable-shared`.
The compilation flags used were `-g -O2 -fno-omit-frame-pointer
-fsanitize=address -fno-sanitize-recover=all`. The command used was `objdump
-afpxDSsgetTrR `.

Let me know if there is any additional information I can provide.

--

Input: 2f3028374138e0990bb8725e14c19138.93474bf24dbdf59dd66beb8d6d58fd36.min
Output: 2f3028374138e0990bb8725e14c19138.93474bf24dbdf59dd66beb8d6d58fd36.txt

Error in "display_debug_frames": SEGV on unknown address 0x635004c0 (pc
0x00535d71 bp 0x7fffdf90 sp 0x7fffdc60 T0)
  in display_debug_frames at binutils/dwarf.c:7494
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/dwarf.c#L7494)
  in dump_dwarf_section at binutils/objdump.c:2631
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L2631)
  in bfd_map_over_sections at bfd/section.c:1395
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/section.c#L1395)
  in dump_dwarf at binutils/objdump.c:2697
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L2697)
  in dump_bfd at binutils/objdump.c:3576
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3576)
  in display_file at binutils/objdump.c:3720
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3720)
  in main at binutils/objdump.c:4024
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L4024)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21647] New: SEGV on unknown address in _bfd_vms_slurp_egsd

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21647

Bug ID: 21647
   Summary: SEGV on unknown address in _bfd_vms_slurp_egsd
   Product: binutils
   Version: 2.29 (HEAD)
Status: UNCONFIRMED
  Severity: critical
  Priority: P2
 Component: binutils
  Assignee: unassigned at sourceware dot org
  Reporter: aadamski at quarkslab dot com
  Target Milestone: ---

Hello there,

I have been fuzzing objdump with American Fuzzy Lop + ASAN/UBSAN.

Please find attached the minimized file causing the issue ("Input") and the
ASAN report log ("Output"). Below is the reduced stacktrace with links to the
corresponding source lines on a GitHub mirror.

The configuration settings used were `--enable-targets=all --disable-shared`.
The compilation flags used were `-g -O2 -fno-omit-frame-pointer
-fsanitize=address -fno-sanitize-recover=all`. The command used was `objdump
-afpxDSsgetTrR `.

Let me know if there is any additional information I can provide.

--

Input: 0f563d575ba35a8cc5bd85425ed49cd5.c01e8a2cd0b571e1cf5e8b373d2bf653.min
Output: 0f563d575ba35a8cc5bd85425ed49cd5.c01e8a2cd0b571e1cf5e8b373d2bf653.txt

Error in "_bfd_vms_slurp_egsd": SEGV on unknown address 0x06301bc8 (pc
0x00e662c9 bp 0x7fffe130 sp 0x7fffe0a0 T0)
  in _bfd_vms_slurp_egsd at bfd/vms-alpha.c:1319
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-alpha.c#L1319)
  in _bfd_vms_slurp_object_records at bfd/vms-alpha.c:2456
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-alpha.c#L2456)
  in alpha_vms_object_p at bfd/vms-alpha.c:2640
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/vms-alpha.c#L2640)
  in bfd_check_format_matches at bfd/format.c:311
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/format.c#L311)
  in display_object_bfd at binutils/objdump.c:3608
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3608)
  in display_any_bfd at binutils/objdump.c:3699
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3699)
  in display_file at binutils/objdump.c:3720
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3720)
  in main at binutils/objdump.c:4024
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L4024)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21647] SEGV on unknown address in _bfd_vms_slurp_egsd

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21647

--- Comment #1 from Alexandre Adamski  ---
Created attachment 10196
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10196=edit
0f563d575ba35a8cc5bd85425ed49cd5.c01e8a2cd0b571e1cf5e8b373d2bf653.min

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21647] SEGV on unknown address in _bfd_vms_slurp_egsd

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21647

--- Comment #2 from Alexandre Adamski  ---
Created attachment 10197
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10197=edit
0f563d575ba35a8cc5bd85425ed49cd5.c01e8a2cd0b571e1cf5e8b373d2bf653.txt

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21646] SEGV on unknown address in bfd_getb32

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21646

--- Comment #2 from Alexandre Adamski  ---
Created attachment 10195
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10195=edit
31d22490104a5f892b1346613d415d5e.205cc0abde2bc6981e47f44395752466.txt

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21646] SEGV on unknown address in bfd_getb32

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21646

--- Comment #1 from Alexandre Adamski  ---
Created attachment 10194
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10194=edit
31d22490104a5f892b1346613d415d5e.205cc0abde2bc6981e47f44395752466.min

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21645] SEGV on unknown address in bfd_getb16

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21645

--- Comment #2 from Alexandre Adamski  ---
Created attachment 10193
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10193=edit
544d1e760c2bb52af7920adfdd1b3ab5.1431a09f1f9d3e3f2e4a0e06bf9c169f.txt

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21645] New: SEGV on unknown address in bfd_getb16

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21645

Bug ID: 21645
   Summary: SEGV on unknown address in bfd_getb16
   Product: binutils
   Version: 2.29 (HEAD)
Status: UNCONFIRMED
  Severity: critical
  Priority: P2
 Component: binutils
  Assignee: unassigned at sourceware dot org
  Reporter: aadamski at quarkslab dot com
  Target Milestone: ---

Hello there,

I have been fuzzing objdump with American Fuzzy Lop + ASAN/UBSAN.

Please find attached the minimized file causing the issue ("Input") and the
ASAN report log ("Output"). Below is the reduced stacktrace with links to the
corresponding source lines on a GitHub mirror.

The configuration settings used were `--enable-targets=all --disable-shared`.
The compilation flags used were `-g -O2 -fno-omit-frame-pointer
-fsanitize=address -fno-sanitize-recover=all`. The command used was `objdump
-afpxDSsgetTrR `.

Let me know if there is any additional information I can provide.

--

Input: 544d1e760c2bb52af7920adfdd1b3ab5.1431a09f1f9d3e3f2e4a0e06bf9c169f.min
Output: 544d1e760c2bb52af7920adfdd1b3ab5.1431a09f1f9d3e3f2e4a0e06bf9c169f.txt

Error in "bfd_getb16": SEGV on unknown address 0x (pc
0x0096d72a bp 0x7fffd920 sp 0x7fffd910 T0)
  in bfd_getb16 at bfd/libbfd.c:498
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/libbfd.c#L498)
  in sh_reloc at bfd/coff-sh.c:620
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/coff-sh.c#L620)
  in bfd_perform_relocation at bfd/reloc.c:620
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/reloc.c#L620)
  in bfd_generic_get_relocated_section_contents at bfd/reloc.c:8181
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/reloc.c#L8181)
  in bfd_simple_get_relocated_section_contents at bfd/simple.c:264
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/simple.c#L264)
  in load_specific_debug_section at binutils/objdump.c:2490
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L2490)
  in dump_dwarf_section at binutils/objdump.c:2628
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L2628)
  in bfd_map_over_sections at bfd/section.c:1395
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/section.c#L1395)
  in dump_dwarf at binutils/objdump.c:2697
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L2697)
  in dump_bfd at binutils/objdump.c:3576
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3576)
  in display_file at binutils/objdump.c:3720
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3720)
  in main at binutils/objdump.c:4024
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L4024)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/21645] SEGV on unknown address in bfd_getb16

2017-06-21 Thread aadamski at quarkslab dot com

https://sourceware.org/bugzilla/show_bug.cgi?id=21645

--- Comment #1 from Alexandre Adamski  ---
Created attachment 10192
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10192=edit
544d1e760c2bb52af7920adfdd1b3ab5.1431a09f1f9d3e3f2e4a0e06bf9c169f.min

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

50 matches

Mail list logo