[Bug binutils/27836] Illegal memory accessed
https://sourceware.org/bugzilla/show_bug.cgi?id=27836 Gabriel Ravier changed: What|Removed |Added CC||gabravier at gmail dot com -- You are receiving this mail because: You are on the CC list for the bug.
[Bug ld/14156] --sort-section=alignment trashes init/fini sections, and anything similar
https://sourceware.org/bugzilla/show_bug.cgi?id=14156 Gabriel Ravier changed: What|Removed |Added CC||gabravier at gmail dot com -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gas/30418] use of labels that happen to match register names or keywords
https://sourceware.org/bugzilla/show_bug.cgi?id=30418 Gabriel Ravier changed: What|Removed |Added CC||gabravier at gmail dot com -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gas/30336] The GNU Assembler has bugs in Intel syntax
https://sourceware.org/bugzilla/show_bug.cgi?id=30336 Gabriel Ravier changed: What|Removed |Added CC||gabravier at gmail dot com -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gas/12240] offset can't be used as label in Intel syntax
https://sourceware.org/bugzilla/show_bug.cgi?id=12240 Gabriel Ravier changed: What|Removed |Added CC||gabravier at gmail dot com -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/24440] binutils/wrstabs.c:1476:25: error: ā%sā directive argument is null [-Werror=format-overflow=]
https://sourceware.org/bugzilla/show_bug.cgi?id=24440 Gabriel Ravier changed: What|Removed |Added CC||gabravier at gmail dot com -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/30598] strings crashes when told to search for strings of size 0x40000000 and give special treatment to UTF-8 characters
https://sourceware.org/bugzilla/show_bug.cgi?id=30598 Gabriel Ravier changed: What|Removed |Added CC||gabravier at gmail dot com -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/30595] strings crashes when told to search for strings of size 0xFFFFFFFF
https://sourceware.org/bugzilla/show_bug.cgi?id=30595 Gabriel Ravier changed: What|Removed |Added CC||gabravier at gmail dot com -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/30598] New: strings crashes when told to search for strings of size 0x40000000 and give special treatment to UTF-8 characters
https://sourceware.org/bugzilla/show_bug.cgi?id=30598 Bug ID: 30598 Summary: strings crashes when told to search for strings of size 0x4000 and give special treatment to UTF-8 characters Product: binutils Version: 2.41 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: gabravier at gmail dot com Target Milestone: --- Version of the utility: $ ./binutils/strings --version GNU strings (GNU Binutils) 2.40.50.20230630 Copyright (C) 2023 Free Software Foundation, Inc. This program is free software; you may redistribute it under the terms of the GNU General Public License version 3 or (at your option) any later version. This program has absolutely no warranty. Patches: None, the source code used is current HEAD (git commit 0d1cd7d97835941c046dbb7ec1c83bc7c05779e6) Type of machine used, OS and version number: $ uname -a Linux fedora 6.3.8-200.fc38.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Jun 15 02:15:40 UTC 2023 x86_64 GNU/Linux Compiler used to compile the utilities: $ gcc --version gcc (GCC) 13.1.1 20230614 (Red Hat 13.1.1-4) Copyright (C) 2023 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Command arguments used to reproduce the bug: $ ./binutils/strings -U locale -n0x4000 <(head -c5000 /dev/zero | tr '\0' a) Segmentation fault (core dumped) Behavior I observe that I believe is incorrect: strings crashes. I believe it should output nothing as there are no strings longer than 1073741824 characters in the provided input file. See also https://sourceware.org/bugzilla/show_bug.cgi?id=30595, which this derives from: the fix there fixed the initial issue, but the check that tries to make sure `print_unicode_stream` won't allocate a too-large buffer is faulty. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/30595] strings crashes when told to search for strings of size 0xFFFFFFFF
https://sourceware.org/bugzilla/show_bug.cgi?id=30595 --- Comment #1 from Gabriel Ravier --- PS: this also occurs for seemingly any string size above 0x, for instance: $ ./binutils/strings -n39281421894129759127589125 <(echo aa) double free or corruption (out) Aborted (core dumped) -- You are receiving this mail because: You are on the CC list for the bug.
[Bug binutils/30595] New: strings crashes when told to search for strings of size 0xFFFFFFFF
https://sourceware.org/bugzilla/show_bug.cgi?id=30595 Bug ID: 30595 Summary: strings crashes when told to search for strings of size 0x Product: binutils Version: 2.41 (HEAD) Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: gabravier at gmail dot com Target Milestone: --- Version of the utility: $ ./binutils/strings --version GNU strings (GNU Binutils) 2.40.50.20230629 Copyright (C) 2023 Free Software Foundation, Inc. This program is free software; you may redistribute it under the terms of the GNU General Public License version 3 or (at your option) any later version. This program has absolutely no warranty. Patches: None, the source code used is current HEAD (git commit 3933413e7887045bf1eed302040177bcfee92c2f) Type of machine used, OS and version number: $ uname -a Linux fedora 6.3.8-200.fc38.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Jun 15 02:15:40 UTC 2023 x86_64 GNU/Linux Compiler used to compile the utilities: $ gcc --version gcc (GCC) 13.1.1 20230614 (Red Hat 13.1.1-4) Copyright (C) 2023 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Command arguments used to reproduce the bug: $ ./binutils/strings -n0x <(echo aa) double free or corruption (out) Aborted (core dumped) Behavior I observe that I believe is incorrect: strings crashes. I believe it should output nothing as there are no strings longer than 4294967295 characters in the provided input file. The bug appears to be caused by the following code: char *buf = (char *) xmalloc (sizeof (char) * (string_min + 1)); which ends up passing a value of 0 to xmalloc, which makes it allocate a 1-byte buffer, which strings then proceeds to immediately overflow while trying to read string_min characters into it. -- You are receiving this mail because: You are on the CC list for the bug.
