https://sourceware.org/bugzilla/show_bug.cgi?id=29924
Bug ID: 29924 Summary: Huge memoy allocation in objdump Product: binutils Version: 2.39 Status: UNCONFIRMED Severity: normal Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: pdeng21 at m dot fudan.edu.cn Target Milestone: --- Created attachment 14533 --> https://sourceware.org/bugzilla/attachment.cgi?id=14533&action=edit PoC to replay the vulnerability #Summary There is a huge memory allocation vulnerability in objdump, which can be triggered by a craft elf file. #Verification git clone git://sourceware.org/git/binutils-gdb.git CC="clang -fsanitize=address" CXX="clang++ -fsanitize=address" ./configure --disable-shared && make -j$(nproc) ./binutils/objdump -S poc #ASAN ================================================================= ==23722==ERROR: AddressSanitizer: allocator is out of memory trying to allocate 0x3000000001 bytes #0 0x4942ed in malloc (/binutils-gdb/binutils/objdump+0x4942ed) #1 0x8410c8 in xmalloc /binutils-gdb/libiberty/./xmalloc.c:149:12 #2 0x4dbb9d in load_separate_debug_files /binutils-gdb/binutils/./dwarf.c:11965:7 #3 0x4c6e60 in display_object_bfd /binutils-gdb/binutils/./objdump.c #4 0x4c6e60 in display_any_bfd /binutils-gdb/binutils/./objdump.c:5823:5 #5 0x4c5604 in display_file /binutils-gdb/binutils/./objdump.c:5844:3 #6 0x4c5604 in main /binutils-gdb/binutils/./objdump.c:6252:6 #7 0x7f08291dec86 in __libc_start_main /build/glibc-CVJwZb/glibc-2.27/csu/../csu/libc-start.c:310 ==23722==HINT: if you don't care about these errors you may set allocator_may_return_null=1 SUMMARY: AddressSanitizer: out-of-memory (/binutils-gdb/binutils/objdump+0x4942ed) in malloc ==23722==ABORTING #Envieonment Ubuntu 18.04 clang 10.0.0 -- You are receiving this mail because: You are on the CC list for the bug.