登录
注册
开源
企业版
高校版
搜索
帮助中心
使用条款
关于我们
开源
企业版
高校版
私有云
模力方舟
登录
注册
9月20日,Gitee × 模力方舟来成都了!聚焦 AI 应用在开发范式、算力架构、交互设计、硬件选型等跨场景创新实践,点击立即报名~
代码拉取完成,页面将自动刷新
捐赠
捐赠前请先登录
取消
前往登录
扫描微信二维码支付
取消
支付完成
支付提示
将跳转至支付宝完成支付
确定
取消
Watch
不关注
关注所有动态
仅关注版本发行动态
关注但不提醒动态
10
Star
3
Fork
74
src-openEuler
/
binutils
代码
Issues
5
Pull Requests
2
Wiki
统计
流水线
服务
JavaDoc
PHPDoc
质量分析
Jenkins for Gitee
腾讯云托管
腾讯云 Serverless
悬镜安全
阿里云 SAE
Codeblitz
SBOM
我知道了,不再自动展开
更新失败,请稍后重试!
移除标识
内容风险标识
本任务被
标识为内容中包含有代码安全 Bug 、隐私泄露等敏感信息,仓库外成员不可访问
memleak in byte_get_little_endian
已完成
#I4G4X6
缺陷
fusiontest
创建于
2021-10-30 15:36
``` ==1418970==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x603000000150 at pc 0x0000005feafe bp 0x7ffd58788150 sp 0x7ffd58788148 READ of size 1 at 0x603000000150 thread T0 #0 0x5feafd in byte_get_little_endian /src/binutils-gdb/binutils/elfcomm.c:148:33 #1 0x5b29cf in process_mips_specific /src/binutils-gdb/binutils/./readelf.h:16773:33 #2 0x57a391 in process_arch_specific /src/binutils-gdb/binutils/./readelf.h:19719:14 #3 0x56522e in process_object /src/binutils-gdb/binutils/./readelf.h:20042:9 #4 0x558bdd in process_file /src/binutils-gdb/binutils/./readelf.h:20480:13 #5 0x558fc2 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_readelf.c:53:2 #6 0x45bb53 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15 #7 0x4472c2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6 #8 0x44cf66 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9 #9 0x476472 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10 #10 0x7f3dc6d52b26 in __libc_start_main (/lib64/libc.so.6+0x25b26) #11 0x423179 in _start (/root/oss-fuzz/build/out/binutils/fuzz_readelf+0x423179) DEDUP_TOKEN: byte_get_little_endian--process_mips_specific--process_arch_specific 0x603000000150 is located 0 bytes to the right of 32-byte region [0x603000000130,0x603000000150) allocated by thread T0 here: #0 0x52287d in malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3 #1 0x66909c in xmalloc /src/binutils-gdb/libiberty/./xmalloc.c:147:12 #2 0x5bf169 in cmalloc /src/binutils-gdb/binutils/dwarf.c:10230:10 #3 0x5b16b5 in process_mips_specific /src/binutils-gdb/binutils/./readelf.h:16697:15 #4 0x57a391 in process_arch_specific /src/binutils-gdb/binutils/./readelf.h:19719:14 #5 0x56522e in process_object /src/binutils-gdb/binutils/./readelf.h:20042:9 #6 0x558bdd in process_file /src/binutils-gdb/binutils/./readelf.h:20480:13 #7 0x558fc2 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_readelf.c:53:2 #8 0x45bb53 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15 #9 0x4472c2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6 #10 0x44cf66 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9 #11 0x476472 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10 #12 0x7f3dc6d52b26 in __libc_start_main (/lib64/libc.so.6+0x25b26) DEDUP_TOKEN: malloc--xmalloc--cmalloc SUMMARY: AddressSanitizer: heap-buffer-overflow /src/binutils-gdb/binutils/elfcomm.c:148:33 in byte_get_little_endian Shadow bytes around the buggy address: 0x0c067fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c067fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c067fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c067fff8000: fa fa 00 00 00 fa fa fa 00 00 00 fa fa fa 00 00 0x0c067fff8010: 00 fa fa fa 00 00 00 00 fa fa 00 00 00 00 fa fa =>0x0c067fff8020: 00 00 06 fa fa fa 00 00 00 00[fa]fa fa fa fa fa 0x0c067fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff8060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff8070: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==1418970==ABORTING ```
``` ==1418970==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x603000000150 at pc 0x0000005feafe bp 0x7ffd58788150 sp 0x7ffd58788148 READ of size 1 at 0x603000000150 thread T0 #0 0x5feafd in byte_get_little_endian /src/binutils-gdb/binutils/elfcomm.c:148:33 #1 0x5b29cf in process_mips_specific /src/binutils-gdb/binutils/./readelf.h:16773:33 #2 0x57a391 in process_arch_specific /src/binutils-gdb/binutils/./readelf.h:19719:14 #3 0x56522e in process_object /src/binutils-gdb/binutils/./readelf.h:20042:9 #4 0x558bdd in process_file /src/binutils-gdb/binutils/./readelf.h:20480:13 #5 0x558fc2 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_readelf.c:53:2 #6 0x45bb53 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15 #7 0x4472c2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6 #8 0x44cf66 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9 #9 0x476472 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10 #10 0x7f3dc6d52b26 in __libc_start_main (/lib64/libc.so.6+0x25b26) #11 0x423179 in _start (/root/oss-fuzz/build/out/binutils/fuzz_readelf+0x423179) DEDUP_TOKEN: byte_get_little_endian--process_mips_specific--process_arch_specific 0x603000000150 is located 0 bytes to the right of 32-byte region [0x603000000130,0x603000000150) allocated by thread T0 here: #0 0x52287d in malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3 #1 0x66909c in xmalloc /src/binutils-gdb/libiberty/./xmalloc.c:147:12 #2 0x5bf169 in cmalloc /src/binutils-gdb/binutils/dwarf.c:10230:10 #3 0x5b16b5 in process_mips_specific /src/binutils-gdb/binutils/./readelf.h:16697:15 #4 0x57a391 in process_arch_specific /src/binutils-gdb/binutils/./readelf.h:19719:14 #5 0x56522e in process_object /src/binutils-gdb/binutils/./readelf.h:20042:9 #6 0x558bdd in process_file /src/binutils-gdb/binutils/./readelf.h:20480:13 #7 0x558fc2 in LLVMFuzzerTestOneInput /src/binutils-gdb/binutils/fuzz_readelf.c:53:2 #8 0x45bb53 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15 #9 0x4472c2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6 #10 0x44cf66 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9 #11 0x476472 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10 #12 0x7f3dc6d52b26 in __libc_start_main (/lib64/libc.so.6+0x25b26) DEDUP_TOKEN: malloc--xmalloc--cmalloc SUMMARY: AddressSanitizer: heap-buffer-overflow /src/binutils-gdb/binutils/elfcomm.c:148:33 in byte_get_little_endian Shadow bytes around the buggy address: 0x0c067fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c067fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c067fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c067fff8000: fa fa 00 00 00 fa fa fa 00 00 00 fa fa fa 00 00 0x0c067fff8010: 00 fa fa fa 00 00 00 00 fa fa 00 00 00 00 fa fa =>0x0c067fff8020: 00 00 06 fa fa fa 00 00 00 00[fa]fa fa fa fa fa 0x0c067fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff8060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c067fff8070: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==1418970==ABORTING ```
附件
fusiontest-testcase-fuzz_readelf-202110300004
(513 Bytes)
下载
fusiontest
2021-10-30 15:36
评论 (
3
)
登录
后才可以发表评论
状态
已完成
待办的
已挂起
修复中
已确认
已完成
已验收
已取消
负责人
未设置
标签
sig/Base-service
未设置
项目
未立项任务
未立项任务
里程碑
openEuler 20.03-LTS-SP1
未关联里程碑
Pull Requests
未关联
未关联
关联的 Pull Requests 被合并后可能会关闭此 issue
分支
未关联
分支 (29)
标签 (39)
master
openEuler-22.03-LTS-SP4
openEuler-24.03-LTS
openEuler-24.03-LTS-SP2
openEuler-24.03-LTS-Next
openEuler-25.03
openEuler-25.09
openEuler-22.03-LTS-SP3
openEuler-20.03-LTS-SP4
openEuler-24.03-LTS-SP1
openEuler-22.03-LTS-SP1
openEuler-24.09
openEuler-22.03-LTS-Next
openEuler-22.03-LTS-SP2
openEuler-22.03-LTS
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP3
openEuler-23.09
openEuler-23.03
openEuler-20.03-LTS-Next
openEuler-22.03-LTS-LoongArch
openEuler-22.09
openEuler-20.03-LTS
openEuler-20.03-LTS-SP2
openEuler-21.09
openEuler-21.03
openEuler-20.09
openEuler1.0-base
openEuler1.0
openEuler-24.03-LTS-update-20250912
openEuler-20.03-LTS-SP4-update-20250905
openEuler-22.03-LTS-SP3-update-20250905
openEuler-22.03-LTS-SP4-update-20250905
openEuler-24.03-LTS-SP1-update-20250905
openEuler-24.03-LTS-SP2-update-20250801
openEuler-24.03-LTS-SP2-release
openEuler-20.03-LTS-SP4-update-20250530
openEuler-22.03-LTS-SP3-update-20250530
openEuler-22.03-LTS-SP4-update-20250530
openEuler-24.03-LTS-update-20250530
openEuler-24.03-LTS-SP1-update-20250530
openEuler-25.03-release
openEuler-24.03-LTS-SP1-update-20250214
openEuler-20.03-LTS-SP4-update-20250214
openEuler-24.03-LTS-update-20250208
openEuler-22.03-LTS-SP3-update-20250208
openEuler-22.03-LTS-SP4-update-20250208
openEuler-24.03-LTS-SP1-release
openEuler-22.03-LTS-SP4-release
openEuler-24.09-release
openEuler-24.03-LTS-release
openEuler-22.03-LTS-SP3-release
openEuler-23.09-rc5
openEuler-22.03-LTS-SP1-release
openEuler-22.09-release
openEuler-22.09-rc5
openEuler-22.09-20220829
openEuler-22.03-LTS-20220331
openEuler-22.03-LTS-round5
openEuler-22.03-LTS-round3
openEuler-22.03-LTS-round2
openEuler-22.03-LTS-round1
openEuler-20.03-LTS-SP3-release
openEuler-20.03-LTS-SP2-20210624
openEuler-21.03-20210330
openEuler-20.09-20200928
openEuler-20.03-LTS-20200606
openEuler-20.03-LTS-tag
开始日期 - 截止日期
-
置顶选项
不置顶
置顶等级:高
置顶等级:中
置顶等级:低
优先级
不指定
严重
主要
次要
不重要
预计工期
(小时)
参与者(1)
1
https://gitee.com/src-openeuler/binutils.git
git@gitee.com:src-openeuler/binutils.git
src-openeuler
binutils
binutils
点此查找更多帮助
搜索帮助
Git 命令在线学习
如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
仓库举报
回到顶部
登录提示
该操作需登录 Gitee 帐号,请先登录后再操作。
立即登录
没有帐号,去注册
