[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/21879] New: Denial of Service in Demangle
From: |
security-tps at google dot com |
Subject: |
[Bug binutils/21879] New: Denial of Service in Demangle |
Date: |
Tue, 01 Aug 2017 20:01:58 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=21879
Bug ID: 21879
Summary: Denial of Service in Demangle
Product: binutils
Version: 2.28
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: security-tps at google dot com
Target Milestone: ---
Created attachment 10303
--> https://sourceware.org/bugzilla/attachment.cgi?id=10303&action=edit
binutils docker file
Hello binutils team,
As part of our fuzzing efforts at Google, we have identified an issue affecting
binutils (tested with revision 2.28.51 (git: branch master, commit
1b19ec971047a074486e6b775dc1969aa13f30fb)). To reproduce we are attaching a
dockerfile to help compiling the project with the LLVM taking advantage of the
sanitizers that it offers.
Attached is a dockerfile that can be used for reproduction. More information
about how to use the dockerfile can be found here:
https://docs.docker.com/engine/reference/builder/
TL;DR instructions:
mkdir binutils
cp Dockerfile /path/to/binutils
docker build --no-cache /path/to/binutils
docker run -it <image id>
(from another terminal, outside the container):
docker cp /path/to/attached/reproducer <container id>:/fuzzing/
https://docs.docker.com/engine/reference/commandline/cp/
(back inside the container) /fuzzing/repro.sh /fuzzing/reproducer
Alternatively, and depending on the bug, you could use gcc, valgrind or other
instrumentation tools to aid in the investigation.
The sanitizer error that we encountered is here:
none, the program exits after a few minutes
We will gladly work with you so you can successfully confirm and reproduce this
issue. Do let us know if you have any feedback surrounding the documentation.
Once you have reproduced the issue, we’d appreciate to learn your expected
timeline for an update to be released. With any fix, please attribute the
report to “Google Autofuzz project”.
We are also pleased to inform you that your project is eligible for inclusion
to the OSS-Fuzz project, which can provide additional continuous fuzzing, and
encourage you to investigate integration options
(https://github.com/google/oss-fuzz/blob/master/docs/new_project_guide.md).
Don’t hesitate to let us know if you have any questions!
Google AutoFuzz Team
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug binutils/21879] New: Denial of Service in Demangle,
security-tps at google dot com <=