[Bug demangler/98916] New: stack overflow in cxxfilt, str_buf_reserve, rust-demangle.c:1432
featherrain26 at gmail dot com
gcc-bugzilla@gcc.gnu.org
Mon Feb 1 11:50:05 GMT 2021
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98916
Bug ID: 98916
Summary: stack overflow in cxxfilt, str_buf_reserve,
rust-demangle.c:1432
Product: gcc
Version: 11.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: demangler
Assignee: unassigned at gcc dot gnu.org
Reporter: featherrain26 at gmail dot com
Target Milestone: ---
Created attachment 50107
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=50107&action=edit
POC
Hi, there.
There is a stack overflow in the newest version(2eda57ef) of cxxfilt,
rust-demangle.c:1432 related to path demangling, which directly causes a
segmentation fault.
System information:
Description: Ubuntu 16.04.6 LTS
Release: 16.04
Codename: xenial
gcc version: 5.4
To reproduce, the compile flag is:
CFLAGS="-g -O0 -fsanitize=address" ./configure;make
then run
cxxfilt < poc
Here is the trace reported by ASAN:
==6400==ERROR: AddressSanitizer: stack-overflow on address 0x7ffedc582fe8 (pc
0x000000969e78 bp 0x7ffedcd81750 sp 0x7ffedc582fe8 T0)
#0 0x969e77 in str_buf_reserve ../../libiberty/rust-demangle.c:1432
#1 0x969e77 in str_buf_append ../../libiberty/rust-demangle.c:1486
#2 0x969e77 in str_buf_demangle_callback
../../libiberty/rust-demangle.c:1497
#3 0x7ffedcd8174f (<unknown module>)
SUMMARY: AddressSanitizer: stack-overflow ../../libiberty/rust-demangle.c:1432
str_buf_reserve
==6400==ABORTING
More information about the Gcc-bugs
mailing list