* timeout in mmo_get_symbols
@ 2022-08-17 7:08 Alan Modra
2022-08-17 11:29 ` Hans-Peter Nilsson
0 siblings, 1 reply; 3+ messages in thread
From: Alan Modra @ 2022-08-17 7:08 UTC (permalink / raw)
To: binutils
Fix mmo_get_byte to return a fail-safe value, not just on the first
call with a read error but on subsequent calls too.
* mmo.c (mmo_get_byte): Return the fail-safe value on every
call after a read error.
diff --git a/bfd/mmo.c b/bfd/mmo.c
index 30af28c8bdc..80b5cb6b4ca 100644
--- a/bfd/mmo.c
+++ b/bfd/mmo.c
@@ -1180,15 +1180,14 @@ mmo_get_byte (bfd *abfd)
if (abfd->tdata.mmo_data->byte_no == 0)
{
- if (! abfd->tdata.mmo_data->have_error
+ if (!abfd->tdata.mmo_data->have_error
&& bfd_bread (abfd->tdata.mmo_data->buf, 4, abfd) != 4)
- {
- abfd->tdata.mmo_data->have_error = true;
+ abfd->tdata.mmo_data->have_error = true;
- /* A value somewhat safe against tripping on some inconsistency
- when mopping up after this error. */
- return 128;
- }
+ /* A value somewhat safe against tripping on some inconsistency
+ when mopping up after this error. */
+ if (abfd->tdata.mmo_data->have_error)
+ return 128;
}
retval = abfd->tdata.mmo_data->buf[abfd->tdata.mmo_data->byte_no];
--
Alan Modra
Australia Development Lab, IBM
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: timeout in mmo_get_symbols
2022-08-17 7:08 timeout in mmo_get_symbols Alan Modra
@ 2022-08-17 11:29 ` Hans-Peter Nilsson
2022-08-17 13:42 ` Alan Modra
0 siblings, 1 reply; 3+ messages in thread
From: Hans-Peter Nilsson @ 2022-08-17 11:29 UTC (permalink / raw)
To: Alan Modra; +Cc: binutils
Thanks for the fuzzer mmo fixes.
I have to ask, about the subject, "timeout"?
Did this bug perhaps cause an infinite loop with some fuzzed
object? Is there a story to tell?
On Wed, 17 Aug 2022, Alan Modra via Binutils wrote:
> Fix mmo_get_byte to return a fail-safe value, not just on the first
> call with a read error but on subsequent calls too.
Oopsie! :/
>
> * mmo.c (mmo_get_byte): Return the fail-safe value on every
> call after a read error.
brgds, H-P
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: timeout in mmo_get_symbols
2022-08-17 11:29 ` Hans-Peter Nilsson
@ 2022-08-17 13:42 ` Alan Modra
0 siblings, 0 replies; 3+ messages in thread
From: Alan Modra @ 2022-08-17 13:42 UTC (permalink / raw)
To: Hans-Peter Nilsson; +Cc: binutils
[-- Attachment #1: Type: text/plain, Size: 469 bytes --]
On Wed, Aug 17, 2022 at 07:29:03AM -0400, Hans-Peter Nilsson wrote:
> Thanks for the fuzzer mmo fixes.
> I have to ask, about the subject, "timeout"?
> Did this bug perhaps cause an infinite loop with some fuzzed
> object?
Yes. https://oss-fuzz.com/testcase-detail/5712821022752768
(That link might not work until their next build when it should be
seen to be fixed and thus open to the public.)
Testcase attached too.
--
Alan Modra
Australia Development Lab, IBM
[-- Attachment #2: clusterfuzz-testcase-minimized-fuzz_dwarf-5712821022752768 --]
[-- Type: application/octet-stream, Size: 708 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-08-17 13:42 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-17 7:08 timeout in mmo_get_symbols Alan Modra
2022-08-17 11:29 ` Hans-Peter Nilsson
2022-08-17 13:42 ` Alan Modra
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).