public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "zyt1024 at bupt dot edu.cn" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug c++/99189] New: cxxfilt may exist a uaf Date: Mon, 22 Feb 2021 03:06:10 +0000 [thread overview] Message-ID: <bug-99189-4@http.gcc.gnu.org/bugzilla/> (raw) https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99189 Bug ID: 99189 Summary: cxxfilt may exist a uaf Product: gcc Version: unknown Status: UNCONFIRMED Severity: normal Priority: P3 Component: c++ Assignee: unassigned at gcc dot gnu.org Reporter: zyt1024 at bupt dot edu.cn Target Milestone: --- In the version 2.26 of cxxfilt, Valgrind reports an invalid write of size 4. # valgrind ./cxxfilt `cat cxxfilt_12.29-12.30-24h-run3/error_level/level-2-26-g64.txt` ==24019== Memcheck, a memory error detector ==24019== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==24019== Using Valgrind-3.16.1 and LibVEX; rerun with -h for copyright info ==24019== Command: ./cxxfilt ._Q0AEQW__Jd3__^xewx_v6_$_[_O_2C__: ==24019== ==24019== Invalid write of size 4 ==24019== at 0x813A8E5: register_Btype (cplus-dem.c:4319) ==24019== by 0x8139F8C: demangle_fund_type (cplus-dem.c:4015) ==24019== by 0x813984F: do_type (cplus-dem.c:3811) ==24019== by 0x813A5B4: do_arg (cplus-dem.c:4231) ==24019== by 0x813ADA9: demangle_args (cplus-dem.c:4514) ==24019== by 0x8135A90: demangle_signature (cplus-dem.c:1642) ==24019== by 0x8134D07: internal_cplus_demangle (cplus-dem.c:1203) ==24019== by 0x8134466: cplus_demangle (cplus-dem.c:886) ==24019== by 0x8049A23: demangle_it (cxxfilt.c:62) ==24019== by 0x8049E21: main (cxxfilt.c:227) ==24019== Address 0x0 is not stack'd, malloc'd or (recently) free'd ==24019== ==24019== ..
next reply other threads:[~2021-02-22 3:06 UTC|newest] Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-02-22 3:06 zyt1024 at bupt dot edu.cn [this message] 2021-02-22 9:53 ` [Bug demangler/99189] " marxin at gcc dot gnu.org 2021-02-22 10:01 ` zyt1024 at bupt dot edu.cn 2021-02-22 10:09 ` marxin at gcc dot gnu.org
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-99189-4@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).