Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

debug/pe: oom when reading PE file generated by fuzzing #52350

Closed
catenacyber opened this issue Apr 14, 2022 · 1 comment
Closed

debug/pe: oom when reading PE file generated by fuzzing #52350

catenacyber opened this issue Apr 14, 2022 · 1 comment
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Milestone
Go1.19

Comments

@catenacyber
Copy link
Contributor

What version of Go are you using (go version)?

$ go version
go version go1.17.6 darwin/amd64

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/Users/catena/Library/Caches/go-build"
GOENV="/Users/catena/Library/Application Support/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="darwin"
GOINSECURE=""
GOMODCACHE="/Users/catena/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="darwin"
GOPATH="/Users/catena/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/darwin_amd64"
GOVCS=""
GOVERSION="go1.17.6"
GCCGO="gccgo"
AR="ar"
CC="clang"
CXX="clang++"
CGO_ENABLED="1"
GOMOD="/Users/catena/go/src/github.com/catenacyber/go/src/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -arch x86_64 -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=/var/folders/pp/dc1dtf9x2js3v0jx_m010nqr0000gn/T/go-build4237848497=/tmp/go-build -gno-record-gcc-switches -fno-common"
GOROOT/bin/go version: go version go1.17.6 darwin/amd64
GOROOT/bin/go tool compile -V: compile version go1.17.6
uname -v: Darwin Kernel Version 21.3.0: Wed Jan  5 21:37:58 PST 2022; root:xnu-8019.80.24~20/RELEASE_X86_64
ProductName:	macOS
ProductVersion:	12.2.1
BuildVersion:	21D62
lldb --version: lldb-1316.0.9.41
Apple Swift version 5.6 (swiftlang-5.6.0.323.62 clang-1316.0.20.8)
gdb --version: GNU gdb (GDB) 9.1

What did you do?

Run https://go.dev/play/p/zsKoC7kTEe9

What did you expect to see?

The program finishing and printing somme dummy data, without having allocated too much space

What did you see instead?

Hello, fail to read string table: unexpected EOFheap : 1303216

Running go tool pprof -http=127.0.0.1:8001 toto.heap I see that 1.5 GByte was allocated from

debug/pe.readStringTable
/usr/local/go/src/debug/pe/string.go

  Total:      1.51GB     1.51GB (flat, cum) 99.76%
     42            .          .           	// string table length includes itself 
     43            .          .           	if l <= 4 { 
     44            .          .           		return nil, nil 
     45            .          .           	} 
     46            .          .           	l -= 4 
     47       1.51GB     1.51GB           	buf := make([]byte, l)

Is this interesting cf #47653 ?

Found by https://github.com/catenacyber/ngolo-fuzzing on oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46148
@gopherbot
Copy link

Change https://go.dev/cl/400378 mentions this issue: debug/pe: read string table in 10M chunks

@dmitshur dmitshur added the NeedsFix The path to resolution is known, but the work has not been done. label Apr 14, 2022
@dmitshur dmitshur added this to the Go1.19 milestone Apr 14, 2022
@catenacyber catenacyber mentioned this issue Jun 1, 2022
Closed
@catenacyber catenacyber mentioned this issue Jun 24, 2022
Closed
@golang golang locked and limited conversation to collaborators Apr 15, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Projects
None yet
Milestone
Go1.19
Development

No branches or pull requests
3 participants
@dmitshur @gopherbot @catenacyber