Closed catenacyber closed 1 year ago
/cc @ianlancetaylor
Another sample : https://go.dev/play/p/fOe3ZHI2RQ8
Stack trace is
panic: runtime error: makeslice: len out of range
goroutine 1 [running]:
debug/elf.(*Section).Data(0xc0000d4000)
/usr/local/go-faketime/src/debug/elf/file.go:105 +0x30
debug/elf.NewFile({0x4d0928?, 0xc0000aa0c0})
/usr/local/go-faketime/src/debug/elf/file.go:459 +0x1252
main.main()
/tmp/sandbox4242417514/prog.go:12 +0x178
Program exited.
Change https://go.dev/cl/408679 mentions this issue: debug/elf: use saferio to read section data
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
Run https://go.dev/play/p/ZigUarZbe1S
What did you expect to see?
The program finishing and printing somme dummy data
What did you see instead?
Only
Heap profiling shows 3Gbyte allocation indebug/elf.(*Section).Data /usr/local/go/src/debug/elf/file.go:105
Found by https://github.com/catenacyber/ngolo-fuzzing on oss-fuzz https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46175
cc @ianlancetaylor as you fixed the latest oom