[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/13622] New: readelf crashes when reading binary with shred
From: |
address@hidden |
Subject: |
[Bug binutils/13622] New: readelf crashes when reading binary with shredded section header offset |
Date: |
Wed, 25 Jan 2012 01:47:25 +0000 |
http://sourceware.org/bugzilla/show_bug.cgi?id=13622
Bug #: 13622
Summary: readelf crashes when reading binary with shredded
section header offset
Product: binutils
Version: 2.22
Status: NEW
Severity: normal
Priority: P2
Component: binutils
AssignedTo: address@hidden
ReportedBy: address@hidden
Classification: Unclassified
When readelf tries to read a section header that is paste the size of the
target ELF it crashes with a SIGABRT.
Steps to reproduce:
1.) Trash the section header offset of any elf (i.e. write 0xFF @ 0x21 for
32bit ELF)
2.) Run readelf -a elf_with_corrupted_header
readelf: Error: Unable to read in 0x28 bytes of section headers
ELF Header:
<snip>
Start of section headers: 39288 (bytes into file)
<snip>
readelf: Error: Unable to read in 0x4d8 bytes of section headers
readelf: Error: Section headers are not available!
Program received signal SIGABRT, Aborted.
RAX: 0x0000000000000000
=> 0x7ffff7854935 <raise+53>: cmp rax,0xfffffffffffff000
0x7ffff785493b <raise+59>: ja 0x7ffff785494f <raise+79>
0x7ffff785493d <raise+61>: repz ret
0x7ffff785493f <raise+63>: nop
0x7ffff7854940 <raise+64>: test eax,eax
0x7ffff7854942 <raise+66>: jg 0x7ffff7854925 <raise+37>
0x7ffff7854944 <raise+68>: test eax,0x7fffffff
0x7ffff7854949 <raise+73>: je 0x7ffff7854960 <raise+96>
0x00007ffff7854935 in raise () from /lib/libc.so.6
gdb$ bt
#0 0x00007ffff7854935 in raise () from /lib/libc.so.6
#1 0x00007ffff7855dab in abort () from /lib/libc.so.6
#2 0x000000000041de99 in process_section_groups (file=<optimized out>) at
/tmp/binutils/src/binutils/readelf.c:4964
#3 process_object (file_name=<optimized out>, file=0x65a060) at
/tmp/binutils/src/binutils/readelf.c:13283
#4 0x0000000000401dc4 in process_file (file_name=0x7fffffffe91a "a.out") at
/tmp/binutils/src/binutils/readelf.c:13659
#5 main (argc=0x3, argv=0x7fffffffe5e8) at
/tmp/binutils/src/binutils/readelf.c:13724
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
- [Bug binutils/13622] New: readelf crashes when reading binary with shredded section header offset,
address@hidden <=
- [Bug binutils/13622] readelf crashes when reading binary with shredded section header offset, address@hidden, 2012/01/24
- [Bug binutils/13622] readelf crashes when reading binary with shredded section header offset, nickc at redhat dot com, 2012/01/25
- [Bug binutils/13622] readelf crashes when reading binary with shredded section header offset, nickc at redhat dot com, 2012/01/25
- [Bug binutils/13622] readelf crashes when reading binary with shredded section header offset, address@hidden, 2012/01/25
- [Bug binutils/13622] readelf crashes when reading binary with shredded section header offset, nickc at redhat dot com, 2012/01/26
- [Bug binutils/13622] readelf crashes when reading binary with shredded section header offset, cvs-commit at gcc dot gnu.org, 2012/01/26
- [Bug binutils/13622] readelf crashes when reading binary with shredded section header offset, cvs-commit at gcc dot gnu.org, 2012/01/30