[Bug binutils/23945] New: There is an illegal READ memory access at binu

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/23945] New: There is an illegal READ memory access at binu

From:	ganshuitao at gmail dot com
Subject:	[Bug binutils/23945] New: There is an illegal READ memory access at binutils/readelf.c:8028(function slurp_hppa_unwind_table) that could cause crash in binutils 2.31.
Date:	Sat, 01 Dec 2018 04:15:29 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=23945

            Bug ID: 23945
           Summary: There is an illegal READ memory access at
                    binutils/readelf.c:8028(function
                    slurp_hppa_unwind_table) that could cause crash in
                    binutils 2.31.
           Product: binutils
           Version: 2.31
            Status: UNCONFIRMED
          Severity: critical
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: ganshuitao at gmail dot com
  Target Milestone: ---

Created attachment 11425
  --> https://sourceware.org/bugzilla/attachment.cgi?id=11425&action=edit
Triggered by “./readelf -aW poc0”

version: binutils 2.31
Summary: 

There is an illegal READ memory access at binutils/readelf.c:8028(function
slurp_hppa_unwind_table) that could cause crash in binutils 2.31. 

Description:

The asan debug is as follows:

$./readelf -aW POC0

ASAN:DEADLYSIGNAL
=================================================================
==112614==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x7f41689057d9 bp 0x7fffc6885440 sp 0x7fffc6884ba0 T0)
==112614==The signal is caused by a READ memory access.
==112614==Hint: address points to the zero page.
    #0 0x7f41689057d8  (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x5a7d8)
    #1 0x55eb6edc3485 in slurp_hppa_unwind_table
/home/company/real/binutils-2.31/binutils/readelf.c:8028
    #2 0x55eb6edc3485 in hppa_process_unwind
/home/company/real/binutils-2.31/binutils/readelf.c:8115
    #3 0x55eb6ede985c in process_unwind
/home/company/real/binutils-2.31/binutils/readelf.c:9253
    #4 0x55eb6ede985c in process_object
/home/company/real/binutils-2.31/binutils/readelf.c:18822
    #5 0x55eb6ed9daa9 in process_file
/home/company/real/binutils-2.31/binutils/readelf.c:19259
    #6 0x55eb6ed9daa9 in main
/home/company/real/binutils-2.31/binutils/readelf.c:19318
    #7 0x7f41684ec1c0 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x211c0)
    #8 0x55eb6ed9e319 in _start
(/home/company/real/binutils-2.31/install_asan/bin/readelf+0x98319)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
(/usr/lib/x86_64-linux-gnu/libasan.so.4+0x5a7d8) 
==112614==ABORTING

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug binutils/23945] New: There is an illegal READ memory access at binutils/readelf.c:8028(function slurp_hppa_unwind_table) that could cause crash in binutils 2.31., ganshuitao at gmail dot com <=

Prev by Date: [Bug ld/23935] [Regression] ld.bfd does not rescan fat LTO archives to resolve plugin-added references
Next by Date: [Bug binutils/23946] New: There is an illegal READ memory access at binutils/readelf.c:7594(function slurp_ia64_unwind_table ) that could cause crash in binutils 2.31.
Previous by thread: [Bug binutils/23942] New: Heap overflow bug in bfd_elf32_swap_phdr_in
Next by thread: [Bug binutils/23946] New: There is an illegal READ memory access at binutils/readelf.c:7594(function slurp_ia64_unwind_table ) that could cause crash in binutils 2.31.
Index(es):
- Date
- Thread