[Bug binutils/24871] New: readelf: SEGV on unknown address in dump_ia64_unwind function

[rmirzazadeh at gmail dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=24871

            Bug ID: 24871
           Summary: readelf: SEGV on unknown address in dump_ia64_unwind
                    function
           Product: binutils
           Version: 2.32
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: rmirzazadeh at gmail dot com
  Target Milestone: ---

Created attachment 11930
  --> https://sourceware.org/bugzilla/attachment.cgi?id=11930&action=edit
readelf poc segfault file

Hi,

During my fuzzing experiment, I got this segfault error. I attached the PoC
file. Here is the output of AddressSanitizer.

AddressSanitizer:DEADLYSIGNAL
=================================================================
==6603==ERROR: AddressSanitizer: SEGV on unknown address 0x6170004af7d0 (pc
0x000000587dad bp 0x7ffe48b96190 sp 0x7ffe48b95d00 T0)
==6603==The signal is caused by a READ memory access.
    #0 0x587dac in dump_ia64_unwind binutils-gdb/binutils/readelf.c:7569:12
    #1 0x57b1cb in ia64_process_unwind binutils-gdb/binutils/readelf.c:7894:6
    #2 0x540cc9 in process_unwind binutils-gdb/binutils/readelf.c:9423:14
    #3 0x52bda4 in process_object binutils-gdb/binutils/readelf.c:19787:9
    #4 0x51b057 in process_file binutils-gdb/binutils/readelf.c:20234:13
    #5 0x51985f in main binutils-gdb/binutils/readelf.c:20293:11
    #6 0x7f8b3087b82f in __libc_start_main
/build/glibc-LK5gWL/glibc-2.23/csu/../csu/libc-start.c:291
    #7 0x41a7b8 in _start (binutils-gdb/binutils/readelf+0x41a7b8)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV binutils-gdb/binutils/readelf.c:7569:12 in
dump_ia64_unwind
==6603==ABORTING

-- 
You are receiving this mail because:
You are on the CC list for the bug.