[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/25842] New: Null pointer dereference in nm-new
From: |
nguyenmanhdung1710 at gmail dot com |
Subject: |
[Bug binutils/25842] New: Null pointer dereference in nm-new |
Date: |
Thu, 16 Apr 2020 21:01:46 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=25842
Bug ID: 25842
Summary: Null pointer dereference in nm-new
Product: binutils
Version: 2.35 (HEAD)
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: nguyenmanhdung1710 at gmail dot com
Target Milestone: ---
Created attachment 12473
--> https://sourceware.org/bugzilla/attachment.cgi?id=12473&action=edit
PoC
Hi,
A null pointer dereference was discovered in nm-new (the latest commit 1619720)
in _bfd_elf_get_symbol_version_string(), that can cause a denial of service via
a crafted file.
To reproduce: nm-new -D PoC
ASAN says:
==23854==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x7f2efc1af04e bp 0x7ffc621e9b10 sp 0x7ffc621e92a0 T0)
#0 0x7f2efc1af04d (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x4704d)
#1 0x49ed5c in _bfd_elf_get_symbol_version_string ../../bfd/elf.c:1914
#2 0x403afe in print_symname ../../binutils/nm.c:420
#3 0x408c37 in print_symbol_info_bsd ../../binutils/nm.c:1623
#4 0x406187 in print_symbol ../../binutils/nm.c:902
#5 0x407117 in print_symbols ../../binutils/nm.c:1102
#6 0x407a2d in display_rel_file ../../binutils/nm.c:1226
#7 0x4081c5 in display_file ../../binutils/nm.c:1393
#8 0x409c6a in main ../../binutils/nm.c:1874
#9 0x7f2efbbba82f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#10 0x402ce8 in _start
(/home/dungnguyen/PoCs/binutils_f717994/nm-new-1619720+0x402ce8)
Thanks,
Manh Dung
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug binutils/25842] New: Null pointer dereference in nm-new,
nguyenmanhdung1710 at gmail dot com <=