[Bug binutils/28421] New: SEGV in objdump at dump_reloc

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/28421] New: SEGV in objdump at dump_reloc_set objdump.c:46

From:	irfanariq at kaist dot ac.kr
Subject:	[Bug binutils/28421] New: SEGV in objdump at dump_reloc_set objdump.c:4636
Date:	Tue, 05 Oct 2021 17:42:06 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=28421

            Bug ID: 28421
           Summary: SEGV in objdump at dump_reloc_set objdump.c:4636
           Product: binutils
           Version: unspecified
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: irfanariq at kaist dot ac.kr
  Target Milestone: ---

Created attachment 13704
  --> https://sourceware.org/bugzilla/attachment.cgi?id=13704&action=edit
poc and full stack trace

Hello,

We are currently working on fuzz testing feature, and we found a **SEGV** on
`objdump`.

The stack traces are as follow:
```st
==4014==ERROR: AddressSanitizer: SEGV on unknown address 0x000005555550 (pc
0x561292377be8 bp 0x7ffff7d72700 sp 0x7ffff7d724c0 T0)
==4014==The signal is caused by a READ memory access.
    #0 0x561292377be7 in dump_reloc_set objdump.c:4636
    #1 0x561292378721 in dump_relocs_in_section objdump.c:4768
    #2 0x56129283c3c0 in bfd_map_over_sections
.../binutils-git/bfd/section.c:1383
    #3 0x561292378767 in dump_relocs objdump.c:4777
    #4 0x561292379672 in dump_bfd objdump.c:5000
    #5 0x561292379994 in display_object_bfd objdump.c:5068
    #6 0x561292379d2f in display_any_bfd objdump.c:5158
    #7 0x561292379da6 in display_file objdump.c:5179
    #8 0x56129237b15a in main objdump.c:5529
    #9 0x7fdb7b7e4bf6 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)
    #10 0x561292361ac9 in _start
(.../binutils-git/install_asan/bin/objdump+0xdaeac9)
```
The full stack trace is attached.

**Step to reproduce**

We configured `objdump` using `CFLAGS="-g -O0 -fsanitize=address" ./configure
--prefix=$(pwd)/ --disable-shared --enable-targets=all` and build it using
`make -j 10`, and run it with:

```
./objdump -x <attached file>
```
The input file is attached.

**Environment**
- OS: Ubuntu 18.04.5 LTS
- GCC version: gcc 7.5.0
- binutils version: commit (98ca73a) of master branch on sourceware git
([link](https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=98ca73afe51e1e921915c37f242c88d4d445841c))

Thank you.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug binutils/28421] New: SEGV in objdump at dump_reloc_set objdump.c:4636, irfanariq at kaist dot ac.kr <=
- [Bug binutils/28421] SEGV in objdump at dump_reloc_set objdump.c:4636, amodra at gmail dot com, 2021/10/06

Prev by Date: [Bug binutils/28420] New: segv in objdump at disassemble_bytes objdump.c:3059
Next by Date: [Bug binutils/28422] New: use-after-free in objdump at get_build_id (./bfd/opncls.c:1864)
Previous by thread: [Bug binutils/28420] New: segv in objdump at disassemble_bytes objdump.c:3059
Next by thread: [Bug binutils/28421] SEGV in objdump at dump_reloc_set objdump.c:4636
Index(es):
- Date
- Thread