[Bug binutils/28563] New: problem in readelf/strip

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/28563] New: problem in readelf/strip

From:	1360434810 at qq dot com
Subject:	[Bug binutils/28563] New: problem in readelf/strip
Date:	Mon, 08 Nov 2021 14:40:01 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=28563

            Bug ID: 28563
           Summary: problem in readelf/strip
           Product: binutils
           Version: 2.30
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: 1360434810 at qq dot com
  Target Milestone: ---

Created attachment 13768
  --> https://sourceware.org/bugzilla/attachment.cgi?id=13768&action=edit
inputs

1. problem 1
- target: readelf
- file: readelf_new_seed_1/1ccrash_0_000074
- reproduce: readelf [input] -a
- Backtrace: 
```
#0  0xf7fd5079 in __kernel_vsyscall ()
#1  0xf7e10542 in raise () from /lib32/libc.so.6
#2  0xf7e11961 in abort () from /lib32/libc.so.6
#3  0xf7e0875b in ?? () from /lib32/libc.so.6
#4  0xf7e087b9 in __assert_fail () from /lib32/libc.so.6
#5  0x08054f29 in find_section (filedata=filedata@entry=0x82275a0, 
    name=name@entry=0x81d260f ".MIPS.abiflags") at readelf.c:658
#6  0x080d5981 in process_mips_specific (filedata=filedata@entry=0x82275a0) at
readelf.c:15538
#7  0x080fb1b1 in process_arch_specific (filedata=0x82275a0) at readelf.c:18371
#8  process_object (filedata=filedata@entry=0x82275a0) at readelf.c:18681
#9  0x0804ba34 in process_file (file_name=<optimized out>) at readelf.c:19084
#10 main (argc=3, argv=0xffffd254) at readelf.c:19144
```

2. problem 2
- target: strip
- file: strip_new_seed_1/crash_15_003353
- reproduce: strip [input] -o tmp
- Backtrace: 
```
#0  0xf7fd5079 in __kernel_vsyscall ()
#1  0xf7e0b542 in raise () from /lib32/libc.so.6
#2  0xf7e0c961 in abort () from /lib32/libc.so.6
#3  0xf7e4d493 in ?? () from /lib32/libc.so.6
#4  0xf7e4d52c in __libc_fatal () from /lib32/libc.so.6
#5  0xf7e4defa in ?? () from /lib32/libc.so.6
#6  0xf7e51d55 in _IO_sgetn () from /lib32/libc.so.6
#7  0xf7e44078 in fread () from /lib32/libc.so.6
#8  0x083b3733 in fread (__stream=0x8544480, __n=32, __size=1, __ptr=<optimized
out>)
    at /usr/include/bits/stdio2.h:295
#9  cache_bread_1 (nbytes=<optimized out>, buf=<optimized out>, abfd=0x85423c0)
at cache.c:337
#10 cache_bread (abfd=0x85423c0, buf=0xffffce50, nbytes=32) at cache.c:371
#11 0x08118f09 in bfd_bread (ptr=0xffffce50, size=<optimized out>,
abfd=0x85423c0) at bfdio.c:196
#12 0x082e476b in bfd_elf32_object_p (abfd=0x85423c0) at elfcode.h:790
#13 0x0811e27f in bfd_check_format_matches (abfd=0x85423c0, format=bfd_object, 
    matching=0xffffcfec) at format.c:311
#14 0x08073483 in copy_file (
    input_filename=0xffffd3e9
"/home/zkp/afl-utils/valid_strip_all/strip_new_seed_1:crash_15_003353", 
    output_filename=output_filename@entry=0x8542380
"/home/zkp/afl-utils/valid_strip_all/st9HMsFc", input_target=<optimized out>,
output_target=0x0, input_arch=0x0) at objcopy.c:3503
#15 0x08057657 in strip_main (argv=<optimized out>, argc=<optimized out>) at
objcopy.c:4470
#16 main (argc=2, argv=0xffffd264) at objcopy.c:5580
```

3. problem 3
- target: strip
- file: strip_new_seed_1/crash_15_003354
- reproduce: strip [input] -o tmp
- Backtrace: 
```
#0  0xf7e440d5 in fread () from /lib32/libc.so.6
#1  0x083b3733 in fread (__stream=0x8544480, __n=32, __size=1, __ptr=<optimized
out>)
    at /usr/include/bits/stdio2.h:295
#2  cache_bread_1 (nbytes=<optimized out>, buf=<optimized out>, abfd=0x85423c0)
at cache.c:337
#3  cache_bread (abfd=0x85423c0, buf=0xffffce50, nbytes=32) at cache.c:371
#4  0x08118f09 in bfd_bread (ptr=0xffffce50, size=<optimized out>,
abfd=0x85423c0) at bfdio.c:196
#5  0x082e476b in bfd_elf32_object_p (abfd=0x85423c0) at elfcode.h:790
#6  0x0811e27f in bfd_check_format_matches (abfd=0x85423c0, format=bfd_object, 
    matching=0xffffcfec) at format.c:311
#7  0x08073483 in copy_file (
    input_filename=0xffffd3e9
"/home/zkp/afl-utils/valid_strip_all/strip_new_seed_1:crash_15_003354", 
    output_filename=output_filename@entry=0x8542380
"/home/zkp/afl-utils/valid_strip_all/st2XC6oE", input_target=<optimized out>,
output_target=0x0, input_arch=0x0) at objcopy.c:3503
#8  0x08057657 in strip_main (argv=<optimized out>, argc=<optimized out>) at
objcopy.c:4470
#9  main (argc=2, argv=0xffffd264) at objcopy.c:5580
```


Thank you!

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug binutils/28563] New: problem in readelf/strip, 1360434810 at qq dot com <=
- [Bug binutils/28563] problem in readelf/strip, amodra at gmail dot com, 2021/11/08

Prev by Date: [Bug binutils/28543] readelf entered an infinite loop
Next by Date: [Bug binutils/28564] New: sysdump: stack-buffer-overflow in sysdump.c:65
Previous by thread: [Bug gold/20693] kernel build error on ppc64le
Next by thread: [Bug binutils/28563] problem in readelf/strip
Index(es):
- Date
- Thread