bug-binutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/28763] New: SIGSEGV during processing of program headers


From: address@hidden
Subject: [Bug binutils/28763] New: SIGSEGV during processing of program headers
Date: Tue, 11 Jan 2022 13:49:53 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=28763

            Bug ID: 28763
           Summary: SIGSEGV during processing of program headers
           Product: binutils
           Version: 2.37
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: nils_bars@t-online.de
  Target Milestone: ---

Created attachment 13899
  --> https://sourceware.org/bugzilla/attachment.cgi?id=13899&action=edit
The crashing input alongside a script to automatically reproduce the bug.

SIGSEGV during processing of program headers

# Description
During processing of the attached elf file via
```
readelf -a
$PWD/02f5bec64cda36a9941f7752571e5a41328f683542fa5b125bf03a8dd3c10fb0
```
an out-of-bounds read is triggered, which causes a SIGSEGV. The bug appears to
be located in the code responsible for parsing the program headers.
This allows an attacker to perform a denial of service and possibly opens up
other attack vectors if files from untrusted sources are processed.

For reproduction of the crash, I attach a script called ./reproduce.sh
alongside
the crashing input. If you need further details, please do not hesitate to ask.

# Version
The input was tested on branch binutils-2_37 of
git://sourceware.org/git/binutils-gdb.git commit
116a737f438d03a1bd6aa706b6ea0b4022f3b7e2.

# Valgrind
```
readelf: Warning: Section 27 has an out of range sh_info value of 131072
readelf: Warning: Section 28 has an out of range sh_link value of 1096552196
readelf: Warning: Section 28 has an out of range sh_info value of 2370617481
readelf: Warning: Section 29 has an out of range sh_link value of 134344835
readelf: Warning: Section 29 has an out of range sh_info value of 3901310160
readelf: Error: Reading 1163130152494825472 bytes extends past end of file for
string table

Section Headers:
  [Nr] Name              Type             Address           Offset
       Size              EntSize          Flags  Link  Info  Align
readelf: Warning: Size of section 0 is larger than the entire file!
  [ 0] <no-strings>      0000841f: <unkn  fc49e90000003fbd  fa8341c93145ffff
       4400000374840f02  1f0fc93145fffffc Dlp      2216995976   822083584    
2947887431093304768
  [ 1] <no-strings>      LOOS+0x3244cb6   0179850f0020247c  ba0000005cbd0000
       00801f0f0000005c  0063247c80c031ed XLTCxxolxxxxxxxxxxx      2147483648  
1057916     3550243881428485391
readelf: Warning: [ 2]: Expected link to another section in info field  [ 2]
<no-strings>      LOUSER+0x78e9ff  80c0940f02fa8341  31452d750063247c
       72bdfffffb7be9ed  fb24840fd0890063 WAxMSILOGTCxxxxxxxxolp     
1157627904   2202135857     2629117855673549562
readelf: Warning: [ 3]: Unexpected value (2232352867) in info field.
readelf: Warning: Size of section 3 is larger than the entire file!
  [ 3] <no-strings>      0000841f: <unkn  000066bdfffffe87  6ebdb5eb00
       eb00000062bdc9eb  940fc0894402fa83   p      612139175   2232352867    
4740374255206664585
  [ 4] <no-strings>      LOUSER+0x40fd02  8d49272704c64305  676ce394901244c
       8d4924012744c643  870fce394903244c WAXxGTxxxxxxxxxxxxxxxxxx     
1224877132   108449337     10180711322849953347
readelf: Warning: [ 5]: Expected link to another section in info fieldreadelf:
Warning: Size of section 5 is larger than the entire file!
  [ 5] <no-strings>      04c48349: <unkn  fffffa71e9000000  9bdc93145
       ff01e900000074ba  40006db60f000000 WIOCxop      1992163327   3909091328 
   36062950598901559
readelf: Warning: [ 6]: Expected link to another section in info field  [ 6]
<no-strings>      LOUSER+0x7ffb15  91046348d5b60f40  1f0fe0ff3ec80148
       0f02fa8341000044  8341fffffd78e9c0 WAXxMSILCxxxxoxxxxxxx      826654868 
 4253936109     10668749317231214591
  [ 7] <no-strings>      LOUSER+0x7ffffe  4401c38348fffffd  5cbded3145c089
       0000841f0f660000  448d49272704c643 LTCxxxxop      2214592512  
1082396608     393755151237644282
readelf: Warning: [ 8]: Expected link to another section in info fieldreadelf:
Warning: Size of section 8 is larger than the entire file!
  [ 8] <no-strings>      430676c6: <unkn  fffa1ae9c0314502  20bd02fa8341ff
       fd15e9c0940f0000  74ba00000009bdff AXILTxxxxoxxxxxxxxxxxxx     
213778431   3120562176     18446237100064899174
readelf: Warning: [ 9]: Unexpected value (1057916) in info field.
readelf: Warning: Size of section 9 is larger than the entire file!
  [ 9] <no-strings>      0f02fa83: <unkn  e9fffffe14840fc1  8bdfffffcf6
       00e900000062ba00  01642444f6ed31c9 XMLxxxop      2164260862   1057916   
 3550525356202231055
readelf: Warning: [10]: Expected link to another section in info field  [10]
<no-strings>      LOUSER+0x348fff  000072ba0000000d  bbda8eb00
       fdc1e900000076ba  00000061ba000000 WAILOxxolp      180223999  
3120562176     557757969320640622
readelf: Warning: [11]: Expected link to another section in info fieldreadelf:
Warning: Size of section 11 is larger than the entire file!
  [11] <no-strings>      1f0f66ff: <unkn  fff9c2870f7efd80  38ff0d8d48ff
       91046348d5b60f40  0fdb8548c031ffff XIDoxxxxxxxxxxx      1053294920  
521134335     17915857804321620036
readelf: Warning: [12]: Expected link to another section in info field  [12]
<no-strings>      LOUSER+0x4d8945  000020bdc031ffff  1f0ffffff87de900
       4502fa8341000044  2444b60ffffffc16 WIOCxxolp      2484061577  
3833941442     9587991139382987381
  [13] <no-strings>      LOUSER+0x40fc22  0696840f00000000  f0008247c800000
       f6854d0000073385  24548b480000070f ASLGTxxxxxxxxxx      1220580367  
1478786179     9516053376779226880
  [14] <no-strings>      LOUSER+0x464158  49e9582454894800  63247c80fffffa
       854dfffffbb5850f  74894c000003c485 WAXOGTxxoExxxx      3531870198  
822083587     1080960824299964626
readelf: Warning: [15]: Expected link to another section in info field  [15]
<no-strings>      LOUSER+0x403103  27bdd68949000000  fffff7e9e9000000
       0063247c80001f0f  1f0f66fffff7cce9 WXIOxxop      4218258703   826671103 
   273766429165
  [16] <no-strings>      LOUSER+0x202484  4800000000000000  fffb834938244489
       4418247c8b482d75  4824548b44ffffe2  op      1210340489   608471108    
4677041145485214784
readelf: Warning: [17]: Unexpected value (2267319432) in info field.
readelf: Warning: Size of section 17 is larger than the entire file!
  [17] <no-strings>      0f444024: <unkn  440000009c24848d  8948ff3130246c88
       8524848844482444  8824a4894c000000 AXMSLTCxxolp      1140850688  
2267319432     9233668453288640512
readelf: Warning: [18]: Expected link to another section in info fieldreadelf:
Warning: Size of section 18 is larger than the entire file!
  [18] <no-strings>      3824648b: <unkn  0000008624ac8840  4024448b48fd8948
       da894848247c8b48  000019fbe828348d xIOCxxxop      1289849164  
1210592397     5398172510156244107
readelf: Warning: [19]: Expected link to another section in info field  [19]
<no-strings>      LOOS+0x674c085   840ffef883480000  8024bc8300000466
       7c800b7502000000  e3a9e83824548948 xIOGxxolp      251683620   113285    
670631234304
readelf: Warning: [20]: Unexpected value (256180223) in info field.
readelf: Warning: Size of section 20 is larger than the entire file!
  [20] <no-strings>      4830247c: <unkn  0148f8440f000000  894c30247c8840d5
       c085ffffe375e8e7  852484b60f44db89 WAxLTxxxolp      4285367311  
256180223     5327627827340930230
  [21] <no-strings>      LOUSER+0x624acb  8b48ea8944000000  248cb60f4440245c
       24948b4400000087  f98948fffff77f86  op      128   570552963    
1081426324860445780
  [22] <no-strings>      LOPROC+0xc8b483  00b2e9d901486324  f02fa8341900000
       29850fed8445c094  272704c6430576e6 XSCxxolp      1140850690   4135831177
    4129010811683225601
readelf: Warning: [23]: Expected link to another section in info field  [23]
<no-strings>      LOUSER+0x763949  f639490224748d49  27022744c6430676
       4dc0894103c48349  06e8c0e8890d76c6 AXMSIGTxxop      91678265   654624323
    4127831788742330716
readelf: Warning: [24]: Expected link to another section in info fieldreadelf:
Warning: Size of section 24 is larger than the entire file!
  [24] <no-strings>      01274488: <unkn  8303e8c0e8891076  44884330c08307e0
       c3834807e5830227  0476e6394dd68900 WxIOTCxxop      3296938241  
818250499     462357789358408
readelf: Warning: [25]: Expected link to another section in info fieldreadelf:
Warning: Size of section 25 is larger than the entire file!
  [25] <no-strings>      1f2cb60f: <unkn  f083f089ffffff47  74c98445c0214401
       c6430576e6394d0e  840fc0840000014d WxIOGxxoxxxxxxxxxxxxx      1230776068
  1208075395     9443990390500868995
  [26] <no-strings>      LOPROC+0x6e6394  0676c63949012444  834927012744c643
       c03145c9314502c4  480128748d4a1824 WXOGxxxoxxxxxxxxxxxxxxx     
1217434091   251787395     4939121680690592900
readelf: Warning: [27]: Expected link to another section in info fieldreadelf:
Warning: Size of section 27 is larger than the entire file!
  [27] <no-strings>      0deb2804: <unkn  06b60ffffffe1c84  e87721f980a5488d
       e0d34800000001b8  00000002ba41db89 xIOGxxxoxxxxxxxxxxxxxxx      2865480 
 131072     5319161039479635968
readelf: Warning: [28]: Expected link to another section in info fieldreadelf:
Warning: Size of section 28 is larger than the entire file!
  [28] <no-strings>      1f0f66ff: <unkn  fffff493e9c031ed  394de1894c001f0f
       c641c089440b76e6  01438d48000000d2 XIDp      1096552196   2370617481    
9515827812624302433
readelf: Warning: [29]: Expected link to another section in info field  [29]
<no-strings>      LOUSER+0x58394c  30244488011844b6  bb860f093c30e883
       102444b60f000000  fff448e9fffff42f WAMSIOCxxoExxxxxxxxxx      134344835 
 3901310160     9515824537657195841
Key to Flags:
  W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
  L (link order), O (extra OS processing required), G (group), T (TLS),
  C (compressed), x (unknown), o (OS specific), E (exclude),
  D (mbind), l (large), p (processor specific)

There are no section groups in this file.

Program Headers:
  Type           Offset             VirtAddr           PhysAddr
                 FileSiz            MemSiz              Flags  Align
  PHDR           0x0000000000000040 0x0000000000000040 0x0000000000000040
                 0x00000000000002d8 0x00000000000002d8  R      0x8
  INTERP         0x0000000000000318 0x0000000000000318 0x0000000000000318
                 0x000000000000001c 0x000000000000001c  R      0x1
      [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]
  LOAD           0x0000000000000000 0x0000000000000000 0x0000000000000000
                 0x00000000000016e0 0x00000000000016e0  R      0x1000
  LOAD           0x0000000000002000 0x0000000000002000 0x0000000000002000
                 0x00000000008a402a 0x00000000008a402a  R E    0x1000
  LOAD           0x00000000008a7000 0x0000000000007000 0x0000000000007000
                 0x0000000000001f50 0x0000000000001f50  R      0x1000
  LOAD           0x00000000008a9b10 0x000000000000ab10 0x000000000000ab10
                 0x0000000000000570 0x0000000000000708  RW     0x1000
  DYNAMIC        0x00000000008a9c18 0x000000000000ac18 0x000000000000ac18
                 0x00000000000001f0 0x00000000000001f0  RW     0x8
readelf: Error: no .dynamic section in the dynamic segment
  NOTE           0x0000000000000338 0x0000000000000338 0x0000000000000338
                 0x0000000000000020 0x0000000000000020  R      0x8
  NOTE           0x0000000000000358 0x0000000000000358 0x0000000000000358
                 0x0000000000000044 0x0000000000000044  R      0x4
  GNU_PROPERTY   0x0000000000000338 0x0000000000000338 0x0000000000000338
                 0x0000000000000020 0x0000000000000020  R      0x8
  GNU_EH_FRAME   0x00000000008a7fec 0x0000000000007fec 0x0000000000007fec
                 0x00000000000002ac 0x00000000000002ac  R      0x4
  GNU_STACK      0x0000000000000000 0x0000000000000000 0x0000000000000000
                 0x0000000000000000 0x0000000000000000  RW     0x10
  GNU_RELRO      0x00000000008a9b10 0x000000000000ab10 0x000000000000ab10
                 0x00000000000004f0 0x00000000000004f0  R      0x1
  LOOS+0x2696c2f 0x2d78756e696c2d64 0x732e34362d363878 0x0000000000322e6f
                 0x0000001000000004 0x00554e4700000005  RW     0x4c0000002
  INTERP         0x0000001400000004 0x00554e4700000003 0x4e3710761dfe0163
                 0x8c7708cb10ba9b8b 0x00000004d6025094         0x100000010
readelf: Error: Unable to find program interpreter name
  <unknown>: 554 0x0000000200000003 0x0000000000000000 0x0000003900000003
                 0x0000000700000002 0x5608291224d20112         0x200e014960
  <unknown>: 39  0xa4268b0400000045 0x234d8a101c8c1d28 0x6dce65d123424dc8
                 0xc0e34bac9e7650bc 0xdee42d469789a096  RW    
0xf54162e472632cce
  <unknown>: 1c8 0x2a63ed1cd3b8d42a 0x00000000864b043f 0x0000000000000000
                 0x0000000000000000 0x0000000000000000   W     0x1200000169
  NULL           0x0000000000000000 0x0000001200000229 0x0000000000000000
                 0x0000000000000000 0x00000012000000a0         0x0
  NULL           0x00000012000000f7 0x0000000000000000 0x0000000000000000
                 0x0000001200000039 0x0000000000000000         0x0
  <unknown>: 310 0x0000000000000000 0x0000000000000000 0x00000012000000a6
                 0x0000000000000000 0x0000000000000000         0x12000001ac
  NULL           0x0000000000000000 0x0000001200000070 0x0000000000000000
                 0x0000000000000000 0x00000012000001f0         0x0
  NULL           0x0000001200000131 0x0000000000000000 0x0000000000000000
                 0x0000001200000153 0x0000000000000000         0x0
  <unknown>: 1ec 0x0000000000000000 0x0000000000000000 0x0000001200000050
                 0x0000000000000000 0x0000000000000000   W     0x12000000c4
  NULL           0x0000000000000000 0x00000012000000e2 0x0000000000000000
                 0x0000000000000000 0x0000001200000086         0x0
  NULL           0x0000001200000064 0x0000000000000000 0x0000000000000000
                 0x0000001200000075 0x0000000000000000         0x0
  <unknown>: 182 0x0000000000000000 0x0000000000000000 0x0000001200000031
                 0x0000000000000000 0x0000000000000000   W     0x1200000048
  NULL           0x0000000000000000 0x0000001200000124 0x0000000000000000
                 0x0000000000000000 0x00000012000000e9         0x0
  NULL           0x000000120000019e 0x0000000000000000 0x0000000000000000
                 0x000000120000005a 0x0000000000000000         0x0
  <unknown>: 1fb 0x0000000000000000 0x0000000000000000 0x0000001200000108
                 0x0000000000000000 0x0000000000000000   W     0x120000021a
  NULL           0x0000000000000000 0x00000012000000db 0x0000000000000000
                 0x0000000000000000 0x000000120000020d         0x0
  NULL           0x000000200000032c 0x0000000000000000 0x0000000000000000
                 0x000000120000012a 0x0000000000000000         0x0
  <unknown>: 197 0x0000000000000000 0x0000000000000000 0x00000012000001e4
                 0x0000000000000000 0x0000000000000000   W     0x120000001f
  NULL           0x0000000000000000 0x0000001200000138 0x0000000000000000
                 0x0000000000000000 0x000000120000000b         0x0
  NULL           0x0000001200000147 0x0000000000000000 0x0000000000000000
                 0x000000120000018e 0x0000000000000000         0x0
  <unknown>: 170 0x0000000000000000 0x0000000000000000 0x0000001200000063
                 0x0000000000000000 0x0000000000000000   W     0x1200000098
  NULL           0x0000000000000000 0x0000001200000027 0x0000000000000000
                 0x0000000000000000 0x0000001200000012         0x0
  NULL           0x000000120000006a 0x0000000000000000 0x0000000000000000
                 0x0000001200000213 0x0000000000000000         0x0
  <unknown>: 249 0x0000000000000000 0x0000000000000000 0x00000012000000a7
                 0x0000000000000000 0x0000000000000000   W     0x12000001a5
  NULL           0x0000000000000000 0x000000120000010f 0x0000000000000000
                 0x0000000000000000 0x000000200000033b         0x0
  NULL           0x000000120000013f 0x0000000000000000 0x0000000000000000
                 0x000000120000008f 0x0000000000000000         0x0
  <unknown>: f0  0x0000000000000000 0x0000000000000000 0x000000120000015b
                 0x0000000000000000 0x0000000000000000   W     0x1a001100000256
  <unknown>: b02 0x0000000000000038 0x001b00110000011d 0x000000000000b088
                 0x0000000000000008 0x0012001100000283         0x7c40
  <unknown>: 28  0x0017001100000296 0x000000000000abc0 0x0000000000000058
                 0x00000022000001d5 0x0000000000000000         0x0
  <unknown>: 22e 0x000000000000b080 0x0000000000000008 0x0012001100000274
                 0x0000000000007000 0x0000000000000004    E    0x1b0021000000ac
  <unknown>: b09 0x0000000000000008 0x001a0011000002a9 0x000000000000b018
                 0x0000000000000004 0x001b001100000239         0xb098
  <unknown>: 8   0x001b0021000001b7 0x000000000000b080 0x0000000000000008
                 0x001b00110000017b 0x000000000000b0a0         0x8
  <unknown>: 41  0x000000000000b090 0x0000000000000004 0x001a00110000026c
                 0x000000000000b010 0x0000000000000008    E    0x1b0011000002b6
  <unknown>: b0c 0x0000000000000008 0x00120011000002c3 0x0000000000007fa0
                 0x000000000000002f 0x6f732e6362696c00        
0x73756c666600362e
  <unknown>: 5f5 0x72006b68635f6674 0x7300726964646165 0x656c61636f6c7465
                 0x63776f7472626d00 0x706d636e72747300         0x646e6974706f00
  LOPROC+0x27274 0x7865747465676364 0x6465736f6c630074 0x6964686366007269
                 0x00726f7272650072 0x735f5f0073747570   WE   
0x6b68635f6b636174
  LOOS+0x961665f 0x690074617473786c 0x00746e6972707773 0x00636f6c6c616572
                 0x655f0074726f6261 0x676f727000746978  R     
0x6f766e695f6d6172
  LOOS+0x9746163 0x74635f5f00656d61 0x5f7465675f657079 0x6d5f7275635f626d
                 0x6f6c6c6163007861 0x6e656c7274730063  RWE    0x7465736d656d00
  LOPROC+0x37274 0x6c5f6f6e7272655f 0x006e6f697461636f 0x5f00706d636d656d
                 0x66746e697270665f 0x647473006b68635f  R     
0x6565736c0074756f
  LOOS+0x56d006b 0x0065736f6c636600 0x6d00636f6c6c616d 0x6e0074696e697362
                 0x6e69676e616c5f6c 0x646e65706f006f66  R E   
0x7974635f5f007269
  LOOS+0x25f6570 0x00766e6574656700 0x6964616572665f5f 0x726564747300676e
                 0x74706f7465670072 0x5f5f00676e6f6c5f  RWE   
0x6600746174737866
  LOOS+0xe656c69 0x7277660064776374 0x70665f5f00657469 0x7000676e69646e65
                 0x695f6d6172676f72 0x6f697461636f766e  RWE   
0x5f74726f68735f6e
  LOOS+0x56d616e 0x6c616e69665f6178 0x73785f5f00657a69 0x646e696200746174
                 0x616d6f6474786574 0x62696c5f5f006e69        
0x5f74726174735f63
  LOOS+0xe69616d 0x6b65657366006466 0x5f7374757066006f 0x64656b636f6c6e75
                 0x5f5f006565726600 0x656d616e676f7270        
0x6e676f72705f5f00
  <unknown>: 5f6 0x615f6178635f5f00 0x7571007469786574 0x746f75715f65746f
                 0x6974706f5f676e69 0x7372655600736e6f  RW    
0x5f4f495f006e6f69
  LOOS+0x9647473 0x69746f7571006465 0x656c7974735f676e 0x757100736c61765f
                 0x74735f676e69746f 0x736772615f656c79  RW    
0x61665f7469786500
  LOPROC+0x2756c 0x616e5f6d6172676f 0x697372657600656d 0x635f6374655f6e6f
                 0x746867697279706f 0x325f4342494c4700  R E   
0x4342494c4700332e
  <unknown>: 332 0x312e325f4342494c 0x5f4342494c470034 0x42494c4700342e32
                 0x00352e322e325f43 0x7265645f4d54495f  RW    
0x5472657473696765
  LOOS+0xf6c434d 0x6d675f5f00656c62 0x74726174735f6e6f 0x5f4d54495f005f5f
                 0x7265747369676572 0x54656e6f6c434d54  RW     0x656c6261
  <unknown>: 200 0x0002000200000002 0x0002000200020002 0x0002000200020002
                 0x0002000300020002 0x0002000200020002   W     0x2000200020002
  <unknown>: 200 0x0002000200020004 0x0002000200020002 0x0002000200020002
                 0x0002000200020005 0x0000000500020002   W     0x6000200020002
  <unknown>: 200 0x0002000100020002 0x0002000200020001 0x0001000100010002
                 0x0000000100050001 0x0000000000000010    E    0x600000d696913
  <unknown>: 2d9 0x0005000009691974 0x00000010000002e3 0x0004000006969194
                 0x00000010000002ef 0x000300000d696914         0x10000002fa
  <unknown>: 969 0x0000000000000304 0x000000000000ab10 0x0000000000000008
                 0x0000000000002e50 0x000000000000ab18         0x8
  <unknown>: 2e1 0x000000000000ab20 0x0000000000000008 0x0000000000007157
                 0x000000000000ab40 0x0000000000000008         0x715f
  <unknown>: ab6 0x0000000000000008 0x0000000000007168 0x000000000000ab80
                 0x0000000000000008 0x000000000000716d         0xabc0
  <unknown>: 8   0x000000000000753d 0x000000000000abc8 0x0000000000000008
                 0x0000000000007545 0x000000000000abd0         0x8
  <unknown>: 754 0x000000000000abd8 0x0000000000000008 0x0000000000007558
                 0x000000000000abe0 0x0000000000000008         0x7565
  <unknown>: abe 0x0000000000000008 0x0000000000007579 0x000000000000abf0
                 0x0000000000000008 0x000000000000757b         0xabf8
  <unknown>: 8   0x000000000000755e 0x000000000000ac00 0x0000000000000008
                 0x00000000000070c9 0x000000000000ac08         0x8
  <unknown>: 758 0x000000000000b008 0x0000000000000008 0x000000000000b008
                 0x000000000000b010 0x0000000000000008         0x74c9
  <unknown>: b06 0x0000000000000008 0x000000000000b070 0x000000000000b078
                 0x0000000000000008 0x000000000000b0e0         0xafc0
  PHDR           0x0000000000000000 0x000000000000afc8 0x0000001b00000006
                 0x0000000000000000 0x000000000000afd0  RW     0x2000000006
readelf: Error: the PHDR segment must occur before any LOAD segment
==14== Invalid read of size 8
==14==    at 0x13A3FB: process_program_headers (readelf.c:5651)
==14==    by 0x149A94: process_object (readelf.c:21487)
==14==    by 0x149A94: process_object (readelf.c:21432)
==14==    by 0x113336: process_file (readelf.c:21939)
==14==    by 0x113336: main (readelf.c:22010)
==14==  Address 0x5244000 is 0 bytes after a block of size 4,194,240 alloc'd
==14==    at 0x483B7F3: malloc (in
/usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==14==    by 0x1B7F58: xmalloc (xmalloc.c:147)
==14==    by 0x125C7B: get_program_headers.part.0 (readelf.c:5452)
==14==    by 0x1396B4: get_program_headers (readelf.c:10372)
==14==    by 0x1396B4: locate_dynamic_section (readelf.c:2352)
==14==    by 0x1396B4: is_pie (readelf.c:2407)
==14==    by 0x1396B4: get_file_type (readelf.c:2440)
==14==    by 0x13AFE1: process_file_header.part.0 (readelf.c:5261)
==14==    by 0x149A07: process_file_header (readelf.c:5231)
==14==    by 0x149A07: process_object (readelf.c:21463)
==14==    by 0x149A07: process_object (readelf.c:21432)
==14==    by 0x113336: process_file (readelf.c:21939)
==14==    by 0x113336: main (readelf.c:22010)
==14== 
==14== 
==14== Process terminating with default action of signal 11 (SIGSEGV): dumping
core
==14==  Access not within mapped region at address 0x5245000
==14==    at 0x13A3FB: process_program_headers (readelf.c:5651)
==14==    by 0x149A94: process_object (readelf.c:21487)
==14==    by 0x149A94: process_object (readelf.c:21432)
==14==    by 0x113336: process_file (readelf.c:21939)
==14==    by 0x113336: main (readelf.c:22010)
==14==  If you believe this happened as a result of a stack
==14==  overflow in your program's main thread (unlikely but
==14==  possible), you can try to increase the size of the
==14==  main thread stack using the --main-stacksize= flag.
==14==  The main thread stack size used in this run was 8388608.
==14== 
==14== HEAP SUMMARY:
==14==     in use at exit: 4,198,621 bytes in 7 blocks
==14==   total heap usage: 17 allocs, 10 frees, 7,876,331 bytes allocated
==14== 
==14== LEAK SUMMARY:
==14==    definitely lost: 0 bytes in 0 blocks
==14==    indirectly lost: 0 bytes in 0 blocks
==14==      possibly lost: 0 bytes in 0 blocks
==14==    still reachable: 4,198,621 bytes in 7 blocks
==14==         suppressed: 0 bytes in 0 blocks
==14== Rerun with --leak-check=full to see details of leaked memory
==14== 
==14== For lists of detected and suppressed errors, rerun with: -s
==14== ERROR SUMMARY: 65 errors from 1 contexts (suppressed: 0 from 0)
Segmentation fault
```

-- 
You are receiving this mail because:
You are on the CC list for the bug.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]