bug-binutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/21645] New: SEGV on unknown address in bfd_getb16


From: aadamski at quarkslab dot com
Subject: [Bug binutils/21645] New: SEGV on unknown address in bfd_getb16
Date: Wed, 21 Jun 2017 08:43:10 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=21645

            Bug ID: 21645
           Summary: SEGV on unknown address in bfd_getb16
           Product: binutils
           Version: 2.29 (HEAD)
            Status: UNCONFIRMED
          Severity: critical
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: aadamski at quarkslab dot com
  Target Milestone: ---

Hello there,

I have been fuzzing objdump with American Fuzzy Lop + ASAN/UBSAN.

Please find attached the minimized file causing the issue ("Input") and the
ASAN report log ("Output"). Below is the reduced stacktrace with links to the
corresponding source lines on a GitHub mirror.

The configuration settings used were `--enable-targets=all --disable-shared`.
The compilation flags used were `-g -O2 -fno-omit-frame-pointer
-fsanitize=address -fno-sanitize-recover=all`. The command used was `objdump
-afpxDSsgetTrR <file>`.

Let me know if there is any additional information I can provide.

--

Input: 544d1e760c2bb52af7920adfdd1b3ab5.1431a09f1f9d3e3f2e4a0e06bf9c169f.min
Output: 544d1e760c2bb52af7920adfdd1b3ab5.1431a09f1f9d3e3f2e4a0e06bf9c169f.txt

Error in "bfd_getb16": SEGV on unknown address 0x000000000000 (pc
0x00000096d72a bp 0x7fffffffd920 sp 0x7fffffffd910 T0)
  in bfd_getb16 at bfd/libbfd.c:498
    (see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/libbfd.c#L498)
  in sh_reloc at bfd/coff-sh.c:620
    (see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/coff-sh.c#L620)
  in bfd_perform_relocation at bfd/reloc.c:620
    (see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/reloc.c#L620)
  in bfd_generic_get_relocated_section_contents at bfd/reloc.c:8181
    (see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/reloc.c#L8181)
  in bfd_simple_get_relocated_section_contents at bfd/simple.c:264
    (see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/simple.c#L264)
  in load_specific_debug_section at binutils/objdump.c:2490
    (see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L2490)
  in dump_dwarf_section at binutils/objdump.c:2628
    (see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L2628)
  in bfd_map_over_sections at bfd/section.c:1395
    (see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/section.c#L1395)
  in dump_dwarf at binutils/objdump.c:2697
    (see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L2697)
  in dump_bfd at binutils/objdump.c:3576
    (see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3576)
  in display_file at binutils/objdump.c:3720
    (see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3720)
  in main at binutils/objdump.c:4024
    (see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L4024)

-- 
You are receiving this mail because:
You are on the CC list for the bug.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]