bug-binutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/27860] New: Segmentation fault on readelf -w


From: shaohua.li at inf dot ethz.ch
Subject: [Bug binutils/27860] New: Segmentation fault on readelf -w
Date: Thu, 13 May 2021 12:10:29 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=27860

            Bug ID: 27860
           Summary: Segmentation fault on readelf -w
           Product: binutils
           Version: 2.37 (HEAD)
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: shaohua.li at inf dot ethz.ch
  Target Milestone: ---

Created attachment 13445
  --> https://sourceware.org/bugzilla/attachment.cgi?id=13445&action=edit
poc

Hi there,

I crashed `readelf -w` with a crafted input. I attached the poc. Note that,
this poc will only crash gcc11 compiled binary, but not clang12 compiled
binary.

Compiler: gcc11 (clang12 compiled binary won't crash)

Reproduce: `readelf -w poc`

gdb bt for your convenience:

Program received signal SIGSEGV, Segmentation fault.
byte_get_little_endian (field=0x561b44463ee8 <error: Cannot access memory at
address 0x561b44463ee8>, size=4) at elfcomm.c:118
118           return  ((unsigned long) (field[0]))
(gdb) bt
#0  byte_get_little_endian (field=0x561b44463ee8 <error: Cannot access memory
at address 0x561b44463ee8>, size=4)
    at elfcomm.c:118
#1  0x0000561b53d187f4 in display_debug_frames (section=0x561b53db0ed8
<debug_displays+728>, file=<optimized out>)
    at dwarf.c:8723
#2  0x0000561b53cf07e3 in display_debug_section (filedata=<optimized out>,
section=0x561b54548260, shndx=8) at readelf.c:15549
#3  process_section_contents (filedata=filedata@entry=0x561b54546310) at
readelf.c:15644
#4  0x0000561b53cf1949 in process_section_contents (filedata=0x561b54546310) at
readelf.c:15603
#5  process_object (filedata=filedata@entry=0x561b54546310) at readelf.c:21378
#6  0x0000561b53cf4a1f in process_object (filedata=0x561b54546310) at
readelf.c:21314
#7  process_archive (filedata=filedata@entry=0x561b54546310,
is_thin_archive=is_thin_archive@entry=false) at readelf.c:21710
#8  0x0000561b53cbe531 in process_file (file_name=0x7ffff727a888 "poc") at
readelf.c:21783
#9  main (argc=<optimized out>, argv=<optimized out>) at readelf.c:21871

-- 
You are receiving this mail because:
You are on the CC list for the bug.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]