https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86198
Bug ID: 86198
Summary: Libbacktrace does not properly work with
".note.gnu.build-id" section
Product: gcc
Version: 9.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: other
Assignee: unassigned at gcc dot gnu.org
Reporter: d.khalikov at partner dot samsung.com
Target Milestone: ---
An error happens when libbacktrace is reading ".note.gnu.build-id" section and
effects the feature which allows to read stripped debuginfo with build-id.
Steps to reproduce:
(I will use libasan in my test case, because it's easy and libbacktrace is a
default symbolizer for libasan in GCC).
1.$cat a.cc
int main () {
int *ptr = new int[1];
return ptr[1];
}
2.$g++ -o a a.cc -fsanitize=address -g
-Wl,--build-id=0x0123456789abcdef0123456789abcdef01234567
3.$objcopy --only-keep-debug a a.debug
4.$strip a
5. In this step we need a superuser rights:
#mkdir /usr/lib/debug/.build-id/01
#ln -s `pwd`/a.debug
/usr/lib/debug/.build-id/01/23456789abcdef0123456789abcdef01234567.debug
6. ./a
output:
...
#0 0x4007cf (/path/to/exe/a+0x4007cf)
...
The problem at the libbacktrace/elf.c line 2871
2866 buildid_view_valid = 1;
2867 note = (const b_elf_note *) buildid_view.data;
2868 if (note->type == NT_GNU_BUILD_ID
2869 && note->namesz == 4
2870 && strncmp (note->name, "GNU", 4) == 0
2871 && shdr->sh_size < 12 + ((note->namesz + 3) & ~ 3) +
note->descsz)
2872 {
2873 buildid_data = ¬e->name[0] + ((note->namesz + 3) & ~ 3);
2874 buildid_size = note->descsz;
2875 }
2876 }
The size for the ".note.gnu.build-id" section by default is 36 bytes (12 + 4 +
20)
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/developer_guide/compiling-build-id
So, the cmp on line 2871 should be changed from less to less or equal
2871 && shdr->sh_size <= 12 + ((note->namesz + 3) & ~ 3) +
note->descsz)
