https://sourceware.org/bugzilla/show_bug.cgi?id=21646
Bug ID: 21646
Summary: SEGV on unknown address in bfd_getb32
Product: binutils
Version: 2.29 (HEAD)
Status: UNCONFIRMED
Severity: critical
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: aadamski at quarkslab dot com
Target Milestone: ---
Hello there,
I have been fuzzing objdump with American Fuzzy Lop + ASAN/UBSAN.
Please find attached the minimized file causing the issue ("Input") and the
ASAN report log ("Output"). Below is the reduced stacktrace with links to the
corresponding source lines on a GitHub mirror.
The configuration settings used were `--enable-targets=all --disable-shared`.
The compilation flags used were `-g -O2 -fno-omit-frame-pointer
-fsanitize=address -fno-sanitize-recover=all`. The command used was `objdump
-afpxDSsgetTrR <file>`.
Let me know if there is any additional information I can provide.
--
Input: 31d22490104a5f892b1346613d415d5e.205cc0abde2bc6981e47f44395752466.min
Output: 31d22490104a5f892b1346613d415d5e.205cc0abde2bc6981e47f44395752466.txt
Error in "bfd_getb32": SEGV on unknown address 0x000000000000 (pc
0x00000096d9e4 bp 0x7fffffffd920 sp 0x7fffffffd910 T0)
in bfd_getb32 at bfd/libbfd.c:544
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/libbfd.c#L544)
in sh_reloc at bfd/coff-sh.c:607
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/coff-sh.c#L607)
in bfd_perform_relocation at bfd/reloc.c:620
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/reloc.c#L620)
in bfd_generic_get_relocated_section_contents at bfd/reloc.c:8181
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/reloc.c#L8181)
in bfd_simple_get_relocated_section_contents at bfd/simple.c:264
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/simple.c#L264)
in load_specific_debug_section at binutils/objdump.c:2490
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L2490)
in dump_dwarf_section at binutils/objdump.c:2628
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L2628)
in bfd_map_over_sections at bfd/section.c:1395
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/section.c#L1395)
in dump_dwarf at binutils/objdump.c:2697
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L2697)
in dump_bfd at binutils/objdump.c:3576
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3576)
in display_file at binutils/objdump.c:3720
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3720)
in main at binutils/objdump.c:4024
(see
https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L4024)
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/bug-binutils
