readelf.c:7594(function slurp_ia64_unwind_table ) that could cause crash in binutils 2.31.

ganshuitao at gmail dot com Fri, 30 Nov 2018 20:18:01 -0800

https://sourceware.org/bugzilla/show_bug.cgi?id=23946


            Bug ID: 23946
           Summary: There is an illegal READ memory access at
                    binutils/readelf.c:7594(function
                    slurp_ia64_unwind_table ) that could cause crash in
                    binutils 2.31.
           Product: binutils
           Version: 2.32 (HEAD)
            Status: UNCONFIRMED
          Severity: critical
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: ganshuitao at gmail dot com
  Target Milestone: ---

Created attachment 11426
  --> https://sourceware.org/bugzilla/attachment.cgi?id=11426&action=edit
Triggered by “./readelf -aW poc1”

version: binutils 2.31
Summary: 

There is an illegal READ memory access at binutils/readelf.c:7594(function
slurp_ia64_unwind_table ) that could cause crash in binutils 2.31. 

Description:

The asan debug is as follows:

$./readelf -aW POC1

ASAN:DEADLYSIGNAL
=================================================================
==112613==ERROR: AddressSanitizer: SEGV on unknown address 0x000007b2459c (pc
0x55fad064e195 bp 0x00003d922c5f sp 0x7ffd4fb421f0 T0)
==112613==The signal is caused by a READ memory access.
    #0 0x55fad064e194 in slurp_ia64_unwind_table
/home/company/real/binutils-2.31/binutils/readelf.c:7594
    #1 0x55fad064e194 in ia64_process_unwind
/home/company/real/binutils-2.31/binutils/readelf.c:7755
    #2 0x55fad067185c in process_unwind
/home/company/real/binutils-2.31/binutils/readelf.c:9253
    #3 0x55fad067185c in process_object
/home/company/real/binutils-2.31/binutils/readelf.c:18822
    #4 0x55fad0674f7d in process_archive
/home/company/real/binutils-2.31/binutils/readelf.c:19167
    #5 0x55fad0625c9d in process_file
/home/company/real/binutils-2.31/binutils/readelf.c:19242
    #6 0x55fad0625c9d in main
/home/company/real/binutils-2.31/binutils/readelf.c:19318
    #7 0x7fd4b4ae51c0 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x211c0)
    #8 0x55fad0626319 in _start
(/home/company/real/binutils-2.31/install_asan/bin/readelf+0x98319)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
/home/company/real/binutils-2.31/binutils/readelf.c:7594 in
slurp_ia64_unwind_table
==112613==ABORTING

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/23946] New: There is an illegal READ memory access at binutils/readelf.c:7594(function slurp_ia64_unwind_table ) that could cause crash in binutils 2.31.

Reply via email to