https://sourceware.org/bugzilla/show_bug.cgi?id=30229
Bug ID: 30229
Summary: readelf: Segmentation Violation in
ctf_bufopen_internal
Product: binutils
Version: 2.40
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: youngseok.main at gmail dot com
Target Milestone: ---
Created attachment 14748
--> https://sourceware.org/bugzilla/attachment.cgi?id=14748&action=edit
poc_file used in command input
(Possible duplicate from Bug ID #30228)
We found SEGV on 0x2 in readelf by fuzzing.
Command Input:
readelf poc_file --ctf=1
poc_file is attached.
Output:
readelf: Error: Reading 4 bytes extends past end of file for section contents
Stack Trace:
==28344==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000002 (pc
0x555555711b5f bp 0x7fffffffdbd0 sp 0x7fffffffdac0 T0)
==28344==The signal is caused by a READ memory access.
==28344==Hint: address points to the zero page.
#0 0x555555711b5e in ctf_bufopen_internal
/home/youngseok/latest-subjects/binutils-gdb/libctf/ctf-open.c:1363
#1 0x555555711859 in ctf_bufopen
/home/youngseok/latest-subjects/binutils-gdb/libctf/ctf-open.c:1324
#2 0x5555556f6c0b in ctf_arc_bufopen
/home/youngseok/latest-subjects/binutils-gdb/libctf/ctf-archive.c:444
#3 0x555555673c74 in dump_section_as_ctf readelf.c:15889
#4 0x55555567637e in process_section_contents readelf.c:16477
#5 0x555555693477 in process_object readelf.c:22506
#6 0x555555695709 in process_file readelf.c:22929
#7 0x555555695b68 in main readelf.c:23000
#8 0x7ffff6a48c86 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
#9 0x55555561d749 in _start
(/home/youngseok/latest-subjects/binutils-gdb/binutils/readelf+0xc9749)
*Environment*
- OS: Ubuntu 18.04
- gcc: 7.5.0
- binutils: 2.40.50.20230314
--
You are receiving this mail because:
You are on the CC list for the bug.
