[Elftoolchain-developers] SIGFPE in _libelf_compute_section_extents

Sunil Nimmagadda Sat, 16 Mar 2019 22:48:54 -0700

Hi,

afl-fuzz generated the attached testcase for elfcopy(1) which causes
SIGFPE in libelf(3)...


$ elfcopy libelf_sigfpe_testcase
Floating point exception (core dumped)
$ gdb elfcopy elfcopy.core
...
Core was generated by `elfcopy'.
Program terminated with signal SIGFPE, Arithmetic exception.
#0  0x00000365b9bad10d in _libelf_compute_section_extents (e=0x36867841f00, 
s=0x36867841b00, rc=116)
    at elf_update.c:277
277                         sh_offset % _libelf_falign(elftype, ec)) {
(gdb) bt
#0  0x00000365b9bad10d in _libelf_compute_section_extents (e=0x36867841f00, 
s=0x36867841b00, rc=116)
    at elf_update.c:277
#1  0x00000365b9baca17 in _libelf_resync_sections (e=0x36867841f00, rc=116, 
extents=0x7f7ffffbc758)
    at elf_update.c:464
#2  0x00000365b9babd93 in _libelf_resync_elf (e=0x36867841f00, 
extents=0x7f7ffffbc758)
    at elf_update.c:648
#3  0x00000365b9bab68f in elf_update (e=0x36867841f00, c=ELF_C_NULL) at 
elf_update.c:1207
#4  0x00000365b9b9466a in copy_phdr (ecp=0x3685465e800) at segments.c:560
#5  0x00000365b9b70738 in create_elf (ecp=0x3685465e800) at main.c:461
#6  0x00000365b9b79330 in create_file (ecp=0x3685465e800,
    src=0x7f7ffffbcd89 "./id:000002,sig:08,src:000000,op:havoc,rep:4", dst=0x0) 
at main.c:705
#7  0x00000365b9b77e61 in elfcopy_main (ecp=0x3685465e800, argc=2, 
argv=0x7f7ffffbcc08)
    at main.c:1028
#8  0x00000365b9b723a4 in main (argc=2, argv=0x7f7ffffbcc08) at main.c:1597

libelf_sigfpe_testcase
Description: application/executable

_______________________________________________
Elftoolchain-developers mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/elftoolchain-developers

[Elftoolchain-developers] SIGFPE in _libelf_compute_section_extents

Reply via email to