[Bug binutils/13622] readelf crashes when reading binary with shredded section header offset
http://sourceware.org/bugzilla/show_bug.cgi?id=13622 --- Comment #4 from Jan Lieven j...@das-labor.org 2012-01-25 20:02:22 UTC --- Thanks, the patch fixes the issue. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/13622] New: readelf crashes when reading binary with shredded section header offset
http://sourceware.org/bugzilla/show_bug.cgi?id=13622 Bug #: 13622 Summary: readelf crashes when reading binary with shredded section header offset Product: binutils Version: 2.22 Status: NEW Severity: normal Priority: P2 Component: binutils AssignedTo: unassig...@sourceware.org ReportedBy: j...@das-labor.org Classification: Unclassified When readelf tries to read a section header that is paste the size of the target ELF it crashes with a SIGABRT. Steps to reproduce: 1.) Trash the section header offset of any elf (i.e. write 0xFF @ 0x21 for 32bit ELF) 2.) Run readelf -a elf_with_corrupted_header readelf: Error: Unable to read in 0x28 bytes of section headers ELF Header: snip Start of section headers: 39288 (bytes into file) snip readelf: Error: Unable to read in 0x4d8 bytes of section headers readelf: Error: Section headers are not available! Program received signal SIGABRT, Aborted. RAX: 0x = 0x77854935 raise+53: cmprax,0xf000 0x7785493b raise+59: ja 0x7785494f raise+79 0x7785493d raise+61: repz ret 0x7785493f raise+63: nop 0x77854940 raise+64: test eax,eax 0x77854942 raise+66: jg 0x77854925 raise+37 0x77854944 raise+68: test eax,0x7fff 0x77854949 raise+73: je 0x77854960 raise+96 0x77854935 in raise () from /lib/libc.so.6 gdb$ bt #0 0x77854935 in raise () from /lib/libc.so.6 #1 0x77855dab in abort () from /lib/libc.so.6 #2 0x0041de99 in process_section_groups (file=optimized out) at /tmp/binutils/src/binutils/readelf.c:4964 #3 process_object (file_name=optimized out, file=0x65a060) at /tmp/binutils/src/binutils/readelf.c:13283 #4 0x00401dc4 in process_file (file_name=0x7fffe91a a.out) at /tmp/binutils/src/binutils/readelf.c:13659 #5 main (argc=0x3, argv=0x7fffe5e8) at /tmp/binutils/src/binutils/readelf.c:13724 -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/13622] readelf crashes when reading binary with shredded section header offset
http://sourceware.org/bugzilla/show_bug.cgi?id=13622 --- Comment #1 from Jan Lieven j...@das-labor.org 2012-01-25 02:00:10 UTC --- I forgot to mention the output of readelf --version. It's 2.22.51.20120123 build from a cvs checkout done on the day of compilation. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/12632] strip crashes when it does not recognise the file format
http://sourceware.org/bugzilla/show_bug.cgi?id=12632 --- Comment #2 from Jan Lieven j...@das-labor.org 2011-04-03 20:51:54 UTC --- Created attachment 5642 -- http://sourceware.org/bugzilla/attachment.cgi?id=5642 File that triggers the crash -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org http://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/12632] New: strip crashes when it does not recognise the file format
http://sourceware.org/bugzilla/show_bug.cgi?id=12632 Summary: strip crashes when it does not recognise the file format Product: binutils Version: 2.21 Status: NEW Severity: critical Priority: P2 Component: binutils AssignedTo: unassig...@sources.redhat.com ReportedBy: j...@das-labor.org The crash occurs when the target is of an unknown format. The problem seems to be a NULL-pointer dereference in ./bfd/bfdio.c on line 206 as can be seen from the gdb output below: /usr/bin/strip:libeay32.lib(tmp32/e_capi.obj): Unable to recognize the format of file: File format not recognized Program received signal SIGSEGV, Segmentation fault. bfd_bwrite (ptr=0x807ed00, size=335, abfd=0x0) at /build/src/binutils/bfd/bfdio.c:206 206 if (abfd-iovec) strip --version is: GNU strip (GNU Binutils) 2.21.0.20110209 -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org http://lists.gnu.org/mailman/listinfo/bug-binutils
