https://sourceware.org/bugzilla/show_bug.cgi?id=24041
Bug ID: 24041 Summary: Invalid Memory Address Dereference exists in the function elf_link_add_object_symbols in elflink.c in bfd Product: binutils Version: 2.31 Status: UNCONFIRMED Severity: normal Priority: P2 Component: ld Assignee: unassigned at sourceware dot org Reporter: wcventure at 126 dot com Target Milestone: --- Created attachment 11496 --> https://sourceware.org/bugzilla/attachment.cgi?id=11496&action=edit POC Hi, there. An Invalid Memory Address Dereference problem was discovered in function elf_link_add_object_symbols in elflink.c in bfd of binutils 2.31 the latest code base. A crafted ELF input can cause segment faults and I have confirmed them with address sanitizer too. Please use the "./ld -E $POC" to reproduce the bug. The ASAN dumps the stack trace as follows: > ASAN:SIGSEGV > ================================================================= > ==25025==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc > 0x00000067b8c3 bp 0x7ffe8f394b60 sp 0x7ffe8f3943b0 T0) > #0 0x67b8c2 in elf_link_add_object_symbols > binutils-2.31_ASAN/bfd/elflink.c:4175 > #1 0x688ac7 in bfd_elf_link_add_symbols > binutils-2.31_ASAN/bfd/elflink.c:5725 > #2 0x438c64 in load_symbols binutils-2.31_ASAN/ld/ldlang.c:2880 > #3 0x43c2d7 in open_input_bfds binutils-2.31_ASAN/ld/ldlang.c:3329 > #4 0x459c70 in lang_process binutils-2.31_ASAN/ld/ldlang.c:7180 > #5 0x469dbd in main ldmain.c:438 > #6 0x7fb4d60a682f in __libc_start_main > (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) > #7 0x4036d8 in _start (binutils-2.31_ASAN/build/bin/ld+0x4036d8) > > AddressSanitizer can not provide additional info. > SUMMARY: AddressSanitizer: SEGV binutils-2.31_ASAN/bfd/elflink.c:4175 > elf_link_add_object_symbols > ==25025==ABORTING -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils