[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug ld/24337] New: An Invalid Memory Address Dereference problem was di
|
From: |
wcventure at 126 dot com |
|
Subject: |
[Bug ld/24337] New: An Invalid Memory Address Dereference problem was discovered in function _bfd_elf_rela_local_sym in elf.c in bfd |
|
Date: |
Thu, 14 Mar 2019 12:40:46 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=24337
Bug ID: 24337
Summary: An Invalid Memory Address Dereference problem was
discovered in function _bfd_elf_rela_local_sym in
elf.c in bfd
Product: binutils
Version: 2.32
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: ld
Assignee: unassigned at sourceware dot org
Reporter: wcventure at 126 dot com
Target Milestone: ---
Created attachment 11676
--> https://sourceware.org/bugzilla/attachment.cgi?id=11676&action=edit
POC
Hi, there.
An Invalid Memory Address Dereference problem was discovered in function
_bfd_elf_rela_local_sym in elf.c in bfd of binutils 2.32 the latest code base.
A crafted ELF input can cause segment faults and I have confirmed them with
address sanitizer too.
Please use the "./ld -E $POC" to reproduce the bug.
The ASAN dumps the stack trace as follows:
> =================================================================
> ==20800==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000068 (pc
> 0x0000008030d4 bp 0x0fff88b06c30 sp 0x7ffc458360f0 T0)
> #0 0x8030d3 in _bfd_elf_rela_local_sym
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/bfd/elf.c:11776:22
> #1 0x71e812 in elf_x86_64_relocate_section
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/bfd/elf64-x86-64.c:2459:17
> #2 0x874c6c in elf_link_input_bfd
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/bfd/elflink.c:10856:10
> #3 0x874c6c in bfd_elf_final_link
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/bfd/elflink.c:12183
> #4 0x59a4dc in ldwrite
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/ld/ldwrite.c:581:8
> #5 0x58fe8c in main
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/ld/./ldmain.c:456:3
> #6 0x7f8083d9e82f in __libc_start_main
> /build/glibc-LK5gWL/glibc-2.23/csu/../csu/libc-start.c:291
> #7 0x4195f8 in _start
> (/home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/build/bin/ld+0x4195f8)
>
> AddressSanitizer can not provide additional info.
> SUMMARY: AddressSanitizer: SEGV
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/bfd/elf.c:11776:22 in
> _bfd_elf_rela_local_sym
> ==20800==ABORTING
> Aborted
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug ld/24337] New: An Invalid Memory Address Dereference problem was discovered in function _bfd_elf_rela_local_sym in elf.c in bfd,
wcventure at 126 dot com <=