[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/24898] New: An out-of-bounds read occured in display_data
|
From: |
mgcho.minic at gmail dot com |
|
Subject: |
[Bug binutils/24898] New: An out-of-bounds read occured in display_data |
|
Date: |
Mon, 12 Aug 2019 10:58:44 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=24898
Bug ID: 24898
Summary: An out-of-bounds read occured in display_data
Product: binutils
Version: 2.33 (HEAD)
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: mgcho.minic at gmail dot com
Target Milestone: ---
Created attachment 11946
--> https://sourceware.org/bugzilla/attachment.cgi?id=11946&action=edit
Poc to trigger bug
Triggered by "./objdump -W $POC"
Tested on Ubuntu 16.04 (x86)
An out-of-bounds read occurred when processing malformed PE file.
==138514==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf4303b55
at pc 0x082257b1 bp 0xffffcd98 sp 0xffffcd8c
READ of size 1 at 0xf4303b55 thread T0
#0 0x82257b0 in display_data
/home/seclab/binutils-gdb/binutils/dwarf.c:7530:21
#1 0x82257b0 in display_augmentation_data
/home/seclab/binutils-gdb/binutils/dwarf.c:7544
#2 0x81bb389 in display_debug_frames
/home/seclab/binutils-gdb/binutils/dwarf.c:7854:8
#3 0x817f7a5 in dump_dwarf_section
/home/seclab/binutils-gdb/binutils/./objdump.c:2923:6
#4 0x83ddfb0 in bfd_map_over_sections
/home/seclab/binutils-gdb/bfd/section.c:1374:5
#5 0x817cf97 in dump_dwarf
/home/seclab/binutils-gdb/binutils/./objdump.c:2993:3
#6 0x8175e31 in dump_bfd
/home/seclab/binutils-gdb/binutils/./objdump.c:4058:5
#7 0x8173583 in display_any_bfd
/home/seclab/binutils-gdb/binutils/./objdump.c:4130:7
#8 0x8171883 in display_file
/home/seclab/binutils-gdb/binutils/./objdump.c:4243:3
#9 0x8171883 in main /home/seclab/binutils-gdb/binutils/./objdump.c:4561
#10 0xf7d85636 in __libc_start_main
/build/glibc-GoSbp4/glibc-2.23/csu/../csu/libc-start.c:291
#11 0x806e7b7 in _start
(/home/seclab/binutils-gdb/binutils/objdump+0x806e7b7)
Credits:
Mingi Cho, Seoyoung Kim, and Taekyoung Kwon of the Information Security Lab,
Yonsei University.
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug binutils/24898] New: An out-of-bounds read occured in display_data,
mgcho.minic at gmail dot com <=
- [Bug binutils/24898] An out-of-bounds read occured in display_data, nickc at redhat dot com, 2019/08/15
- [Bug binutils/24898] An out-of-bounds read occured in display_data, amodra at gmail dot com, 2019/08/19
- [Bug binutils/24898] An out-of-bounds read occured in display_data, cvs-commit at gcc dot gnu.org, 2019/08/19
- [Bug binutils/24898] An out-of-bounds read occured in display_data, amodra at gmail dot com, 2019/08/19
- [Bug binutils/24898] An out-of-bounds read occured in display_data, mgcho.minic at gmail dot com, 2019/08/20