bug-binutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/22571] New: libbfd: bfd_get_symtab_upper_bound causes SIGS

From: sourceware at jonathancottrill dot net
Subject: [Bug binutils/22571] New: libbfd: bfd_get_symtab_upper_bound causes SIGSEGV when iterating archive files
Date: Thu, 07 Dec 2017 19:55:47 +0000 
https://sourceware.org/bugzilla/show_bug.cgi?id=22571

            Bug ID: 22571
           Summary: libbfd: bfd_get_symtab_upper_bound causes SIGSEGV when
                    iterating archive files
           Product: binutils
           Version: 2.29
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: sourceware at jonathancottrill dot net
  Target Milestone: ---

Created attachment 10670
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10670&action=edit
Simple C program demonstrating SIGSEGV issue

In a symbol processing program I'm writing, I'm iterating through an archive,
using bfd_openr_next_archived_file followed by bfd_get_symtab_upper_bound. The
first iteration is successful, but the second file causes a SIGSEGV in the
bfd_get_symtab_upper_bound call. This seems to happen with any archive (I've
tried several Linux ELF .a archives, and one Windows COFF .lib archive).

A simplified case that demonstrates the problem is:

    bfd* file = NULL;
    while ((file = bfd_openr_next_archived_file(archive, file)) != NULL) {
        printf("File: %s\n", file->filename);

        long storage_needed = bfd_get_symtab_upper_bound(file);
        printf("  symbol table: %li bytes\n", storage_needed);
    }

Example output is:

    File: file-a.o
      symbol table: 72 bytes
    File: file-b.o
    Segmentation fault (core dumped)

GDB shows:

    Program received signal SIGSEGV, Segmentation fault.
    0x00007ffff79574c2 in _bfd_elf_get_symtab_upper_bound (abfd=0x607b20) at 
    ../../bfd/elf.c:8023
    8023  symcount = hdr->sh_size / get_elf_backend_data (abfd)->s->sizeof_sym;

If it matters, this is on openSUSE 42.3 x86_64, using either the system
libbfd-2.29.1.so library or building the library myself from your Git repo.

I've attached the file uselibbfd.c, a complete and simple program demonstrating
the issue. Also, I'll attach the coredump.

Please let me know what other information you need.

Thanks!

----
Notes:

I'm relying on documentation here for the libbfd calls I'm making:

https://sourceware.org/binutils/docs-2.29/bfd/Archives.html
https://sourceware.org/binutils/docs-2.29/bfd/Reading-Symbols.html

--
I can reproduce the problem with an archive built using:

ar rcs archive.a file-a.o file-b.o

...where file-a.o and file-b.o are compiled using gcc -c file-*.c, and the C
source files are simply:

file-a.c:
    void functionA() {
    }

file-b.c:
    void functionB() {
    }

-- 
You are receiving this mail because:
You are on the CC list for the bug.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]