[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug ld/23805] New: An Invalid Memory Address Dereference exists in the
From: |
wcventure at 126 dot com |
Subject: |
[Bug ld/23805] New: An Invalid Memory Address Dereference exists in the function elf_link_input_bfd() in merge.c |
Date: |
Sun, 21 Oct 2018 10:52:20 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=23805
Bug ID: 23805
Summary: An Invalid Memory Address Dereference exists in the
function elf_link_input_bfd() in merge.c
Product: binutils
Version: 2.31
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: ld
Assignee: unassigned at sourceware dot org
Reporter: wcventure at 126 dot com
Target Milestone: ---
Created attachment 11357
--> https://sourceware.org/bugzilla/attachment.cgi?id=11357&action=edit
POC
Hi, there.
An Invalid Memory Address Dereference problem was discovered in function
elf_link_input_bfd in merge.c in bfd of binutils 2.31 the latest code base. A
crafted ELF input can cause segment faults and I have confirmed them with
address sanitizer too.
Please use the "./ld -E $POC" to reproduce the bug.
The ASAN dumps the stack trace as follows:
> ASAN:DEADLYSIGNAL
> =================================================================
> ==23971==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000028 (pc
> 0x000000bdbbe8 bp 0x7fffab7d10f0 sp 0x7fffab7cede0 T0)
> #0 0xbdbbe7 in elf_link_input_bfd
> /media/hjwang/01D3344861A8D2E0/wcventure/Project/binutils_ASAN_O0/bfd/elflink.c:10492:65
> #1 0xbbec24 in bfd_elf_final_link
> /media/hjwang/01D3344861A8D2E0/wcventure/Project/binutils_ASAN_O0/bfd/elflink.c:12158:11
> #2 0x60b09d in ldwrite
> /media/hjwang/01D3344861A8D2E0/wcventure/Project/binutils_ASAN_O0/ld/ldwrite.c:581:8
> #3 0x5fdaf9 in main
> /media/hjwang/01D3344861A8D2E0/wcventure/Project/binutils_ASAN_O0/ld/./ldmain.c:454:3
> #4 0x7f0026f3982f in __libc_start_main
> /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
> #5 0x419638 in _start
> (/media/hjwang/01D3344861A8D2E0/wcventure/Project/binutils_latest_ASAN_O0/build/bin/ld+0x419638)
>
> AddressSanitizer can not provide additional info.
> SUMMARY: AddressSanitizer: SEGV
> /media/hjwang/01D3344861A8D2E0/wcventure/Project/binutils_ASAN_O0/bfd/elflink.c:10492:65
> in elf_link_input_bfd
> ==23971==ABORTING
> Aborted
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug ld/23805] New: An Invalid Memory Address Dereference exists in the function elf_link_input_bfd() in merge.c,
wcventure at 126 dot com <=