[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/28416] New: SEGV in objdump at bfd_getl32 (bfd/libbfd.c:72
From: |
irfanariq at kaist dot ac.kr |
Subject: |
[Bug binutils/28416] New: SEGV in objdump at bfd_getl32 (bfd/libbfd.c:727) |
Date: |
Mon, 04 Oct 2021 15:11:04 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=28416
Bug ID: 28416
Summary: SEGV in objdump at bfd_getl32 (bfd/libbfd.c:727)
Product: binutils
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: irfanariq at kaist dot ac.kr
Target Milestone: ---
Created attachment 13698
--> https://sourceware.org/bugzilla/attachment.cgi?id=13698&action=edit
poc and full stack trace
Hello,
We are currently working on fuzz testing feature, and we found a **SEGV** on
`objdump`.
The stack traces are as follow:
```
==21935==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x55f70ad1eef6 bp 0x7fffd7bd4f30 sp 0x7fffd7bd4f10 T0)
==21935==The signal is caused by a READ memory access.
==21935==Hint: address points to the zero page.
#0 0x55f70ad1eef5 in bfd_getl32 .../binutils-git/bfd/libbfd.c:727
#1 0x55f70b6fa205 in xtensa_read_table_entries
.../binutils-git/bfd/elf32-xtensa.c:938
#2 0x55f70ab84bfd in print_insn_xtensa
.../binutils-git/opcodes/xtensa-dis.c:343
#3 0x55f70a858ecd in disassemble_bytes objdump.c:2873
#4 0x55f70a85c342 in disassemble_section objdump.c:3455
#5 0x55f70ad273c0 in bfd_map_over_sections
.../binutils-git/bfd/section.c:1383
#6 0x55f70a85d293 in disassemble_data objdump.c:3599
#7 0x55f70a8646cc in dump_bfd objdump.c:5006
#8 0x55f70a864994 in display_object_bfd objdump.c:5068
#9 0x55f70a864d2f in display_any_bfd objdump.c:5158
#10 0x55f70a864da6 in display_file objdump.c:5179
#11 0x55f70a86615a in main objdump.c:5529
```
The full stack trace is attached.
**Step to reproduce**
We configured `objdump` using
`CFLAGS="-g -O0 -fsanitize=address" ./configure --prefix=$(pwd)/
--disable-shared --enable-targets=all`
and build it using `make -j 10`, and run it with:
```
./objdump --source addr16 -z booke -t ppcps -Wf intel-mnemonic suffix <attached
file> -Ttext -x
```
The input file is attached.
**Environment**
- OS: Ubuntu 18.04.5 LTS
- GCC version: gcc 7.5.0
- binutils version: commit (98ca73a) of master branch on sourceware git
([link](https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=98ca73afe51e1e921915c37f242c88d4d445841c))
Thank you.
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug binutils/28416] New: SEGV in objdump at bfd_getl32 (bfd/libbfd.c:727),
irfanariq at kaist dot ac.kr <=