[Bug binutils/28414] New: SEGV in objdump at bfd/reloc.c:8423

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/28414] New: SEGV in objdump at bfd/reloc.c:8423

From:	irfanariq at kaist dot ac.kr
Subject:	[Bug binutils/28414] New: SEGV in objdump at bfd/reloc.c:8423
Date:	Mon, 04 Oct 2021 15:05:21 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=28414

            Bug ID: 28414
           Summary: SEGV in objdump at bfd/reloc.c:8423
           Product: binutils
           Version: unspecified
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: irfanariq at kaist dot ac.kr
  Target Milestone: ---

Created attachment 13696
  --> https://sourceware.org/bugzilla/attachment.cgi?id=13696&action=edit
poc and full stack trace

Hello,

We are currently working on fuzz testing feature, and we found a **SEGV** on
`objdump`.

The stack traces are as follow:
```
==30122==ERROR: AddressSanitizer: SEGV on unknown address 0x602007ffd170 (pc
0x55c14f74390d bp 0x7ffdf902a620 sp 0x7ffdf902a4f0 T0)
==30122==The signal is caused by a READ memory access.
    #0 0x55c14f74390c in bfd_generic_get_relocated_section_contents
.../binutils-git/bfd/reloc.c:8423
    #1 0x55c14eaeb93f in bfd_get_relocated_section_contents
.../binutils-git/bfd/bfd.c:2166
    #2 0x55c14eb07c54 in bfd_simple_get_relocated_section_contents
.../binutils-git/bfd/simple.c:298
    #3 0x55c14e63c9e0 in load_specific_debug_section objdump.c:3650
    #4 0x55c14e63cfb5 in load_debug_section objdump.c:3740
    #5 0x55c14e65812c in load_debug_section_with_follow
.../binutils-git/binutils/dwarf.c:3358
    #6 0x55c14e65c4d3 in load_debug_info .../binutils-git/binutils/dwarf.c:4044
    #7 0x55c14e668c60 in display_debug_pubnames_worker
.../binutils-git/binutils/dwarf.c:5619
    #8 0x55c14e669a8a in display_debug_gnu_pubnames
.../binutils-git/binutils/dwarf.c:5748
    #9 0x55c14e63d5a5 in dump_dwarf_section objdump.c:3835
    #10 0x55c14eb063c0 in bfd_map_over_sections
.../binutils-git/bfd/section.c:1383
```
The full stack trace is attached.

**Step to reproduce**

We configured `objdump` using 

`CFLAGS="-g -O0 -fsanitize=address" ./configure --prefix=$(pwd)/
--disable-shared --enable-targets=all` 

and build it using `make -j 10`, and run it with:

```
./objdump --line-numbers --debugging <attached file> 440 little --endian=big -d
data32
```

The input file is attached.

**Environment**
- OS: Ubuntu 18.04.5 LTS
- GCC version: gcc 7.5.0
- binutils version: commit (98ca73a) of master branch on sourceware git
([link](https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=98ca73afe51e1e921915c37f242c88d4d445841c))

Thank you.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug binutils/28414] New: SEGV in objdump at bfd/reloc.c:8423, irfanariq at kaist dot ac.kr <=
- [Bug binutils/28414] SEGV in objdump at bfd/reloc.c:8423, amodra at gmail dot com, 2021/10/07

Prev by Date: [Bug ld/28410] Prevent region check failures when relaxation is not final
Next by Date: [Bug binutils/28415] New: stack-buffer-overflow in objdump at disassemble_bytes (objdump.c:2905)
Previous by thread: [Bug binutils/25689] PDP-11 a.out LMA/VMA addresses incorrect
Next by thread: [Bug binutils/28414] SEGV in objdump at bfd/reloc.c:8423
Index(es):
- Date
- Thread