[Bug binutils/18570] New: Crash in objdump (elf-attrs.c)

[paulwebsec at gmail dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=18570

            Bug ID: 18570
           Summary: Crash in objdump (elf-attrs.c)
           Product: binutils
           Version: 2.25
            Status: NEW
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: paulwebsec at gmail dot com
  Target Milestone: ---

Created attachment 8381
  --> https://sourceware.org/bugzilla/attachment.cgi?id=8381&action=edit
file to reproduce the segfault

Segfault produced by the command: `objdump -r <file>`

(gdb) r -r
"/home/user/binutils-gdb/afl_out_objdump/crashes/id:000007,sig:11,src:002710,op:flip1,pos:26769"
Starting program: /home/user/binutils-gdb/binutils/objdump -r
"/home/user/binutils-gdb/afl_out_objdump/crashes/id:000007,sig:11,src:002710,op:flip1,pos:26769"

Program received signal SIGSEGV, Segmentation fault.
0x00000000006eba4c in bfd_elf_add_obj_attr_int (abfd=abfd@entry=0xc9b1c0,
vendor=vendor@entry=1, tag=tag@entry=-157895616, i=401923) at elf-attrs.c:300
300       attr->i = i;
(gdb) info registers
rax            0x1      1
rbx            0x0      0
rcx            0x62203  401923
rdx            0xf696b440       4137071680
rsi            0x1      1
rdi            0xc9b1c0 13218240
rbp            0xffffffff6a34ff10       0xffffffff6a34ff10
rsp            0x7fffffffe100   0x7fffffffe100
r8             0xc9f201 13234689
r9             0xfffffffff696b440       -157895616
r10            0x9      9
r11            0x3      3
r12            0x1      1
r13            0xc9b1c0 13218240
r14            0x62203  401923
r15            0xc9f29c 13234844
rip            0x6eba4c 0x6eba4c <bfd_elf_add_obj_attr_int+396>
eflags         0x10213  [ CF AF IF RF ]
cs             0x33     51
ss             0x2b     43
ds             0x0      0
es             0x0      0
fs             0x0      0
gs             0x0      0
(gdb) bt
#0  0x00000000006eba4c in bfd_elf_add_obj_attr_int (abfd=abfd@entry=0xc9b1c0,
vendor=vendor@entry=1, tag=tag@entry=-157895616, i=401923) at elf-attrs.c:300
#1  0x00000000006ee1c7 in _bfd_elf_parse_attributes (abfd=abfd@entry=0xc9b1c0,
hdr=hdr@entry=0xc9d8a0) at elf-attrs.c:539
#2  0x00000000006335d5 in bfd_section_from_shdr (abfd=abfd@entry=0xc9b1c0,
shindex=shindex@entry=5) at elf.c:2119
#3  0x000000000061b4d0 in bfd_elf64_object_p (abfd=0xc9b1c0) at elfcode.h:800
#4  0x00000000005af7c0 in bfd_check_format_matches (abfd=abfd@entry=0xc9b1c0,
format=format@entry=bfd_object, matching=matching@entry=0x7fffffffe490) at
format.c:305
#5  0x000000000041fdb0 in display_object_bfd (abfd=0xc9b1c0) at
./objdump.c:3407
#6  display_any_bfd (file=file@entry=0xc9b1c0, level=level@entry=0) at
./objdump.c:3498
#7  0x000000000040d1f6 in display_file (target=0x0, 
    filename=0x7fffffffe861
"/home/user/binutils-gdb/afl_out_objdump/crashes/id:000007,sig:11,src:002710,op:flip1,pos:26769")
at ./objdump.c:3519
#8  display_file (target=<optimized out>, 
    filename=0x7fffffffe861
"/home/user/binutils-gdb/afl_out_objdump/crashes/id:000007,sig:11,src:002710,op:flip1,pos:26769")
at ./objdump.c:3525
#9  main (argc=3, argv=0x7fffffffe618) at ./objdump.c:3802
(gdb)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils