https://sourceware.org/bugzilla/show_bug.cgi?id=19255
Bug ID: 19255
Summary: Malformed ELF triggers NULL pointer dereference in
_bfd_elf_setup_sections
Product: binutils
Version: 2.25
Status: NEW
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: bazad at stanford dot edu
Target Milestone: ---
Created attachment 8789
--> https://sourceware.org/bugzilla/attachment.cgi?id=8789&action=edit
ELF file to reproduce
A malformed ELF file can trigger a NULL pointer dereference in the function
_bfd_elf_setup_sections in elf.c:
835 /* There are some unknown sections in the group. */
836 (*_bfd_error_handler)
837 (_("%B: unknown [%d] section `%s' in group [%s]"),
838 abfd,
839 (unsigned int) idx->shdr->sh_type,
840 bfd_elf_string_from_elf_section (abfd,
841 (elf_elfheader (abfd)
842 ->e_shstrndx),
843 idx->shdr->sh_name),
844 shdr->bfd_section->name);
845 result = FALSE;
shdr->bfd_section is NULL when the above code is run. This is unlikely to be
exploitable.
Found with American Fuzzy Lop.
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils
