[Bug binutils/24898] New: An out-of-bounds read occured in display_data

Mon, 12 Aug 2019 03:59:12 -0700 

https://sourceware.org/bugzilla/show_bug.cgi?id=24898

            Bug ID: 24898
           Summary: An out-of-bounds read occured in display_data
           Product: binutils
           Version: 2.33 (HEAD)
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: mgcho.minic at gmail dot com
  Target Milestone: ---

Created attachment 11946
  --> https://sourceware.org/bugzilla/attachment.cgi?id=11946&action=edit
Poc to trigger bug

Triggered by "./objdump -W $POC"
Tested on Ubuntu 16.04 (x86)

An out-of-bounds read occurred when processing malformed PE file.


==138514==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf4303b55
at pc 0x082257b1 bp 0xffffcd98 sp 0xffffcd8c
READ of size 1 at 0xf4303b55 thread T0
    #0 0x82257b0 in display_data
/home/seclab/binutils-gdb/binutils/dwarf.c:7530:21
    #1 0x82257b0 in display_augmentation_data
/home/seclab/binutils-gdb/binutils/dwarf.c:7544
    #2 0x81bb389 in display_debug_frames
/home/seclab/binutils-gdb/binutils/dwarf.c:7854:8
    #3 0x817f7a5 in dump_dwarf_section
/home/seclab/binutils-gdb/binutils/./objdump.c:2923:6
    #4 0x83ddfb0 in bfd_map_over_sections
/home/seclab/binutils-gdb/bfd/section.c:1374:5
    #5 0x817cf97 in dump_dwarf
/home/seclab/binutils-gdb/binutils/./objdump.c:2993:3
    #6 0x8175e31 in dump_bfd
/home/seclab/binutils-gdb/binutils/./objdump.c:4058:5
    #7 0x8173583 in display_any_bfd
/home/seclab/binutils-gdb/binutils/./objdump.c:4130:7
    #8 0x8171883 in display_file
/home/seclab/binutils-gdb/binutils/./objdump.c:4243:3
    #9 0x8171883 in main /home/seclab/binutils-gdb/binutils/./objdump.c:4561
    #10 0xf7d85636 in __libc_start_main
/build/glibc-GoSbp4/glibc-2.23/csu/../csu/libc-start.c:291
    #11 0x806e7b7 in _start
(/home/seclab/binutils-gdb/binutils/objdump+0x806e7b7)


Credits:

Mingi Cho, Seoyoung Kim, and Taekyoung Kwon of the Information Security Lab,
Yonsei University.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

Reply via email to