https://sourceware.org/bugzilla/show_bug.cgi?id=27946
Bug ID: 27946
Summary: using objdump -D with a file leads to endless loop
Product: binutils
Version: 2.30
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: l392zhan at uwaterloo dot ca
Target Milestone: ---
OS:
Linux
Affected component
objdump - GNU objdump (GNU Binutils) 2.30
executable file link:
https://github.com/l392zhan/AttentionFuzzer/blob/main/objdump/objdump
Attack vector(s)
execute the program with "objdump -D attack_vector" command can cause the
process run forever. After debugging the program through GDB, we found that
there is an endless loop, which starts from function elf_parse_notes, which is
a function defined in elf.c file, and ends at a fixed address.
attack vectors link:
https://github.com/l392zhan/AttentionFuzzer/tree/main/objdump/attack-vector
GDB screenshot link:
https://github.com/l392zhan/AttentionFuzzer/blob/main/objdump/GDB_screenshot.jpeg
--
You are receiving this mail because:
You are on the CC list for the bug.
