https://sourceware.org/bugzilla/show_bug.cgi?id=30892
Bug ID: 30892
Summary: objdump: SEGV at bfd/elf.c:2562 in
bfd_elf_print_symbol
Product: binutils
Version: 2.42 (HEAD)
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: yan.cs10 at nycu dot edu.tw
Target Milestone: ---
Created attachment 15131
--> https://sourceware.org/bugzilla/attachment.cgi?id=15131&action=edit
this poc with -T argument can crash objdump in the latest version
Summary:
A crash caused when using objdump
AddressSanitizer reported it as SEGV
git commit, OS, Compiler and processor
git commit: be8e83130
gcc (Ubuntu 9.4.0-1ubuntu1~20.04.2) 9.4.0
g++ (Ubuntu 9.4.0-1ubuntu1~20.04.2) 9.4.0
Ubuntu 20.04.4 LTS
AMD Ryzen 5 3600X 6-Core Processor
Steps to reproduce:
$ cd binutils-gdb
$ export CFLAGS='-fsanitize=address -fsanitize-recover=address -g3'
$ export CXXFLAGS='-fsanitize=address -fsanitize-recover=address -g3'
$ make
$ binutils/objdump -T ./poc_36
AddressSanitizer report:
$ /home/pt/sytseng/binutils-gdb-asan/binutils/objdump -T ./poc_36
/home/pt/sytseng/binutils-gdb-asan/binutils/objdump: option -P/--private not
supported by this file
AddressSanitizer:DEADLYSIGNAL
=================================================================
==2557302==ERROR: AddressSanitizer: SEGV on unknown address 0x62100a006570 (pc
0x7fbf1d067616 bp 0x7ffe2bd496d0 sp 0x7ffe2bd48df8 T0)
==2557302==The signal is caused by a READ memory access.
#0 0x7fbf1d067615 in __sanitizer::internal_strlen(char const*)
../../../../src/libsanitizer/sanitizer_common/sanitizer_libc.cc:164
#1 0x7fbf1cfde174 in printf_common
../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors_format.inc:544
#2 0x7fbf1cfdefb6 in __interceptor_vfprintf
../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1604
#3 0x7fbf1cfdf0be in __interceptor_fprintf
../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1661
#4 0x55daa305218e in bfd_elf_print_symbol
/home/pt/sytseng/binutils-gdb-asan/bfd/elf.c:2562
#5 0x55daa2e80e01 in dump_symbols objdump.c:5162
#6 0x55daa2e834e1 in dump_bfd objdump.c:5670
#7 0x55daa2e838cd in display_object_bfd objdump.c:5750
#8 0x55daa2e83c05 in display_any_bfd objdump.c:5837
#9 0x55daa2e83c7f in display_file objdump.c:5858
#10 0x55daa2e85633 in main objdump.c:6269
#11 0x7fbf1cd6d082 in __libc_start_main ../csu/libc-start.c:308
#12 0x55daa2e6937d in _start
(/home/pt/sytseng/binutils-gdb-asan/binutils/objdump+0x13737d)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
../../../../src/libsanitizer/sanitizer_common/sanitizer_libc.cc:164 in
__sanitizer::internal_strlen(char const*)
==2557302==ABORTING
--
You are receiving this mail because:
You are on the CC list for the bug.
