[Bug binutils/23945] New: There is an illegal READ memory access at binutils/readelf.c:8028(function slurp_hppa_unwind_table) that could cause crash in binutils 2.31.
https://sourceware.org/bugzilla/show_bug.cgi?id=23945 Bug ID: 23945 Summary: There is an illegal READ memory access at binutils/readelf.c:8028(function slurp_hppa_unwind_table) that could cause crash in binutils 2.31. Product: binutils Version: 2.31 Status: UNCONFIRMED Severity: critical Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: ganshuitao at gmail dot com Target Milestone: --- Created attachment 11425 --> https://sourceware.org/bugzilla/attachment.cgi?id=11425&action=edit Triggered by “./readelf -aW poc0” version: binutils 2.31 Summary: There is an illegal READ memory access at binutils/readelf.c:8028(function slurp_hppa_unwind_table) that could cause crash in binutils 2.31. Description: The asan debug is as follows: $./readelf -aW POC0 ASAN:DEADLYSIGNAL = ==112614==ERROR: AddressSanitizer: SEGV on unknown address 0x (pc 0x7f41689057d9 bp 0x7fffc6885440 sp 0x7fffc6884ba0 T0) ==112614==The signal is caused by a READ memory access. ==112614==Hint: address points to the zero page. #0 0x7f41689057d8 (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x5a7d8) #1 0x55eb6edc3485 in slurp_hppa_unwind_table /home/company/real/binutils-2.31/binutils/readelf.c:8028 #2 0x55eb6edc3485 in hppa_process_unwind /home/company/real/binutils-2.31/binutils/readelf.c:8115 #3 0x55eb6ede985c in process_unwind /home/company/real/binutils-2.31/binutils/readelf.c:9253 #4 0x55eb6ede985c in process_object /home/company/real/binutils-2.31/binutils/readelf.c:18822 #5 0x55eb6ed9daa9 in process_file /home/company/real/binutils-2.31/binutils/readelf.c:19259 #6 0x55eb6ed9daa9 in main /home/company/real/binutils-2.31/binutils/readelf.c:19318 #7 0x7f41684ec1c0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x211c0) #8 0x55eb6ed9e319 in _start (/home/company/real/binutils-2.31/install_asan/bin/readelf+0x98319) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x5a7d8) ==112614==ABORTING -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
[Bug binutils/23946] New: There is an illegal READ memory access at binutils/readelf.c:7594(function slurp_ia64_unwind_table ) that could cause crash in binutils 2.31.
https://sourceware.org/bugzilla/show_bug.cgi?id=23946 Bug ID: 23946 Summary: There is an illegal READ memory access at binutils/readelf.c:7594(function slurp_ia64_unwind_table ) that could cause crash in binutils 2.31. Product: binutils Version: 2.32 (HEAD) Status: UNCONFIRMED Severity: critical Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: ganshuitao at gmail dot com Target Milestone: --- Created attachment 11426 --> https://sourceware.org/bugzilla/attachment.cgi?id=11426&action=edit Triggered by “./readelf -aW poc1” version: binutils 2.31 Summary: There is an illegal READ memory access at binutils/readelf.c:7594(function slurp_ia64_unwind_table ) that could cause crash in binutils 2.31. Description: The asan debug is as follows: $./readelf -aW POC1 ASAN:DEADLYSIGNAL = ==112613==ERROR: AddressSanitizer: SEGV on unknown address 0x07b2459c (pc 0x55fad064e195 bp 0x3d922c5f sp 0x7ffd4fb421f0 T0) ==112613==The signal is caused by a READ memory access. #0 0x55fad064e194 in slurp_ia64_unwind_table /home/company/real/binutils-2.31/binutils/readelf.c:7594 #1 0x55fad064e194 in ia64_process_unwind /home/company/real/binutils-2.31/binutils/readelf.c:7755 #2 0x55fad067185c in process_unwind /home/company/real/binutils-2.31/binutils/readelf.c:9253 #3 0x55fad067185c in process_object /home/company/real/binutils-2.31/binutils/readelf.c:18822 #4 0x55fad0674f7d in process_archive /home/company/real/binutils-2.31/binutils/readelf.c:19167 #5 0x55fad0625c9d in process_file /home/company/real/binutils-2.31/binutils/readelf.c:19242 #6 0x55fad0625c9d in main /home/company/real/binutils-2.31/binutils/readelf.c:19318 #7 0x7fd4b4ae51c0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x211c0) #8 0x55fad0626319 in _start (/home/company/real/binutils-2.31/install_asan/bin/readelf+0x98319) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/company/real/binutils-2.31/binutils/readelf.c:7594 in slurp_ia64_unwind_table ==112613==ABORTING -- You are receiving this mail because: You are on the CC list for the bug. ___ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
