14873 – objcopy segfault

Bug 14873 - objcopy segfault

Summary: objcopy segfault

Status:	RESOLVED FIXED

Alias:	None

Product:	binutils
Classification:	Unclassified
Component:	binutils (show other bugs)
Version:	2.23

Importance:	P2 normal
Target Milestone:	---
Assignee:	Not yet assigned to anyone

URL:
Keywords:

Depends on:
Blocks:

Reported:	2012-11-23 17:15 UTC by Anders Montonen
Modified:	2013-02-07 03:45 UTC (History)
CC List:	1 user (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Anders Montonen 2012-11-23 17:15:17 UTC

Trying to create an elf32-sh object from a binary causes a segfault:
$ sh-elf-objcopy -B sh -I binary -O elf32-sh infile outfile.elf
Segmentation fault: 11

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   sh-elf-objcopy                	0x0000000104282eef _bfd_elf_copy_obj_attributes + 287
1   sh-elf-objcopy                	0x000000010425428e sh_elf_copy_private_data + 30
2   sh-elf-objcopy                	0x0000000104213423 copy_object + 5827 (objcopy.c:2012)
3   sh-elf-objcopy                	0x0000000104214752 copy_file + 2178 (objcopy.c:2340)
4   sh-elf-objcopy                	0x0000000104211241 main + 8033 (objcopy.c:4046)
5   sh-elf-objcopy                	0x000000010420f2d4 start + 52

Host is OS X 10.7.5, binutils was configured with target=sh-elf and built with the November 2012 Xcode command-line tool release.

Comment 1 Anders Montonen 2013-02-07 01:17:09 UTC

The same test also crashes on Linux (tested on Scientific Linux 6.3 64-bit).

The crash happens in _bfd_elf_copy_obj_attributes on the line
if (in_attr->s && *in_attr->s)

At the point of the crash, in_attr->s contains the value 0x2d8322e657274450 which is clearly invalid.

The loop index i has the value 56.

Comment 2 Sourceware Commits 2013-02-07 03:44:33 UTC

CVSROOT:	/cvs/src
Module name:	src
Changes by:	amodra@sourceware.org	2013-02-07 03:44:27

Modified files:
	bfd            : ChangeLog elf-attrs.c 

Log message:
	PR binutils/14873
	* elf-attrs.c (_bfd_elf_copy_obj_attributes): Don't attempt to
	copy attributes from or to non-ELF.

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/src/bfd/ChangeLog.diff?cvsroot=src&r1=1.5933&r2=1.5934
http://sourceware.org/cgi-bin/cvsweb.cgi/src/bfd/elf-attrs.c.diff?cvsroot=src&r1=1.15&r2=1.16

Comment 3 Sourceware Commits 2013-02-07 03:44:47 UTC

CVSROOT:	/cvs/src
Module name:	src
Branch: 	binutils-2_23-branch
Changes by:	amodra@sourceware.org	2013-02-07 03:44:41

Modified files:
	bfd            : ChangeLog elf-attrs.c 

Log message:
	PR binutils/14873
	* elf-attrs.c (_bfd_elf_copy_obj_attributes): Don't attempt to
	copy attributes from or to non-ELF.

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/src/bfd/ChangeLog.diff?cvsroot=src&only_with_tag=binutils-2_23-branch&r1=1.5758.2.41&r2=1.5758.2.42
http://sourceware.org/cgi-bin/cvsweb.cgi/src/bfd/elf-attrs.c.diff?cvsroot=src&only_with_tag=binutils-2_23-branch&r1=1.15&r2=1.15.4.1

Comment 4 Alan Modra 2013-02-07 03:45:25 UTC

Fixed