Created attachment 8789 [details] ELF file to reproduce A malformed ELF file can trigger a NULL pointer dereference in the function _bfd_elf_setup_sections in elf.c: 835 /* There are some unknown sections in the group. */ 836 (*_bfd_error_handler) 837 (_("%B: unknown [%d] section `%s' in group [%s]"), 838 abfd, 839 (unsigned int) idx->shdr->sh_type, 840 bfd_elf_string_from_elf_section (abfd, 841 (elf_elfheader (abfd) 842 ->e_shstrndx), 843 idx->shdr->sh_name), 844 shdr->bfd_section->name); 845 result = FALSE; shdr->bfd_section is NULL when the above code is run. This is unlikely to be exploitable. Found with American Fuzzy Lop.
Hi Bazad, This problem has already been reported and fixed in PR 18758. But thanks very much for reporting the problem anyway. Cheers Nick *** This bug has been marked as a duplicate of bug 18758 ***