Created attachment 12279 [details] crash test case readelf crashes with the following command: ./readelf -a -D <attached file> It crashes at process_relocs readelf.c:7316. Program received signal SIGSEGV, Segmentation fault. 0x00007ffff7a5bcc0 in _IO_vfprintf_internal (s=0x7ffff7dd2620 <_IO_2_1_stdout_>, format=<optimized out>, ap=ap@entry=0x7fffffffdcd8) at vfprintf.c:1632 1632 vfprintf.c: No such file or directory. (gdb) bt #0 0x00007ffff7a5bcc0 in _IO_vfprintf_internal (s=0x7ffff7dd2620 <_IO_2_1_stdout_>, format=<optimized out>, ap=ap@entry=0x7fffffffdcd8) at vfprintf.c:1632 #1 0x00007ffff7b239ef in ___printf_chk (flag=flag@entry=1, format=<optimized out>) at printf_chk.c:35 #2 0x000000000042cd96 in printf (__fmt=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/stdio2.h:104 #3 dump_ia64_vms_dynamic_fixups (strtab_sz=134512692, strtab=0x0, fixup=0x7fffffffde40, filedata=0x6c0000) at readelf.c:7104 #4 process_ia64_vms_dynamic_relocs (filedata=0x6c0000) at readelf.c:7219 #5 process_relocs (filedata=0x6c0000) at readelf.c:7316 #6 process_object (filedata=filedata@entry=0x6c0000) at readelf.c:19966 #7 0x00000000004034fd in process_file (file_name=<optimized out>) at readelf.c:20416 #8 main (argc=4, argv=0x7fffffffe148) at readelf.c:20475
The master branch has been updated by Nick Clifton <nickc@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=736990c44277615e47d5dfab523c70488911624d commit 736990c44277615e47d5dfab523c70488911624d Author: Nick Clifton <nickc@redhat.com> Date: Thu Feb 27 16:28:25 2020 +0000 Fix an illegal memory access by readelf when displaying the contents of a corrupt IA64 binary. PR 25526 * readelf.c (process_ia64_vms_dynamic_relocs): Check to see if get_data is unable to load the string table.
Fixed.