27946 – using objdump -D with a file leads to an endless loop

Bug 27946 - using objdump -D with a file leads to an endless loop

Summary: using objdump -D with a file leads to an endless loop

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	binutils
Classification:	Unclassified
Component:	binutils (show other bugs)
Version:	2.30

Importance:	P2 normal
Target Milestone:	---
Assignee:	Not yet assigned to anyone

URL:
Keywords:

Depends on:
Blocks:

Reported:	2021-06-03 08:16 UTC by Liyi Zhang
Modified:	2021-06-03 09:53 UTC (History)
CC List:	0 users

See Also:
Host:
Target:
Build:
Last reconfirmed:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Liyi Zhang 2021-06-03 08:16:50 UTC

OS:
Linux

Affected component
objdump - GNU objdump (GNU Binutils) 2.30
executable file link: https://github.com/l392zhan/AttentionFuzzer/blob/main/objdump/objdump

Attack vector(s)
execute the program with "objdump -D attack_vector" command can cause the process run forever. After debugging the program through GDB, we found that there is an endless loop, which starts from function elf_parse_notes, which is a function defined in elf.c file, and ends at a fixed address.
attack vectors link: https://github.com/l392zhan/AttentionFuzzer/tree/main/objdump/attack-vector
GDB screenshot link: https://github.com/l392zhan/AttentionFuzzer/blob/main/objdump/GDB_screenshot.jpeg

Comment 1 Alan Modra 2021-06-03 09:53:16 UTC

No problem with current mainline objdump.