Created attachment 13525 [details] poc Hi there, I crashed `readelf -w` with a fuzzer. The cause is Assertion `(data) <= (end)' failed in dwarf.c:skip_attr_bytes. - Compiler: clang12 - Platform: Ubuntu 18.04.5 LTS, x86_64 - Reproduce: run `readelf -w poc` The raw output was: readelf: dwarf.c:1969: unsigned char *skip_attr_bytes(unsigned long, unsigned char *, unsigned char *, dwarf_vma, dwarf_vma, int, dwarf_vma *): Assertion `(data) <= (end)' failed. Aborted
The master branch has been updated by Alan Modra <amodra@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=40e1d303cedca7d67f6219686f06b9750659beab commit 40e1d303cedca7d67f6219686f06b9750659beab Author: Alan Modra <amodra@gmail.com> Date: Sat Jul 3 09:38:40 2021 +0930 PR28047, readelf crash due to assertion failure DW_FORM_ref1, DW_FORM_ref2, DW_FORM_ref4, DW_FORM_ref1, and DW_FORM_ref_udata are all supposed to be within the containing unit. PR 28047 * dwarf.c (get_type_abbrev_from_form): Add cu_end parameter. Check DW_FORM_ref1 etc. arg against cu_end rather than end of section. Adjust all callers.
Patch applied