Created attachment 15845 [details] the file triggered the segmentation fault using nm with option `--without-symbol-versions --synthetic -p -D -C` on a specified elf files will caught a segmentation fault. The elf file is attached as the attachment
The problem is the one of the symbols contains an @ character: _ZN1@SerialFOTBuilder12endExtensionERKN10FOTBuilder24CompoundExtensionFlowObjE Because nm is being run with the --without-symbol-versions option it is (temporarily) trying to replace the @ character with a NUL. But since the symbol table has been mmap()ed from the file it is in read-only memory, and so a write fault occurs. I have a local patch to fix this which I am testing now.
(In reply to Nick Clifton from comment #1) > The problem is the one of the symbols contains an @ character: > > > _ZN1@SerialFOTBuilder12endExtensionERKN10FOTBuilder24CompoundExtensionFlowObj > E > > Because nm is being run with the --without-symbol-versions option it is > (temporarily) trying to replace the @ character with a NUL. But since the > symbol table has been mmap()ed from the file it is in read-only memory, and > so a write fault occurs. > > I have a local patch to fix this which I am testing now. Got it, thanks for your fixing!
The master branch has been updated by Nick Clifton <nickc@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2d41e8a42f1d4c6450feb9c2b7c79afa3f67f4a commit c2d41e8a42f1d4c6450feb9c2b7c79afa3f67f4a Author: Nick Clifton <nickc@redhat.com> Date: Tue Dec 17 09:16:53 2024 +0000 nm: Avoid potential segmentation fault when displaying symbols without version info. PR 32467
The binutils-2_43-branch branch has been updated by Nick Clifton <nickc@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f8987d3999edb26e757115fe87be55787d510b9 commit 5f8987d3999edb26e757115fe87be55787d510b9 Author: Nick Clifton <nickc@redhat.com> Date: Tue Dec 17 09:18:57 2024 +0000 nm: Avoid potential segmentation fault when displaying symbols without version info. PR 32467
Right - I have applied a fix to the mainline sources and the 2.43 branch.
CVE-2024-57360 assigned
(In reply to 孙文举 from comment #6) > CVE-2024-57360 assigned Note - the binutils/SECURITY.txt document makes it clear that bugs in inspection tools (such as nm) are not considered to be security issues and as such should not really qualify for a CVE assignment. I mention this because once a CVE is assigned it makes a lot of work for myself and other distribution maintainers, who then have to go through the whole security review process all for a bug which whilst real, will not actually interfere with the creation of working, safe, programs.
Thank you for bringing this to my attention. I must apologize for not thoroughly reviewing the SECURITY.txt document before proceeding. I now understand that bugs in inspection tools, such as nm, are not considered security issues and do not warrant a CVE assignment. I sincerely regret any inconvenience or unnecessary workload this may have caused for you and other distribution maintainers. I will ensure to review the relevant documentation more carefully in the future to avoid similar situations.