This is the mail archive of the
elfutils-devel@sourceware.org
mailing list for the elfutils project.
Re: [PATCH] libelf/elf_end.c: check data_list.data.d.d_buf before free it
On 08/17/2018 03:25 AM, Mark Wielaard wrote:
Hi,
On Thu, Aug 16, 2018 at 10:34:23AM +0800, Robert Yang wrote:
The one which actually saves the data is data_list.data.d.d_buf, so check it
before free rawdata_base.
This can fix a segmentation fault when prelink libqb_1.0.3:
prelink: /usr/lib/libqb.so.0.18.2: Symbol section index outside of section numbers
The segmentation fault happens when prelink call elf_end().
Could you run your reproducer under valgrind and show what it
says before your patch? And/Or post the file (libqb) to replicate
the reproducer somewhere to see exactly what goes wrong?
I don't fully understand what is going wrong. Is the section data
pointing to the file data or something created by elf_newdata?
Thanks for the reply, I found this problem in a cross build environment,
but we are using elfutils as native tool (directly running on host), its
version is 0.172, srcrev=01e87ab4c5a6a249c04e22a97a4221d3.
$ VALGRIND_LIB=/path/to/usr/lib/valgrind valgrind prelink --root
/path/to/core-image-minimal/1.0-r0/rootfs -amR -N -c /etc/prelink.conf
--dynamic-linker /lib/ld-linux-x86-64.so.2 -v
Here are the problems related to elfutils:
prelink: /usr/lib/libqb.so.0.19.0: Symbol section index outside of section numbers
==25330== Invalid free() / delete / delete[] / realloc()
==25330== at 0x4C3026B: free (in
/path/to/recipe-sysroot-native/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==25330== by 0x50991F5: elf_end (elf_end.c:171)
==25330== by 0x41E916: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x422233: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x408BE1: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x409015: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x4038FB: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x52CF04A: (below main) (in
/buildarea1/lyang1/test_up/tmp/sysroots-uninative/x86_64-linux/lib/libc-2.27.so)
==25330== Address 0x9305300 is 0 bytes inside a block of size 20 free'd
==25330== at 0x4C3026B: free (in
/path/to/recipe-sysroot-native/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==25330== by 0x41E8B7: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x422233: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x408BE1: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x409015: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x4038FB: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x52CF04A: (below main) (in
/buildarea1/lyang1/test_up/tmp/sysroots-uninative/x86_64-linux/lib/libc-2.27.so)
==25330== Block was alloc'd at
==25330== at 0x4C2F03F: malloc (in
/path/to/recipe-sysroot-native/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==25330== by 0x509DE8E: __libelf_set_rawdata_wrlock (elf_getdata.c:329)
==25330== by 0x509E20E: __elf_getdata_rdlock (elf_getdata.c:532)
==25330== by 0x509E24D: elf_getdata (elf_getdata.c:559)
==25330== by 0x420A70: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x413860: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x408D64: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x409015: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x4038FB: ??? (in /path/to/recipe-sysroot-native/usr/sbin/prelink)
==25330== by 0x52CF04A: (below main) (in
/buildarea1/lyang1/test_up/tmp/sysroots-uninative/x86_64-linux/lib/libc-2.27.so)
// Robert
Thanks,
Mark