[PATCH] libelf/elf_end.c: check data_list.data.d.d_buf before free it

Jan Pokorný jpokorny@redhat.com
Thu Aug 16 20:15:00 GMT 2018


On 16/08/18 21:25 +0200, Mark Wielaard wrote:
> On Thu, Aug 16, 2018 at 10:34:23AM +0800, Robert Yang wrote:
>> The one which actually saves the data is data_list.data.d.d_buf, so check it
>> before free rawdata_base.
>> 
>> This can fix a segmentation fault when prelink libqb_1.0.3:
>> prelink: /usr/lib/libqb.so.0.18.2: Symbol section index outside of section numbers
>> 
>> The segmentation fault happens when prelink call elf_end().
> 
> Could you run your reproducer under valgrind and show what it
> says before your patch? And/Or post the file (libqb) to replicate
> the reproducer somewhere to see exactly what goes wrong?

As an author of the commit (wider topical patchset) allegedly causing
that problem (see https://github.com/ClusterLabs/libqb/issues/314
for the story behind the problem raised here, specifically,
cross-compiling seems to be involved), I am also curious
about what's going on here.

> I don't fully understand what is going wrong. Is the section data
> pointing to the file data or something created by elf_newdata?

Out of curiousity, tried this on my Fedora machine without any
success to reproduce:

  # dnf install -y libqb https://kojipkgs.fedoraproject.org//packages/prelink/0.5.0/1.fc19/x86_64/prelink-0.5.0-1.fc19.x86_64.rpm
  # chmod -x /etc/cron.daily/prelink
  # cp /usr/lib64/libqb.so.0.19.0{,.bck}
  # /usr/lib64/libqb.so.0.19.0{,.bck} >/dev/null && echo same || echo not
  > not
  # dnf downgrade -y https://kojipkgs.fedoraproject.org//packages/libqb/1.0.2/1.fc26/x86_64/libqb-1.0.2-1.fc26.x86_64.rpm
  # cp /usr/lib64/libqb.so.0.18.2{,.bck}
  # /usr/lib64/libqb.so.0.19.0{,.bck} >/dev/null && echo same || echo not
  > not

-- 
Nazdar,
Poki
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://sourceware.org/pipermail/elfutils-devel/attachments/20180816/9fed37bf/attachment.sig>


More information about the Elfutils-devel mailing list