[Bug general/25838] New: eu-readelf crashes due to a general protection fault
nguyenmanhdung1710 at gmail dot com
sourceware-bugzilla@sourceware.org
Thu Apr 16 15:11:34 GMT 2020
https://sourceware.org/bugzilla/show_bug.cgi?id=25838
Bug ID: 25838
Summary: eu-readelf crashes due to a general protection fault
Product: elfutils
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: general
Assignee: unassigned at sourceware dot org
Reporter: nguyenmanhdung1710 at gmail dot com
CC: elfutils-devel at sourceware dot org
Target Milestone: ---
Created attachment 12470
--> https://sourceware.org/bugzilla/attachment.cgi?id=12470&action=edit
PoC
Hi,
A general protection fault was discovered in the latest commit 1a9fe4b of
elfutils 0.179, as demonstrated by eu-readelf, that can cause a denial of
service via a crafted file.
To reproduce: eu-readelf -a PoC
Valgrind says:
==3222== Process terminating with default action of signal 11 (SIGSEGV)
==3222== General Protection Fault
==3222== at 0x4124AB: handle_gnu_hash (readelf.c:3430)
==3222== by 0x4124AB: handle_hash (readelf.c:3501)
==3222== by 0x45EA8B: process_elf_file (readelf.c:1012)
==3222== by 0x465129: process_dwflmod (readelf.c:790)
==3222== by 0x4FCC888: dwfl_getmodules (dwfl_getmodules.c:86)
==3222== by 0x4094D5: process_file (readelf.c:898)
==3222== by 0x404D1E: main (readelf.c:372)
Thanks,
Manh Dung
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Elfutils-devel
mailing list