[Bug general/25838] New: eu-readelf crashes due to a general protection fault

nguyenmanhdung1710 at gmail dot com sourceware-bugzilla@sourceware.org
Thu Apr 16 15:11:34 GMT 2020


            Bug ID: 25838
           Summary: eu-readelf crashes due to a general protection fault
           Product: elfutils
           Version: unspecified
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: general
          Assignee: unassigned at sourceware dot org
          Reporter: nguyenmanhdung1710 at gmail dot com
                CC: elfutils-devel at sourceware dot org
  Target Milestone: ---

Created attachment 12470
  --> https://sourceware.org/bugzilla/attachment.cgi?id=12470&action=edit


A general protection fault was discovered in the latest commit 1a9fe4b of
elfutils 0.179, as demonstrated by eu-readelf, that can cause a denial of
service via a crafted file.

To reproduce: eu-readelf -a PoC

Valgrind says:
==3222== Process terminating with default action of signal 11 (SIGSEGV)
==3222==  General Protection Fault
==3222==    at 0x4124AB: handle_gnu_hash (readelf.c:3430)
==3222==    by 0x4124AB: handle_hash (readelf.c:3501)
==3222==    by 0x45EA8B: process_elf_file (readelf.c:1012)
==3222==    by 0x465129: process_dwflmod (readelf.c:790)
==3222==    by 0x4FCC888: dwfl_getmodules (dwfl_getmodules.c:86)
==3222==    by 0x4094D5: process_file (readelf.c:898)
==3222==    by 0x404D1E: main (readelf.c:372)

Manh Dung

You are receiving this mail because:
You are on the CC list for the bug.

More information about the Elfutils-devel mailing list