readelf crashes very easily when parsing malformed binaries. The attached patch fixes three floating point exceptions (divide-by-zero) and approximately 13 out-of-bounds reads (due to null pointer dereference, integer overflows, and bad array indexing). I have test files that trigger each of these crashes, but the patch should be pretty self-explanatory. I've tested the patch, confirmed it breaks no functionality, and that it resolves each of my crash files:
(Patch hosted on Ubuntu's Launchpad) http://launchpadlibrarian.net/53144133/readelf-crashes.patch -- Summary: readef: fixes for multiple crashes Product: binutils Version: 2.20 Status: NEW Severity: normal Priority: P2 Component: binutils AssignedTo: unassigned at sources dot redhat dot com ReportedBy: dan dot j dot rosenberg at gmail dot com CC: bug-binutils at gnu dot org http://sourceware.org/bugzilla/show_bug.cgi?id=11889 ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org http://lists.gnu.org/mailman/listinfo/bug-binutils
