yes sure I can add this to bugzilla. I doubt the fix you're suggesting will work, as the code I'm using already has the " aux->table_len = 0;" The problem is that this length is updated in slurp_hppa_unwind_table(), but the function returns FALSE before aux->table is populated with the corresponding entries. That's where the mismatch comes from.
So the loop "for (tp = aux->table; tp < aux->table + aux->table_len; ++tp)" is executed because the "aux->table_len" is non-zero. But aux->table is 0... I will put it on bugzilla :) Best Laurent ________________________________________ From: Nick Clifton <ni...@redhat.com> Sent: Tuesday, July 31, 2018 9:40 AM To: Laurent Simon; bug-binutils@gnu.org Subject: Re: crash accessing address 0 in readelf (binutils-2.2.7a) Hi Laurent, > I've come across an issue in readelf (binutils-2.2.7a), as follows: Thanks for reporting this problem. In the future, would you mind using the binutils bugzilla system as this allows us to keep a track of the bug and fixes that we create for it: https://sourceware.org/bugzilla/enter_bug.cgi > Even if the function slurp_hppa_unwind_table() fails, the function > dump_hppa_unwind() > is executed. In dump_hppa_unwind(): Your fix should work, but I think that it would be cleaner to update slurp_hppa_unwind_table instead. Would you mind checking this patch and letting me know if it works ? diff --git a/binutils/readelf.c b/binutils/readelf.c index 90dbdf7e2b..34acf6346a 100644 --- a/binutils/readelf.c +++ b/binutils/readelf.c @@ -7934,6 +7934,8 @@ slurp_hppa_unwind_table (Filedata * filedata, Elf_Internal_Sym * sym; const char * relname; + aux->table_len = 0; + /* First, find the starting address of the segment that includes this section. */ if (filedata->file_header.e_phnum) > I can give you the input to trigger the bug if you'd like. I tried to attach > it to this email but could not as your server thinks there is malware in it... he he. Well you should be able to upload it to the bugzilla system if you use that. Cheers Nick _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
