https://sourceware.org/bugzilla/show_bug.cgi?id=34324
Bug ID: 34324
Summary: readelf: SIGABRT in process_relocs when processing ELF
relocation data
Product: binutils
Version: 2.47 (HEAD)
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: 970429025 at qq dot com
Target Milestone: ---
Created attachment 16798
--> https://sourceware.org/bugzilla/attachment.cgi?id=16798&action=edit
The PoC attachment contains the input file (Denial_of_Service) that triggers
this behavior.
Overview:
Running readelf with -a -D on a ELF input file causes the program to terminate
with SIGABRT.
The program does not exit gracefully and instead aborts while processing
relocation information in process_relocs().
Steps to Reproduce:
./readelf -a -D Denial_of_Service
Actual Results:
readelf terminates with SIGABRT.
GDB output excerpt:
Program received signal SIGABRT, Aborted.
#0 0x00007400717969fc in pthread_kill () from /lib/x86_64-linux-gnu/libc.so.6
#1 0x0000740071742476 in raise () from /lib/x86_64-linux-gnu/libc.so.6
#2 0x00007400717287f3 in abort () from /lib/x86_64-linux-gnu/libc.so.6
#3 0x000000000045076e in process_relocs ()
#4 0x0000000000441a83 in process_object ()
#5 0x000000000043260b in process_file ()
#6 0x00000000004305b6 in main ()
Expected Results:
readelf should exit normally, rather than terminating via abort().
Build & Platform:
binutils version: GNU Binutils 2.46.50.20260601
component: readelf
OS: Ubuntu 22.04.5 LTS
arch: x86_64
Additional Information:
The PoC attachment contains the input file that triggers the crash:
Denial_of_Service.
Crash type: SIGABRT
Crash location: process_relocs()
Affected option: -D
Fully reproducible.
--
You are receiving this mail because:
You are on the CC list for the bug.