https://sourceware.org/bugzilla/show_bug.cgi?id=32655
Mark Wielaard <mark at klomp dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |ASSIGNED
Assignee|unassigned at sourceware dot org |mark at klomp dot org
CC| |mark at klomp dot org
Last reconfirmed| |2025-02-08
Ever confirmed|0 |1
--- Comment #1 from Mark Wielaard <mark at klomp dot org> ---
Replicated with valgrind and eu-readelf --sym -D
==726277== Invalid read of size 4
==726277== at 0x409C85: handle_dynamic_symtab (readelf.c:2914)
==726277== by 0x408DBC: print_symtab (readelf.c:2581)
==726277== by 0x404543: process_elf_file (readelf.c:1064)
==726277== by 0x403C06: process_dwflmod (readelf.c:840)
==726277== by 0x48BD942: dwfl_getmodules (dwfl_getmodules.c:86)
==726277== by 0x40403A: process_file (readelf.c:948)
==726277== by 0x402B55: main (readelf.c:417)
==726277== Address 0x0 is not stack'd, malloc'd or (recently) free'd
This simply doesn't check that there is a valid phdr after calling
elf_gelfphdr.
Solution is adding a simple check:
diff --git a/src/readelf.c b/src/readelf.c
index 3991cda81df2..986ceb4b315a 100644
--- a/src/readelf.c
+++ b/src/readelf.c
@@ -2911,7 +2911,7 @@ handle_dynamic_symtab (Ebl *ebl)
for (size_t i = 0; i < phnum; ++i)
{
phdr = gelf_getphdr (ebl->elf, i, &phdr_mem);
- if (phdr->p_type == PT_DYNAMIC)
+ if (phdr == NULL || phdr->p_type == PT_DYNAMIC)
break;
}
if (phdr == NULL)
Also introduced when -D/--dynamic support was added in commit 4d8de4b2fa05
("readelf: display dynamic symtab without section headers")
--
You are receiving this mail because:
You are on the CC list for the bug.
