elf_strptr.c:60)

swj22 at mails dot tsinghua.edu.cn Mon, 10 Feb 2025 05:16:58 -0800

https://sourceware.org/bugzilla/show_bug.cgi?id=32672


            Bug ID: 32672
           Summary: eu-strip SEGV (illegal read access) in validate_str
                    (libelf/elf_strptr.c:60)
           Product: elfutils
           Version: unspecified
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: tools
          Assignee: unassigned at sourceware dot org
          Reporter: swj22 at mails dot tsinghua.edu.cn
                CC: elfutils-devel at sourceware dot org
  Target Milestone: ---

Created attachment 15940
  --> https://sourceware.org/bugzilla/attachment.cgi?id=15940&action=edit
poc

**Description**
A segv can occur in eu-strip  when using the  --reloc-debug-sections-only 
options with a specially crafted input file. This issue leads to illegal memory
access.

**Affected Version**
GNU eu-strip 0.192

**Steps to Reproduce**

Build elfutils 0.192  with AddressSanitizer (e.g., CFLAGS="-g
-fsanitize=address" ./configure && make -j).
Run the following command:
./elfutils-0.192/bins/bin/eu-strip --reloc-debug-sections-only  /tmp/poc
AddressSanitizer:DEADLYSIGNAL
=================================================================
==2777947==ERROR: AddressSanitizer: SEGV on unknown address 0x00000e000007 (pc
0x7f9816ea0d19 bp 0x7ffff0d10c10 sp 0x7ffff0d10bf0 T0)
==2777947==The signal is caused by a READ memory access.
    #0 0x7f9816ea0d18 in validate_str ./elfutils-0.192/libelf/elf_strptr.c:60
    #1 0x7f9816ea153a in elf_strptr ./elfutils-0.192/libelf/elf_strptr.c:206
    #2 0x5629e2496a4e in remove_debug_relocations
./elfutils-0.192/src/strip.c:593
    #3 0x5629e2498e29 in handle_debug_relocs ./elfutils-0.192/src/strip.c:914
    #4 0x5629e249a51b in handle_elf ./elfutils-0.192/src/strip.c:1142
    #5 0x5629e2498461 in process_file ./elfutils-0.192/src/strip.c:799
    #6 0x5629e2494ba5 in main ./elfutils-0.192/src/strip.c:269
    #7 0x7f9815ffc082 in __libc_start_main ../csu/libc-start.c:308
    #8 0x5629e249432d in _start (./elfutils-0.192/bins/bin/eu-strip+0x4632d)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ./elfutils-0.192/libelf/elf_strptr.c:60 in
validate_str
==2777947==ABORTING


** Env **
Distributor ID: Ubuntu
Description:    Ubuntu 20.04.6 LTS
Release:        20.04
Codename:       focal

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug tools/32672] New: eu-strip SEGV (illegal read access) in validate_str (libelf/elf_strptr.c:60)

Reply via email to