[Bug general/33491] New: AddressSanitizer: SEGV libdwfl/offline.c:184 in process_archive_member

[evvers at ya dot ru]

https://sourceware.org/bugzilla/show_bug.cgi?id=33491

            Bug ID: 33491
           Summary: AddressSanitizer: SEGV libdwfl/offline.c:184 in
                    process_archive_member
           Product: elfutils
           Version: unspecified
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: general
          Assignee: unassigned at sourceware dot org
          Reporter: evvers at ya dot ru
                CC: elfutils-devel at sourceware dot org
  Target Milestone: ---

It was originally reported in https://issues.oss-fuzz.com/issues/443547551

```
autoreconf -i -f
./configure --enable-maintainer-mode  --enable-sanitize-address
make V=1
wget -O TESTCASE-443547551
https://oss-fuzz.com/download?testcase_id=6696954508935168
LD_LIBRARY_PATH=$(pwd)/libdw:$(pwd)/libelf ./src/readelf -a TESTCASE-443547551
```

```
AddressSanitizer:DEADLYSIGNAL
=================================================================
==50470==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x7f8fd24a8fed bp 0x7fff64d273f0 sp 0x7fff64d26b80 T0)
==50470==The signal is caused by a READ memory access.
==50470==Hint: address points to the zero page.
    #0 0x7f8fd24a8fed in strcmp.part.0 (/lib64/libasan.so.8+0xa8fed) (BuildId:
10b8ccd49f75c21babf1d7abe51bb63589d8471f)
    #1 0x7f8fd20b1b86 in process_archive_member
/home/vagrant/elfutils/libdwfl/offline.c:184
    #2 0x7f8fd20b1b86 in process_archive
/home/vagrant/elfutils/libdwfl/offline.c:265
    #3 0x7f8fd20b1b86 in process_file
/home/vagrant/elfutils/libdwfl/offline.c:128
    #4 0x7f8fd20b25da in __libdwfl_report_offline
/home/vagrant/elfutils/libdwfl/offline.c:295
    #5 0x00000040fb04 in create_dwfl /home/vagrant/elfutils/src/readelf.c:970
    #6 0x00000040fe62 in process_file /home/vagrant/elfutils/src/readelf.c:1014
    #7 0x00000040295c in main /home/vagrant/elfutils/src/readelf.c:482
    #8 0x7f8fd2211574 in __libc_start_call_main (/lib64/libc.so.6+0x3574)
(BuildId: 48c4b9b1efb1df15da8e787f489128bf31893317)
    #9 0x7f8fd2211627 in __libc_start_main@GLIBC_2.2.5
(/lib64/libc.so.6+0x3627) (BuildId: 48c4b9b1efb1df15da8e787f489128bf31893317)
    #10 0x0000004047d4 in _start (/home/vagrant/elfutils/src/readelf+0x4047d4)
(BuildId: 3631d44f26b38cb673867ac59d8fc922824d4cbd)

==50470==Register values:
rax = 0x0000000000000001  rbx = 0x00007cafd0be04c0  rcx = 0x00007cafd0be0358 
rdx = 0x0000000000000000  
rdi = 0x0000000000000000  rsi = 0x00007f8fd21a8ce0  rbp = 0x00007fff64d273f0 
rsp = 0x00007fff64d26b80  
 r8 = 0x00007f8fd2355801   r9 = 0x0000000000000000  r10 = 0x0000000000000000 
r11 = 0x00007f8fd241e019  
r12 = 0x0000000000000000  r13 = 0x00007f8fd21a8ce0  r14 = 0x0000000000000000 
r15 = 0x00000f95fa17c0a7  
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/vagrant/elfutils/libdwfl/offline.c:184 in
process_archive_member
==50470==ABORTING
```

On a somewhat related note OSS-Fuzz should no longer send notifications to the
elfutils mailing list so I wonder how OSS-Fuzz bug reports should be reported
going forward?

It should be possible to send notifications to maintainers directly but to view
backtraces Google/Gmail accounts are required:
https://google.github.io/oss-fuzz/faq/#why-do-you-require-a-google-account-for-authentication

-- 
You are receiving this mail because:
You are on the CC list for the bug.