Issue 45705 in oss-fuzz: elfutils:fuzz-libdwfl: Indirect-leak in __libelf_next_arhdr_wrlock

Status: New Owner: CC: elfut...@sourceware.org, da...@adalogics.com, evv...@gmail.com, izz...@google.com Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Stability-Memory-LeakSanitizer Engine-libfuzzer OS-Linux Proj-elfutils Reported-2022-03-18 Type: Bug New issue 45705

Issue 45629 in oss-fuzz: elfutils:fuzz-libdwfl: Indirect-leak in __libelf_read_mmaped_file

Updates: Labels: Fuzz-Blocker Comment #1 on issue 45629 by ClusterFuzz-External: elfutils:fuzz-libdwfl: Indirect-leak in __libelf_read_mmaped_file https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45629#c1 This crash occurs very frequently on linux platform and is likely preventing

[Bug general/28975] New: run-large-elf-file.sh fails in 32-bit cross-compile on 64-bit machine

https://sourceware.org/bugzilla/show_bug.cgi?id=28975 Bug ID: 28975 Summary: run-large-elf-file.sh fails in 32-bit cross-compile on 64-bit machine Product: elfutils Version: unspecified Status: UNCONFIRMED Sever

Issue 45682 in oss-fuzz: elfutils:fuzz-libelf: Misaligned-address in elf_cvt_Verneed

Status: New Owner: CC: elfut...@sourceware.org, da...@adalogics.com, evv...@gmail.com, izz...@google.com Labels: ClusterFuzz Reproducible Stability-UndefinedBehaviorSanitizer Engine-libfuzzer OS-Linux Proj-elfutils Reported-2022-03-17 Type: Bug New issue 45682 by ClusterFuzz-External: elfu

Issue 45676 in oss-fuzz: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in dwfl_report_module

Status: New Owner: CC: elfut...@sourceware.org, da...@adalogics.com, evv...@gmail.com, izz...@google.com Labels: ClusterFuzz Reproducible Stability-Memory-MemorySanitizer Engine-libfuzzer OS-Linux Security_Severity-Medium Proj-elfutils Reported-2022-03-17 Type: Bug-Security New issue 4567

Issue 45620 in oss-fuzz: elfutils:fuzz-elf-get-sections: Timeout in fuzz-elf-get-sections

Updates: Labels: ClusterFuzz-Verified Status: Verified Comment #1 on issue 45620 by ClusterFuzz-External: elfutils:fuzz-elf-get-sections: Timeout in fuzz-elf-get-sections https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45620#c1 ClusterFuzz testcase 5416220013232128 is verif

Issue 45628 in oss-fuzz: elfutils:fuzz-libdwfl: Heap-buffer-overflow in strtol

Comment #2 on issue 45628 by da...@adalogics.com: elfutils:fuzz-libdwfl: Heap-buffer-overflow in strtol https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45628#c2 Stack trace from detailed report: ==2680==ERROR: AddressSanitizer: unknown-crash on address 0x7fd79225d000 at pc 0x

Issue 45619 in oss-fuzz: elfutils:fuzz-elf-get-sections: Misaligned-address in elf_cvt_Verdef

Updates: Labels: ClusterFuzz-Verified Status: Verified Comment #2 on issue 45619 by ClusterFuzz-External: elfutils:fuzz-elf-get-sections: Misaligned-address in elf_cvt_Verdef https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45619#c2 ClusterFuzz testcase 5857986591981568 is v

Issue 45628 in oss-fuzz: elfutils:fuzz-libdwfl: Heap-buffer-overflow in strtol

Comment #1 on issue 45628 by da...@adalogics.com: elfutils:fuzz-libdwfl: Heap-buffer-overflow in strtol https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45628#c1 Attaches the reproducer testcase Attachments: clusterfuzz-testcase-minimized-fuzz-libdwfl-4673586076450816.fuzz 16.0

[PATCH 2/2] libelf: Make sure ar_size starts with a digit before calling atol.

The ar_size field is a 10 character string, not zero terminated, of decimal digits right padded with spaces. Make sure it actually starts with a digit before calling atol on it. We already make sure it is zero terminated. Otherwise atol might produce unexpected results. Signed-off-by: Mark Wiela

[PATCH 1/2] libelf: Take map offset into account for Shdr alignment check in elf_begin

The sh_num function tries to get at the zero section Shdr directly. When the file is mmapped it has to make sure the offset into the file to the start of the Elf structure is taken into account when trying to cast the address to make sure the alignment is correct. Signed-off-by: Mark Wielaard ---

Some fuzzer workarounds

Hi, I looked over the "ClusterFuzz-External via monorail" emails and found some "real" issues. But in general it is hard to determined what this cluster is complaining about. The emails are somewhat opaque and don't contain proper backtraces (with file and line numbers), nor do they contain any co

Issue 45647 in oss-fuzz: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in find_debuginfo_in_path

Status: New Owner: CC: elfut...@sourceware.org, da...@adalogics.com, evv...@gmail.com, izz...@google.com Labels: ClusterFuzz Reproducible Stability-Memory-MemorySanitizer Engine-libfuzzer OS-Linux Security_Severity-Medium Proj-elfutils Reported-2022-03-17 Type: Bug-Security New issue 4564

Issue 45646 in oss-fuzz: elfutils:fuzz-libdwfl: Misaligned-address in __libdw_image_header

Status: New Owner: CC: elfut...@sourceware.org, da...@adalogics.com, evv...@gmail.com, izz...@google.com Labels: ClusterFuzz Reproducible Stability-UndefinedBehaviorSanitizer Engine-libfuzzer OS-Linux Proj-elfutils Reported-2022-03-17 Type: Bug New issue 45646 by ClusterFuzz-External: elfu

Issue 45637 in oss-fuzz: elfutils:fuzz-libelf: Timeout in fuzz-libelf

Status: New Owner: CC: elfut...@sourceware.org, da...@adalogics.com, evv...@gmail.com, izz...@google.com Labels: ClusterFuzz Reproducible Engine-libfuzzer OS-Linux Proj-elfutils Reported-2022-03-17 Type: Bug New issue 45637 by ClusterFuzz-External: elfutils:fuzz-libelf: Timeout in fuzz-li

Issue 45636 in oss-fuzz: elfutils:fuzz-libdwfl: Crash in read_long_names

Status: New Owner: CC: elfut...@sourceware.org, da...@adalogics.com, evv...@gmail.com, izz...@google.com Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Stability-AFL OS-Linux Engine-afl Security_Severity-Medium Proj-elfutils Reported-2022-03-17 Type: Bug-Security New i