https://sourceware.org/bugzilla/show_bug.cgi?id=21645
Bug ID: 21645 Summary: SEGV on unknown address in bfd_getb16 Product: binutils Version: 2.29 (HEAD) Status: UNCONFIRMED Severity: critical Priority: P2 Component: binutils Assignee: unassigned at sourceware dot org Reporter: aadamski at quarkslab dot com Target Milestone: --- Hello there, I have been fuzzing objdump with American Fuzzy Lop + ASAN/UBSAN. Please find attached the minimized file causing the issue ("Input") and the ASAN report log ("Output"). Below is the reduced stacktrace with links to the corresponding source lines on a GitHub mirror. The configuration settings used were `--enable-targets=all --disable-shared`. The compilation flags used were `-g -O2 -fno-omit-frame-pointer -fsanitize=address -fno-sanitize-recover=all`. The command used was `objdump -afpxDSsgetTrR <file>`. Let me know if there is any additional information I can provide. -- Input: 544d1e760c2bb52af7920adfdd1b3ab5.1431a09f1f9d3e3f2e4a0e06bf9c169f.min Output: 544d1e760c2bb52af7920adfdd1b3ab5.1431a09f1f9d3e3f2e4a0e06bf9c169f.txt Error in "bfd_getb16": SEGV on unknown address 0x000000000000 (pc 0x00000096d72a bp 0x7fffffffd920 sp 0x7fffffffd910 T0) in bfd_getb16 at bfd/libbfd.c:498 (see https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/libbfd.c#L498) in sh_reloc at bfd/coff-sh.c:620 (see https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/coff-sh.c#L620) in bfd_perform_relocation at bfd/reloc.c:620 (see https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/reloc.c#L620) in bfd_generic_get_relocated_section_contents at bfd/reloc.c:8181 (see https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/reloc.c#L8181) in bfd_simple_get_relocated_section_contents at bfd/simple.c:264 (see https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/simple.c#L264) in load_specific_debug_section at binutils/objdump.c:2490 (see https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L2490) in dump_dwarf_section at binutils/objdump.c:2628 (see https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L2628) in bfd_map_over_sections at bfd/section.c:1395 (see https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/bfd/section.c#L1395) in dump_dwarf at binutils/objdump.c:2697 (see https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L2697) in dump_bfd at binutils/objdump.c:3576 (see https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3576) in display_file at binutils/objdump.c:3720 (see https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L3720) in main at binutils/objdump.c:4024 (see https://github.com/bminor/binutils-gdb/blob/a6cab9afd2c81465265c8d09569e3e6ef43d2954/binutils/objdump.c#L4024) -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils