https://sourceware.org/bugzilla/show_bug.cgi?id=22216
Bug ID: 22216
Summary: infinite loop in process_symbol_table in readelf.c in
binutils 2.30(HEAD)
Product: binutils
Version: 2.30 (HEAD)
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: luanjunchao at 163 dot com
Target Milestone: ---
Created attachment 10489
--> https://sourceware.org/bugzilla/attachment.cgi?id=10489&action=edit
poc of infinite loop
When I run "readelf -a -g -t --dyn-syms -n -u -c -D -I loop3.elf", it just
print information persistenly. I look into the problem and find that the
problem is in the function process_symbol_table. Here is part of its snippet:
11446 for (hn = 0; hn < nbuckets; hn++)
11447 {
11448 if (! buckets[hn])
11449 continue;
11450
11451 for (si = buckets[hn]; si < nchains && si > 0; si =
chains[si])
11452 print_dynamic_symbol (si, hn);
11453 }
11454 }
11455
When infinite loop happens, var si=1, while chains[1]=1, so the for loop in
line 11452 will never stop.
The poc is attached here.
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils
