[Bug binutils/33013] New: Segmentation Fault in elfedit's byte_get_little_endian Function

Tue, 27 May 2025 10:13:14 -0700 

https://sourceware.org/bugzilla/show_bug.cgi?id=33013

            Bug ID: 33013
           Summary: Segmentation Fault in elfedit's byte_get_little_endian
                    Function
           Product: binutils
           Version: unspecified
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: xdcao.cs at gmail dot com
  Target Milestone: ---

Summary
Segmentation Fault in elfedit's byte_get_little_endian Function

Environment
elfutils version: 0.192
OS: Ubuntu 22.04.5 LTS


Steps to reproduce
# export CFLAGS="-g -O0 -fno-inline -fno-lto -fsanitize=address"
# export CXXFLAGS="-g -O0 -fno-inline -fno-lto -fsanitize=address"
#  ./configure --enable-maintainer-mode --disable-debuginfod
# make -j64 & make install

root@46b925a575de:# ./elfedit --enable-x86-feature ibt POC
AddressSanitizer:DEADLYSIGNAL
=================================================================
==1700934==ERROR: AddressSanitizer: SEGV on unknown address 0x122ed5158a00 (pc
0x0000004d2c5b bp 0x7fff714a2d70 sp 0x7fff714a2b40 T0)
==1700934==The signal is caused by a READ memory access.
    #0 0x4d2c5b in byte_get_little_endian
/root/this-program/binutils-gdb/build/binutils/../../binutils/elfcomm.c:132:26
    #1 0x4cf713 in update_gnu_property
/root/this-program/binutils-gdb/build/binutils/../../binutils/elfedit.c:135:22
    #2 0x4cd426 in process_file
/root/this-program/binutils-gdb/build/binutils/../../binutils/elfedit.c:803:8
    #3 0x4cbd58 in main
/root/this-program/binutils-gdb/build/binutils/../../binutils/elfedit.c:1102:15
    #4 0x7f72ab62fd8f in __libc_start_call_main
csu/../sysdeps/nptl/libc_start_call_main.h:58:16
    #5 0x7f72ab62fe3f in __libc_start_main csu/../csu/libc-start.c:392:3
    #6 0x41f424 in _start
(/workspace/new-test/fuzzdir/fz-binutils/fz-elfedit/elfedit+0x41f424)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
/root/this-program/binutils-gdb/build/binutils/../../binutils/elfcomm.c:132:26
in byte_get_little_endian
==1700934==ABORTING

POC
https://drive.google.com/file/d/1uUnR_brFZFSEtDIJCKb1yLe_bHMGLah4/view?usp=sharing


Credit
Xiaoguo Li (CUPL)
Xudong Cao (UCAS)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Reply via email to