Created attachment 10324 [details] 3 testcases with ASAN output Hi there, I have a few more testcases to report. One triggers a null-dereference, and the other two trigger two out of bounds reads which I think are caused by distinct issues. I've attached the cases here. Building with a recent version of clang+ASAN should show the bugs when running `for fn in bugs4/*; do echo $fn; ./objdump -d $fn; done`.
The master branch has been updated by Nick Clifton <nickc@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=24d3e51bf0612c6cf5e9a824b982e7ed38e741c8 commit 24d3e51bf0612c6cf5e9a824b982e7ed38e741c8 Author: Nick Clifton <nickc@redhat.com> Date: Tue Aug 8 13:20:02 2017 +0100 Fix address violation problems when parsing corrupt ELF binaries. PR 21916 * elf-attrs.c (_bfd_elf_parse_attributes): Complain about very small section lengths. * elf.c (_bfd_elf_setup_sections): Skip empty entries in the group table. (elfcore_grok_freebsd_prstatus): Add checks to make sure that there is enough data present in the note.
Hi Ned, Thanks for reporting these problems. I have checked in a small patch which address all of the issues that you detected. Cheers Nick
The binutils-2_29-branch branch has been updated by Nick Clifton <nickc@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d6f8dea6798528de0fc762409595251eeeb1f547 commit d6f8dea6798528de0fc762409595251eeeb1f547 Author: Nick Clifton <nickc@redhat.com> Date: Mon Sep 4 17:05:17 2017 +0100 Import patch from mainline to fix address violation errors when parsing corrupt ELF binaries. PR 21916 * elf-attrs.c (_bfd_elf_parse_attributes): Complain about very small section lengths. * elf.c (_bfd_elf_setup_sections): Skip empty entries in the group table. (elfcore_grok_freebsd_prstatus): Add checks to make sure that there is enough data present in the note.
*** Bug 22080 has been marked as a duplicate of this bug. ***
*** Bug 22366 has been marked as a duplicate of this bug. ***