#439 Divide by zero problem in dump_mips_reginfo() of readelf.c

RELEASE_1_0
new
nobody
None
readelf
2014-03-07
2014-03-07
antiAgainst
No

The following is based on r2983. I built on Ubuntu 13.10 with GCC 4.8.1.

In summary, at line 4016 of readelf.c, s->entsize is not checked against 0 before using as dividend. A program triggering this bug is attached. The rest are gdb outputs.

Program received signal SIGFPE, Arithmetic exception.
0x000000000040a24f in dump_mips_reginfo (re=0x7fffffffd4f0, s=0x66f230) at readelf.c:4015
4015            printf("\nSection '%s' contains %ju entries:\n", s->name, s->sz / s->entsize);

#0  0x000000000040a24f in dump_mips_reginfo (re=0x7fffffffd4f0, s=0x66f230) at readelf.c:4015
#1  0x000000000040a1aa in dump_mips_specific_info (re=0x7fffffffd4f0) at readelf.c:3993
#2  0x000000000040a803 in dump_arch_specific_info (re=0x7fffffffd4f0) at readelf.c:4162
#3  0x0000000000410c43 in dump_elf (re=0x7fffffffd4f0) at readelf.c:6224
#4  0x000000000041139a in dump_object (re=0x7fffffffd4f0) at readelf.c:6374
#5  0x00000000004123ea in main (argc=1, argv=0x7fffffffd6d8) at readelf.c:6841
1 Attachments

Discussion

  • antiAgainst
    antiAgainst
    2014-03-07

    And the command is readelf -a readelf-5-139-A.