ELF Tool Chain / Tickets / #444 Divide by zero problem in dump

#444 Divide by zero problem in dump_rel() of readelf.c

Milestone: RELEASE_1_0

Status: closed

Owner: Ed Maste

Labels: None

Resolution: FIXED

Component: readelf

Priority:

Version:

Type:

Updated: 2015-07-27

Created: 2014-03-10

Creator: antiAgainst

Private: No

Based on r2983.

The problem is that at line 2862 of readelf.c, s->entsize is not checked against 0. So there could be a divide by zero fault. A test case is attached and command is readelf -a readelf-6-312-A. gdb output:

Program received signal SIGFPE, Arithmetic exception.
0x0000000000406a7b in dump_rel (re=0x7fffffffceb0, s=0x66f220, d=0x66f6b0) at readelf.c:2862
2862            len = d->d_size / s->entsize;

#0  0x0000000000406a7b in dump_rel (re=0x7fffffffceb0, s=0x66f220, d=0x66f6b0) at readelf.c:2862
#1  0x0000000000406fe1 in dump_reloc (re=0x7fffffffceb0) at readelf.c:2961
#2  0x0000000000410b83 in dump_elf (re=0x7fffffffceb0) at readelf.c:6210
#3  0x000000000041139a in dump_object (re=0x7fffffffceb0) at readelf.c:6374
#4  0x00000000004123ea in main (argc=1, argv=0x7fffffffd098) at readelf.c:6841

1 Attachments

readelf-6-312-A

Discussion

Ed Maste - 2015-04-20

Proposed fix in https://reviews.freebsd.org/D2338

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Ed Maste - 2015-07-27

status: new --> closed

assigned_to: Ed Maste

Resolution: --> FIXED
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Ed Maste - 2015-07-27

Fixed by [r3227]

Related

Commit: [r3227]

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Divide by zero problem in dump_rel() of readelf.c

BSD licensed ELF toolchain

Milestone

Searches

Help

#444 Divide by zero problem in dump_rel() of readelf.c

Discussion

Related