Menu

#445 Divide by zero fault in dump_liblist() of readelf.c

RELEASE_1_0
closed
Ed Maste
None
FIXED
readelf
2015-07-27
2014-03-10
antiAgainst
No

Based on r2983.

At line of 3680 of readelf.c, s->entsize should be checked against 0; otherwise, there could be a arithmetic fault. A test case to triggering this bug is attached and the command is readelf -a readelf-6-323-A. gdb output:

Program received signal SIGFPE, Arithmetic exception.
0x00000000004095bb in dump_liblist (re=0x7fffffffceb0) at readelf.c:3680
3680                    printf("contains %ju entries:\n", s->sz / s->entsize);

#0  0x00000000004095bb in dump_liblist (re=0x7fffffffceb0) at readelf.c:3680
#1  0x000000000040a7d4 in dump_arch_specific_info (re=0x7fffffffceb0) at readelf.c:4156
#2  0x0000000000410c43 in dump_elf (re=0x7fffffffceb0) at readelf.c:6224
#3  0x000000000041139a in dump_object (re=0x7fffffffceb0) at readelf.c:6374
#4  0x00000000004123ea in main (argc=1, argv=0x7fffffffd098) at readelf.c:6841
1 Attachments
readelf-6-323-A

Discussion

  • Ed Maste

    Ed Maste - 2015-04-20
     

  • Ed Maste

    Ed Maste - 2015-07-27

    Fixed by [r3227]

     

    Related

    Commit: [r3227]

  • Ed Maste

    Ed Maste - 2015-07-27
    • assigned_to: Ed Maste
    • Resolution: --> FIXED
     

  • Ed Maste

    Ed Maste - 2015-07-27
    • status: new --> closed
     

Log in to post a comment.