Submit #495376: GNU ld 2.43 Illegal write access with -w optioninfo

TitleGNU ld 2.43 Illegal write access with -w option
Description**Description** A segv can occur in ld (part of binutils 2.43) when using the -w option with a specially crafted input file. This issue leads to memory corruption (illegal memory access)and crashes. **Affected Version** GNU ld (GNU Binutils) 2.43 **Impact** This issue can cause the linker to crash due to illegal memory writes, leading to denial of service. **Steps to Reproduce** Build binutils 2.43 with AddressSanitizer (e.g., CFLAGS="-g -fsanitize=address" ./configure && make -j). Run the following command: ./binutils-2.43/bins/bin/ld -w $poc Observe the AddressSanitizer error indicating a segv. $ ./binutils-2.43/bins/bin/ld -w /tmp/poc ./binutils-2.43/bins/bin/ld: warning: /tmp/poc has a section extending past end of file AddressSanitizer:DEADLYSIGNAL ================================================================= ==484973==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000007 (pc 0x557c2d205250 bp 0x7ffc11e6c490 sp 0x7ffc11e6c3f0 T0) ==484973==The signal is caused by a WRITE memory access. ==484973==Hint: address points to the zero page. #0 0x557c2d205250 in bfd_putl64 ./binutils-2.43/bfd/libbfd.c:989:11 #1 0x557c2d25d6f3 in elf_x86_64_relocate_section ./binutils-2.43/bfd/elf64-x86-64.c:4101:8 #2 0x557c2d38714e in elf_link_input_bfd ./binutils-2.43/bfd/elflink.c:11848:10 #3 0x557c2d378f0d in bfd_elf_final_link ./binutils-2.43/bfd/elflink.c:13107:11 #4 0x557c2d171d0e in ldwrite ./binutils-2.43/ld/ldwrite.c:550:8 #5 0x557c2d16c4e9 in main ./binutils-2.43/ld/./ldmain.c:556:3 #6 0x7f6584b14082 in __libc_start_main /build/glibc-LcI20x/glibc-2.31/csu/../csu/libc-start.c:308:16 #7 0x557c2d0446bd in _start (./binutils-2.43/bins/bin/ld+0x15a6bd) (BuildId: d9731e405748db264b62c84ded760ba4f068cb0a) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV ./binutils-2.43/bfd/libbfd.c:989:11 in bfd_putl64 ==484973==ABORTING ** Env ** Distributor ID: Ubuntu Description: Ubuntu 20.04.6 LTS Release: 20.04 Codename: focal
Source⚠️ https://sourceware.org/bugzilla/show_bug.cgi?id=32640
User
 wenjusun (UID 80422)
Submission02/05/2025 01:34 PM (4 months ago)
Moderation02/10/2025 11:50 AM (5 days later)
StatusAccepted
VulDB Entry295082 [GNU Binutils 2.43 ld bfd/libbfd.c bfd_putl64 memory corruption]
Points20

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!