| Title | GNU elfutils/eu-strip 0.192 illegal read access |
|---|
| Description | **Description**
A segv can occur in eu-strip when using the "-f debug_info.dat --reloc-debug-sections" options with a specially crafted input file. This issue leads to illegal memory access.
**Affected Version**
GNU eu-strip 0.192
**Steps to Reproduce**
./elfutils-0.192/bins/bin/eu-strip -f debug_info.dat --reloc-debug-sections /tmp/poc
AddressSanitizer:DEADLYSIGNAL
=================================================================
==2365155==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f9b25c66a62 bp 0x7ffdd06709a0 sp 0x7ffdd0670930 T0)
==2365155==The signal is caused by a READ memory access.
==2365155==Hint: address points to the zero page.
#0 0x7f9b25c66a61 in gelf_getsymshndx ./elfutils-0.192/libelf/gelf_getsymshndx.c:123
#1 0x56042a2ec5dd in remove_debug_relocations ./elfutils-0.192/src/strip.c:690
#2 0x56042a2fb9e0 in handle_elf ./elfutils-0.192/src/strip.c:2460
#3 0x56042a2ed461 in process_file ./elfutils-0.192/src/strip.c:799
#4 0x56042a2e9ba5 in main ./elfutils-0.192/src/strip.c:269
#5 0x7f9b24da5082 in __libc_start_main ../csu/libc-start.c:308
#6 0x56042a2e932d in _start (./elfutils-0.192/bins/bin/eu-strip+0x4632d)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ./elfutils-0.192/libelf/gelf_getsymshndx.c:123 in gelf_getsymshndx
==2365155==ABORTING
** Env **
Distributor ID: Ubuntu
Description: Ubuntu 20.04.6 LTS
Release: 20.04
Codename: focal |
|---|
| Source | ⚠️ https://sourceware.org/bugzilla/show_bug.cgi?id=32673 |
|---|
| User | wenjusun (UID 80422) |
|---|
| Submission | 02/10/2025 02:23 PM (2 months ago) |
|---|
| Moderation | 02/16/2025 08:55 PM (6 days later) |
|---|
| Status | Accepted |
|---|
| VulDB Entry | 295985 [GNU elfutils 0.192 eu-strip strip.c gelf_getsymshndx denial of service] |
|---|
| Points | 20 |
|---|