SEGV in section_name_cmp at internal.c:125 #22
Description
Describe the bug
A bad elf file which can lead elf_open_object() to a segmentation fault.
Poc here:
poc5.zip
To Reproduce
- Build the whole project with ASAN
- Run examples/elfparse
$ ./elfparse ./segv4Expected behavior
Parse elf file without segmentation fault because segmentation fault can cause a Denial of Service (Dos).
Environment (please complete the following information):
- System and Version : Ubuntu 18.04 + gcc 7.5.0
- Target file: examples/elfparse
- libelfmaster commit version: 03b7170
Additional context
ASAN says:
=================================================================
==38155==ERROR: AddressSanitizer: SEGV on unknown address 0x0000000003b8 (pc 0x559f08fb4fcf bp 0x7ffc3e0c5010 sp 0x7ffc3e0c5010 T0)
==38155==The signal is caused by a READ memory access.
==38155==Hint: address points to the zero page.
#0 0x559f08fb4fce in section_name_cmp /home/ubuntu/some_c_test/libelfmaster/src/internal.c:125
#1 0x559f08f954f1 in bsearch /usr/include/x86_64-linux-gnu/bits/stdlib-bsearch.h:33
#2 0x559f08f954f1 in elf_section_by_name /home/ubuntu/some_c_test/libelfmaster/src/libelfmaster.c:1261
#3 0x559f08f8d1d8 in main /home/ubuntu/some_c_test/libelfmaster/examples/elfparse.c:209
#4 0x7fee4dc77c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
#5 0x559f08f8dc19 in _start (/home/ubuntu/some_c_test/libelfmaster/fuzz/elfparse+0x8c19)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/ubuntu/some_c_test/libelfmaster/src/internal.c:125 in section_name_cmp
==38155==ABORTING