From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id C7BD33858429; Tue, 5 Oct 2021 11:04:58 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org C7BD33858429 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1633431898; bh=1IE+m/HNoA7pyO78EwW3Xqg7Pp7H7jYWcw3hIx6/32Q=; h=From:To:Subject:Date:In-Reply-To:References:From; b=P0H1IQ7sydob5rjY2UQQcijG37Z4Ipdo979h2UDiHh3byCiYQdFLcoPIPX4/TyFrO 1vSWfN7duAymxeQVyIVO/LhLa66dsJ6X/HEeATDszKbbIpNwrS4yXW8uXrIhaezsj9 lFROMVq1uYCIkX6xhyRVLSUUXuJaZ6z9Qjj4UqLw= From: "mark at klomp dot org" To: debugedit@sourceware.org Subject: [Bug debugedit/28408] debugedit segfaults while changing binutils' build-id Date: Tue, 05 Oct 2021 11:04:58 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: debugedit X-Bugzilla-Component: debugedit X-Bugzilla-Version: unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: mark at klomp dot org X-Bugzilla-Status: ASSIGNED X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cf_reconfirmed_on bug_status cc everconfirmed Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: debugedit@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: debugedit development mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Oct 2021 11:04:58 -0000 https://sourceware.org/bugzilla/show_bug.cgi?id=3D28408 Mark Wielaard changed: What |Removed |Added ---------------------------------------------------------------------------- Last reconfirmed| |2021-10-05 Status|UNCONFIRMED |ASSIGNED CC| |mark at klomp dot org Ever confirmed|0 |1 --- Comment #1 from Mark Wielaard --- Thanks for the report and the reproducer. Your analysis is correct. The problem is summarized in this comment just before the problematic code: /* Slurp the relevant header bits and section contents and feed them into the hash function. The only bits we ignore are the offset fields in ehdr and shdrs, since the semantically identical ELF file could be written differently if it doesn't change the phdr layout. We always use the GElf (i.e. Elf64) formats for the bits to hash since it is convenient. It doesn't matter whether this is an Elf32 or Elf64 object, only that we are consistent in what bits feed the hash so it comes out the same for the same file contents. */ So we mangled the actual data structure, but then check it as if it hasn't = been flipped around anyway when checking for NOBITS. The fix is to use the origi= nal data/shdr to check for NOBITS: diff --git a/tools/debugedit.c b/tools/debugedit.c index 668777a..3f1e830 100644 --- a/tools/debugedit.c +++ b/tools/debugedit.c @@ -3273,7 +3273,7 @@ handle_build_id (DSO *dso, Elf_Data *build_id, else sha1_process_bytes (x.d_buf, x.d_size, &sha1_ctx); - if (u.shdr.sh_type !=3D SHT_NOBITS) + if (dso->shdr[i].sh_type !=3D SHT_NOBITS) { Elf_Data *d =3D elf_getdata (dso->scn[i], NULL); if (d =3D=3D NULL) --=20 You are receiving this mail because: You are on the CC list for the bug.=