From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <3_k3WYQ0bAAkvxwx0jru-y0xmjyyrm.pxxpun31n0lxw2nw2.lxv@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com>
Received: from mail-io1-xd45.google.com (mail-io1-xd45.google.com
 [IPv6:2607:f8b0:4864:20::d45])
 by sourceware.org (Postfix) with ESMTPS id B869B3857C5A
 for <elfutils-devel@sourceware.org>; Thu,  6 Jan 2022 02:03:42 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org B869B3857C5A
Received: by mail-io1-xd45.google.com with SMTP id
 s8-20020a056602168800b005e96bba1363so769616iow.21
 for <elfutils-devel@sourceware.org>; Wed, 05 Jan 2022 18:03:42 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:mime-version:date:reply-to:references:message-id
 :subject:from:to;
 bh=ImLaaH00lwjCXT9+9FY3fegJjCwhyzEgCIVF+WsShYs=;
 b=YckTbsjrZprXZja1E3D21j0ex1nkEyFSm+vZ1PxJOO/jyxm9Hy0OTge08+t+J1f3Q+
 E9ODBgL8BgAozQCIXrOOs6D1LBdQWAEP3w2oLpR5TWzntC13byy81LXyAUS/3HFcVqa3
 Dv+vmdhes3PD3XPZPQq2amvHThsUzCbbn+vofCHBzJBF8xP7ZCDmo5409sYc3FF/kONl
 mQ4WOE/pN9/EOI/LDSjiEvBw6TtCJh2nS7fIU/cyk1ICy80msDUBwGAfYxSOll1+VEer
 g6HsEQ36m0sHekX5NkVAOiDs1+UiV+2rl6fn4I9jkWyR7S4NfzJbcVmVvxo8eM0G0pg7
 goPg==
X-Gm-Message-State: AOAM5312F6k2/2xth3yAmG6xTwiZJAq3QBiDQN6vqaAy98enAMqqp2z1
 oCNM1moJ+vUOBLzGzZG1flhjTreSZzHpE3MpfrXXvblTSPZZ
X-Google-Smtp-Source: ABdhPJyeMNBevFPXRnf77T52HGnKwGjGwEVD6AUMcpBUyzh/kxKKyN16ynr0XjHRNkINUNE5vqVRvqBj5K75ToPDcGQJuUZxEgna
MIME-Version: 1.0
X-Received: by 2002:a92:670e:: with SMTP id b14mr26332092ilc.39.1641434622172; 
 Wed, 05 Jan 2022 18:03:42 -0800 (PST)
Date: Wed, 05 Jan 2022 18:03:42 -0800
Reply-To: oss-fuzz@monorail-prod.appspotmail.com
References: <0=71cc74a7ba1af446b7ed6b9a08b414d9=1c666345e3f179e28b2ecb98f55737a7=oss-fuzz@monorail-prod.appspotmail.com>
X-Google-Appengine-App-Id: s~monorail-prod
X-Google-Appengine-App-Id-Alias: monorail-prod
Message-ID: <00000000000093a49905d4e04733@google.com>
Subject: Issue 43356 in oss-fuzz: elfutils:fuzz-dwfl-core: Misaligned-address
 in Elf32_cvt_Dyn
From: =?UTF-8?Q?evv=E2=80=A6_via_monorail?=
 <monorail+v2.2672886254@chromium.org>
To: elfutils-devel@sourceware.org
X-Spam-Status: No, score=-1.0 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH,
 DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS,
 HTML_MESSAGE, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=ham autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.29
X-BeenThere: elfutils-devel@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Elfutils-devel mailing list <elfutils-devel.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/elfutils-devel>,
 <mailto:elfutils-devel-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/elfutils-devel/>
List-Help: <mailto:elfutils-devel-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/elfutils-devel>,
 <mailto:elfutils-devel-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Jan 2022 02:03:47 -0000


Comment #1 on issue 43356 by evv...@gmail.com: elfutils:fuzz-dwfl-core: Misaligned-address in Elf32_cvt_Dyn
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43356#c1

It can be reproduced by downloading the reproducer testcase and passing it to eu-stack:
```
autoreconf -i -f
./configure --enable-maintainer-mode --enable-sanitize-address --enable-sanitize-undefined
make -j$(nproc) V=1
wget -O CRASH 'https://oss-fuzz.com/download?testcase_id=6013023414779904'
UBSAN_OPTIONS=print_stacktrace=1 LD_LIBRARY_PATH="./libdw;./libelf" ./src/stack --core CRASH
gelf_xlate.h:48:1: runtime error: member access within misaligned address 0x7f98edb0206a for type 'struct Elf32_Dyn', which requires 4 byte alignment
0x7f98edb0206a: note: pointer points here
 20 20  20 00 00 00 8a 20 20 20  20 00 00 00 10 20 20 20  20 ff 20 20 20 ff ff ff  ff 00 00 00 00 00
              ^
    #0 0x7f98f23ef91f in Elf32_cvt_Dyn /home/vagrant/elfutils/libelf/gelf_xlate.h:48
    #1 0x7f98f23ed9f9 in elf32_xlatetom /home/vagrant/elfutils/libelf/elf32_xlatetom.c:104
    #2 0x7f98f20eac75 in dwfl_segment_report_module /home/vagrant/elfutils/libdwfl/dwfl_segment_report_module.c:848
    #3 0x7f98f20f4ffd in _new.dwfl_core_file_report /home/vagrant/elfutils/libdwfl/core-file.c:563
    #4 0x403b34 in parse_opt /home/vagrant/elfutils/src/stack.c:595
    #5 0x7f98f1199471 in argp_parse (/lib64/libc.so.6+0x11e471)
    #6 0x402a7d in main /home/vagrant/elfutils/src/stack.c:695
    #7 0x7f98f10a855f in __libc_start_call_main (/lib64/libc.so.6+0x2d55f)
    #8 0x7f98f10a860b in __libc_start_main_impl (/lib64/libc.so.6+0x2d60b)
    #9 0x402f44 in _start (/home/vagrant/elfutils/src/stack+0x402f44)
```

-- 
You received this message because:
  1. You were specifically CC'd on the issue

You may adjust your notification preferences at:
https://bugs.chromium.org/hosting/settings

Reply to this email to add a comment.