From owner-freebsd-bugs@freebsd.org Fri Jan 12 20:23:17 2018 Return-Path: Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DC56AE7A148 for ; Fri, 12 Jan 2018 20:23:17 +0000 (UTC) (envelope-from gonzo@bluezbox.com) Received: from id.bluezbox.com (id.bluezbox.com [45.55.20.155]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C1D597DDFB for ; Fri, 12 Jan 2018 20:23:16 +0000 (UTC) (envelope-from gonzo@bluezbox.com) Received: from localhost ([127.0.0.1] helo=id.bluezbox.com) by id.bluezbox.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89 (FreeBSD)) (envelope-from ) id 1ea5GJ-000GAp-0K; Fri, 12 Jan 2018 11:45:11 -0800 Received: (from gonzo@localhost) by id.bluezbox.com (8.15.2/8.15.2/Submit) id w0CJj9ge062174; Fri, 12 Jan 2018 11:45:09 -0800 (PST) (envelope-from gonzo@bluezbox.com) X-Authentication-Warning: id.bluezbox.com: gonzo set sender to gonzo@bluezbox.com using -f Date: Fri, 12 Jan 2018 11:45:09 -0800 From: Oleksandr Tymoshenko To: Johnny Eriksson Cc: freebsd-bugs@freebsd.org Subject: Re: elfdump Message-ID: <20180112194509.GA61935@bluezbox.com> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Operating-System: FreeBSD/11.1-RELEASE-p4 (amd64) User-Agent: Mutt/1.9.1 (2017-09-22) X-Spam-Level: -- X-Spam-Report: Spam detection software, running on the system "id.bluezbox.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see The administrator of that system for details. Content preview: Johnny Eriksson (bygg@cafax.se) wrote: > When parsing a 64-bit big-endian elf file (on a 64-bit X86-64 system), > the sh_flags entry in the section header is mis-parsed since the routine > used only r [...] Content analysis details: (-2.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Jan 2018 20:23:18 -0000 Johnny Eriksson (bygg@cafax.se) wrote: > When parsing a 64-bit big-endian elf file (on a 64-bit X86-64 system), > the sh_flags entry in the section header is mis-parsed since the routine > used only reads a 32-bit value. > > *** elfdump.c Fri Jan 12 10:43:35 2018 > --- elfdump.c.org Fri Jan 12 10:42:11 2018 > *************** > *** 798,804 **** > v = (char *)sh + i * shentsize; > name = elf_get_word(e, v, SH_NAME); > type = elf_get_word(e, v, SH_TYPE); > ! flags = elf_get_size(e, v, SH_FLAGS); > addr = elf_get_addr(e, v, SH_ADDR); > offset = elf_get_off(e, v, SH_OFFSET); > size = elf_get_size(e, v, SH_SIZE); > --- 798,804 ---- > v = (char *)sh + i * shentsize; > name = elf_get_word(e, v, SH_NAME); > type = elf_get_word(e, v, SH_TYPE); > ! flags = elf_get_word(e, v, SH_FLAGS); > addr = elf_get_addr(e, v, SH_ADDR); > offset = elf_get_off(e, v, SH_OFFSET); > size = elf_get_size(e, v, SH_SIZE); > > Possibly the (new) call to elf_get_size() should be changed to something > a little bit more informative. Hi Johnny, Could you report this bug using Bugzilla interface https://bugs.freebsd.org/bugzilla/ so it's properly recorded and searchable? Also which version of FreeBSD has this bug? I checked FreeBSD-11 and FreeBSD-HEAD and they both use elf_get_word to get flags -- gonzo