Bug 145497
| Summary: | gelf_checksum() generates SIGSEGV | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 3 | Reporter: | Kurtis Rader <kdrader> |
| Component: | elfutils | Assignee: | Jeff Johnson <jbj> |
| Status: | CLOSED RAWHIDE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 3.0 | ||
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i686 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2005-02-07 22:53:07 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
This problem is fixed in elfutils-0.99-2 from FC4: $ cc -o gelf_checksum gelf_checksum.c -lelf $ ./gelf_checksum gelf_checksum Attempting to generate elf_checksum for gelf_checksum. Calling elf_begin(). elf_begin returned 0x9360008. Calling elf_checksum(). After gelf_checksum() w/checksum -1998475604. Calling elf_end(). [jbj@wellfleet elf]$ rpm -qa elfutils-\* elfutils-libelf-0.99-2.i386.rpm elfutils-libelf-devel-0.99-2.i386.rpm elfutils-devel-0.99-2.i386.rpm |
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041111 Firefox/1.0 Description of problem: Invoking the gelf_checksum() function results in a SIGSEGV. Debugging shows this is due to the following elf_getdata() call (in elf32_checksum.c) returning a NULL pointer; which causes the subsequent dereference to get the d_type structure member to generate a SIGSEGV: while ((data = INTUSE(elf_getdata) (scn, data)) != NULL) /* If the file byte order is the same as the host byte order process the buffer directly. If the data is just a stream of bytes which the library will not convert we can use it as well. */ if (likely (same_byte_order) || data->d_type == ELF_T_BYTE) Test program for reproducing the failure: #include <stdio.h> #include <unistd.h> #include <limits.h> #include <libelf.h> #include <fcntl.h> main(int argc, char **argv) { int i, fd; long tmp_checksum; Elf *elf; elf_version(EV_CURRENT); /* Initialize ELF version */ printf("Attempting to generate elf_checksum for %s.\n",argv[1]); fd = open(argv[1], O_RDONLY); if (fd == -1) { /* open of file failed */ printf("Unable to open file %s.\n",argv[1]); exit(0); } else { printf("Calling elf_begin().\n"); elf = elf_begin(fd, ELF_C_READ, NULL); printf("elf_begin returned %p. Calling lf_checksum().\n",elf); //tmp_checksum = gelf_checksum(elf); tmp_checksum = elf64_checksum(elf); printf("After gelf_checksum() w/checksum %d.\n",tmp_checksum); printf("Calling elf_end().\n"); elf_end(elf); close(fd); } } Version-Release number of selected component (if applicable): elfutils-0.91-3 How reproducible: Always Steps to Reproduce: 1. cc -o gelf_checksum gelf_checksum.c -lelf 2. ./gelf_checksum gelf_checksum Actual Results: Attempting to generate elf_checksum for gelf_checksum. Calling elf_begin(). elf_begin returned 0x9d5e008. Calling lf_checksum(). Segmentation fault Expected Results: The message After gelf_checksum() w/checksum %d rather than a segmentation fault. Additional info: Also reproduced on FC3.