Bug 145497 - gelf_checksum() generates SIGSEGV
gelf_checksum() generates SIGSEGV
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: elfutils (Show other bugs)
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Jeff Johnson
Depends On:
  Show dependency treegraph
Reported: 2005-01-18 18:10 EST by Kurtis Rader
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-02-07 17:53:07 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Kurtis Rader 2005-01-18 18:10:07 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041111 Firefox/1.0

Description of problem:
Invoking the gelf_checksum() function results in a SIGSEGV. Debugging
shows this is due to the following elf_getdata() call (in
elf32_checksum.c) returning a NULL pointer; which causes the
subsequent dereference to get the d_type structure member to generate

      while ((data = INTUSE(elf_getdata) (scn, data)) != NULL)
        /* If the file byte order is the same as the host byte order
           process the buffer directly.  If the data is just a stream
           of bytes which the library will not convert we can use it
           as well.  */
        if (likely (same_byte_order) || data->d_type == ELF_T_BYTE)

Test program for reproducing the failure:

#include <stdio.h>
#include <unistd.h>
#include <limits.h>
#include <libelf.h>
#include <fcntl.h>

main(int argc, char **argv) {
    int i, fd;
    long tmp_checksum;
    Elf *elf;

    elf_version(EV_CURRENT);  /* Initialize ELF version */

    printf("Attempting to generate elf_checksum for %s.\n",argv[1]);
    fd = open(argv[1], O_RDONLY);
    if (fd == -1) { /* open of file failed */
            printf("Unable to open file %s.\n",argv[1]);
    else {
            printf("Calling elf_begin().\n");
            elf = elf_begin(fd, ELF_C_READ, NULL);
            printf("elf_begin returned %p. Calling
            //tmp_checksum = gelf_checksum(elf);
            tmp_checksum = elf64_checksum(elf);
            printf("After gelf_checksum() w/checksum %d.\n",tmp_checksum);
            printf("Calling elf_end().\n");

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. cc -o gelf_checksum gelf_checksum.c -lelf
2. ./gelf_checksum gelf_checksum


Actual Results:  Attempting to generate elf_checksum for gelf_checksum.
Calling elf_begin().
elf_begin returned 0x9d5e008. Calling lf_checksum().
Segmentation fault

Expected Results:  The message

    After gelf_checksum() w/checksum %d

rather than a segmentation fault.

Additional info:

Also reproduced on FC3.
Comment 1 Jeff Johnson 2005-02-07 17:53:07 EST
This problem is fixed in elfutils-0.99-2 from FC4:

$ cc -o gelf_checksum gelf_checksum.c -lelf
$ ./gelf_checksum gelf_checksum
Attempting to generate elf_checksum for gelf_checksum.
Calling elf_begin().
elf_begin returned 0x9360008. Calling elf_checksum().
After gelf_checksum() w/checksum -1998475604.
Calling elf_end().
[jbj@wellfleet elf]$ rpm -qa elfutils-\*

Note You need to log in before you can comment on or make changes to this bug.