1824875 – upx --preserve-build-id segfaults when compressing kubectl

Bug 1824875 - upx --preserve-build-id segfaults when compressing kubectl

Summary: upx --preserve-build-id segfaults when compressing kubectl

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	upx
Sub Component:
Version:	31
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Gwyn Ciesla
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-04-16 15:27 UTC by Stephen Kitt
Modified:	2020-05-07 00:49 UTC (History)
CC List:	1 user (show)
Fixed In Version:	upx-3.96-4.fc30 upx-3.96-4.fc31 upx-3.96-4.fc32 upx-3.96-4.el8 upx-3.96-4.el7
Clone Of:
Environment:
Last Closed:	2020-04-30 02:50:45 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	upx upx issues 371	0	None	closed	upx --preserve-build-id segfaults when compressing kubectl	2020-10-02 14:43:18 UTC

Description Stephen Kitt 2020-04-16 15:27:21 UTC

Description of problem:

On some binaries, notably kubectl, upx segfaults if it's been asked to preserve the build-id.


Version-Release number of selected component (if applicable): 3.96-2.fc31


How reproducible: 100%


Steps to Reproduce:
1. dnf install upx kubernetes-client
2. cd /tmp
3. cp /usr/bin/kubectl .
4. upx --preserve-build-id kubectl


Actual results:

                       Ultimate Packer for eXecutables
                          Copyright (C) 1996 - 2020
UPX 3.96        Markus Oberhumer, Laszlo Molnar & John Reiser   Jan 23rd 2020

        File size         Ratio      Format      Name
   --------------------   ------   -----------   -----------
Segmentation fault (core dumped)

Expected results:

                       Ultimate Packer for eXecutables
                          Copyright (C) 1996 - 2020
UPX 3.96        Markus Oberhumer, Laszlo Molnar & John Reiser   Jan 23rd 2020

        File size         Ratio      Format      Name
   --------------------   ------   -----------   -----------
 146455080 ->  38386108   26.21%   linux/amd64   kubectl                       

Packed 1 file.


Additional info:

The segfault is caused by a NULL-dereference: in ::pack1 (src/p_lx_elf.cpp), in the block handling o_unix.preserve_build_id,

        sec_strndx = &shdri[get_te16(&ehdri.e_shstrndx)];

results in sec_strndx being NULL, so

        char *strtab = New(char, sec_strndx->sh_size);

blows up.

The backtrace is

#0  PackLinuxElf64::pack1 (this=this@entry=0x5cd2c0, fo=fo@entry=0x7fffffffccd0) at p_lx_elf.cpp:3770
#1  0x0000000000433323 in PackLinuxElf64amd::pack1 (this=0x5cd2c0, fo=0x7fffffffccd0, ft=...) at p_lx_elf.cpp:3804
#2  0x0000000000453dc3 in PackUnix::pack (this=0x5cd2c0, fo=0x7fffffffccd0) at p_unix.cpp:306
#3  0x00000000004630c9 in Packer::doPack (this=0x5cd2c0, fo=0x7fffffffccd0) at packer.cpp:100
#4  0x00000000004684c6 in PackMaster::pack (this=<optimized out>, fo=<optimized out>) at packmast.cpp:262
#5  0x000000000047a713 in do_one_file (iname=0x7fffffffdcc6 "hyperkube", oname=0x7fffffffd350 "hyperkube.000") at work.cpp:158
#6  0x000000000047a9c7 in do_files (i=<optimized out>, i@entry=2, argc=<optimized out>, argv=<optimized out>) at work.cpp:271
#7  0x0000000000407a8c in main (argc=<optimized out>, argv=<optimized out>) at main.cpp:1539

Comment 1 Fedora Update System 2020-04-20 17:46:54 UTC

FEDORA-2020-4eb44f03d1 has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2020-4eb44f03d1

Comment 2 Fedora Update System 2020-04-20 17:46:56 UTC

FEDORA-EPEL-2020-9246dec392 has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-9246dec392

Comment 3 Fedora Update System 2020-04-20 17:46:57 UTC

FEDORA-2020-0c757bc702 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-0c757bc702

Comment 4 Fedora Update System 2020-04-20 17:46:57 UTC

FEDORA-EPEL-2020-daf85703e8 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-daf85703e8

Comment 5 Fedora Update System 2020-04-22 19:27:00 UTC

FEDORA-EPEL-2020-9246dec392 has been pushed to the Fedora EPEL 8 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-9246dec392

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 6 Fedora Update System 2020-04-22 19:46:27 UTC

FEDORA-EPEL-2020-daf85703e8 has been pushed to the Fedora EPEL 7 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-daf85703e8

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 7 Fedora Update System 2020-04-22 20:13:57 UTC

FEDORA-2020-4eb44f03d1 has been pushed to the Fedora 30 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-4eb44f03d1`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-4eb44f03d1

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 8 Fedora Update System 2020-04-22 20:28:31 UTC

FEDORA-2020-45eee13072 has been pushed to the Fedora 31 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-45eee13072`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-45eee13072

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 9 Fedora Update System 2020-04-30 02:50:45 UTC

FEDORA-2020-4eb44f03d1 has been pushed to the Fedora 30 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 10 Fedora Update System 2020-04-30 03:42:29 UTC

FEDORA-2020-45eee13072 has been pushed to the Fedora 31 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 11 Fedora Update System 2020-05-01 00:35:55 UTC

FEDORA-2020-0c757bc702 has been pushed to the Fedora 32 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 12 Fedora Update System 2020-05-07 00:40:46 UTC

FEDORA-EPEL-2020-9246dec392 has been pushed to the Fedora EPEL 8 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 13 Fedora Update System 2020-05-07 00:49:30 UTC

FEDORA-EPEL-2020-daf85703e8 has been pushed to the Fedora EPEL 7 stable repository.
If problem still persists, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.