diff mbox series

[Bug,tools/33004] Stack Buffer Underflow in eu-unstrip's sections_match Function

Message ID bug-33004-10460-fQlSLIIPdq@http.sourceware.org/bugzilla/
State Not applicable
Headers
Series [Bug,tools/33004] Stack Buffer Underflow in eu-unstrip's sections_match Function |

Commit Message

mark at klomp dot org June 1, 2025, 7:54 p.m. UTC 
  https://sourceware.org/bugzilla/show_bug.cgi?id=33004

Mark Wielaard <mark at klomp dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mark at klomp dot org

--- Comment #1 from Mark Wielaard <mark at klomp dot org> ---
I cannot replicate this.

But running under valgrind does show some "Conditional jump or move depends on
uninitialised value(s)" issues before showing:
eu-unstrip: cannot find matching section for [1] '.text'

This is correct, the POC files seem corrupt ELF files.
There are no sections, so the section data isn't initialized.

We should probably error out earlier using something like:
diff mbox series

Patch

diff --git a/src/unstrip.c b/src/unstrip.c
index 0ae76f77e9ae..81c5496f43a0 100644
--- a/src/unstrip.c
+++ b/src/unstrip.c
@@ -1447,7 +1447,7 @@  copy_elided_sections (Elf *unstripped, Elf *stripped,
     error_exit (0, _("\
 more sections in stripped file than debug file -- arguments reversed?"));

-  if (unlikely (stripped_shnum == 0))
+  if (unlikely (stripped_shnum <= 1))
     error_exit (0, _("no sections in stripped file"));

   /* Used as sanity check for allocated section offset, if the section