Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 608764

Summary: app-misc/pax-utils: dumpelf: multiple misaligned address error
Product: Gentoo Linux Reporter: Agostino Sarubbo <ago>
Component: Current packagesAssignee: Sergei Trofimovich <slyfox>
Status: CONFIRMED ---    
Severity: normal CC: toolchain
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2017-02-09 15:18:15 UTC
Found with UBSAN.
All issues are reproducibile with "dumpelf $FILE"
Tested on 1.2.2

1)
dumpelf.c:117:3: runtime error: member access within misaligned address 0x7f05d65120f6 for type 'const Elf32_Shdr', which requires 4 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00162-pax-utils-dumpelf-misalignedadd1


2)
dumpelf.c:118:3: runtime error: member access within misaligned address 0x7f03e43cb7e1 for type 'const Elf64_Shdr', which requires 8 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00163-pax-utils-dumpelf-misalignedadd2


3)
dumpelf.c:228:12: runtime error: member access within misaligned address 0x7efc7ecc426d for type 'const Elf32_Nhdr', which requires 4 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00164-pax-utils-dumpelf-misalignedadd3


4)
dumpelf.c:323:2: runtime error: member access within misaligned address 0x7f305b9830fa for type 'const Elf32_Phdr', which requires 4 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00165-pax-utils-dumpelf-misalignedadd4


5)
dumpelf.c:324:2: runtime error: member access within misaligned address 0x7f01c1be204b for type 'const Elf64_Phdr', which requires 8 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00166-pax-utils-dumpelf-misalignedadd5


6)
dumpelf.c:485:2: runtime error: member access within misaligned address 0x7f1cb0efb001 for type 'const Elf32_Dyn', which requires 4 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00167-pax-utils-dumpelf-misalignedadd6


7)
dumpelf.c:486:2: runtime error: member access within misaligned address 0x7f0d4ee54e7f for type 'const Elf64_Dyn', which requires 8 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00168-pax-utils-dumpelf-misalignedadd7
Comment 1 SpanKY gentoo-dev 2017-02-09 20:13:36 UTC
misaligned accesses are not security issues
Comment 2 Agostino Sarubbo gentoo-dev 2017-02-10 08:21:42 UTC
(In reply to SpanKY from comment #1)
> misaligned accesses are not security issues

The misaligned access error can cause an undefined behavior, but if you think it is different, for me is fine as-is. Thanks.
Comment 3 SpanKY gentoo-dev 2017-02-10 21:08:11 UTC
(In reply to Agostino Sarubbo from comment #2)

it isn't undefined behavior.  that is a very specific term in the C/C++ language space.

unaligned accesses are not a problem on most arches (like x86, although i'm ignoring newer sse optimization requirements as they don't apply here).  on many of the rest (like older arm systems), the kernel will fix them up on the fly so userspace doesn't notice.  if the access isn't handled (by hardware or software), the result is an immediate crash (e.g. SIGBUS), not undefined behavior.

search bugzilla history.  we've never treated unaligned accesses as a security problem.  i don't see a reason to start now.