Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 608764 - app-misc/pax-utils: dumpelf: multiple misaligned address error
Summary: app-misc/pax-utils: dumpelf: multiple misaligned address error
Status: CONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Sergei Trofimovich
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-02-09 15:18 UTC by Agostino Sarubbo
Modified: 2018-02-26 16:35 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2017-02-09 15:18:15 UTC
Found with UBSAN.
All issues are reproducibile with "dumpelf $FILE"
Tested on 1.2.2

1)
dumpelf.c:117:3: runtime error: member access within misaligned address 0x7f05d65120f6 for type 'const Elf32_Shdr', which requires 4 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00162-pax-utils-dumpelf-misalignedadd1


2)
dumpelf.c:118:3: runtime error: member access within misaligned address 0x7f03e43cb7e1 for type 'const Elf64_Shdr', which requires 8 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00163-pax-utils-dumpelf-misalignedadd2


3)
dumpelf.c:228:12: runtime error: member access within misaligned address 0x7efc7ecc426d for type 'const Elf32_Nhdr', which requires 4 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00164-pax-utils-dumpelf-misalignedadd3


4)
dumpelf.c:323:2: runtime error: member access within misaligned address 0x7f305b9830fa for type 'const Elf32_Phdr', which requires 4 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00165-pax-utils-dumpelf-misalignedadd4


5)
dumpelf.c:324:2: runtime error: member access within misaligned address 0x7f01c1be204b for type 'const Elf64_Phdr', which requires 8 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00166-pax-utils-dumpelf-misalignedadd5


6)
dumpelf.c:485:2: runtime error: member access within misaligned address 0x7f1cb0efb001 for type 'const Elf32_Dyn', which requires 4 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00167-pax-utils-dumpelf-misalignedadd6


7)
dumpelf.c:486:2: runtime error: member access within misaligned address 0x7f0d4ee54e7f for type 'const Elf64_Dyn', which requires 8 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00168-pax-utils-dumpelf-misalignedadd7
Comment 1 SpanKY gentoo-dev 2017-02-09 20:13:36 UTC
misaligned accesses are not security issues
Comment 2 Agostino Sarubbo gentoo-dev 2017-02-10 08:21:42 UTC
(In reply to SpanKY from comment #1)
> misaligned accesses are not security issues

The misaligned access error can cause an undefined behavior, but if you think it is different, for me is fine as-is. Thanks.
Comment 3 SpanKY gentoo-dev 2017-02-10 21:08:11 UTC
(In reply to Agostino Sarubbo from comment #2)

it isn't undefined behavior.  that is a very specific term in the C/C++ language space.

unaligned accesses are not a problem on most arches (like x86, although i'm ignoring newer sse optimization requirements as they don't apply here).  on many of the rest (like older arm systems), the kernel will fix them up on the fly so userspace doesn't notice.  if the access isn't handled (by hardware or software), the result is an immediate crash (e.g. SIGBUS), not undefined behavior.

search bugzilla history.  we've never treated unaligned accesses as a security problem.  i don't see a reason to start now.