608764 – app-misc/pax-utils: dumpelf: multiple misaligned address error

Bug 608764 - app-misc/pax-utils: dumpelf: multiple misaligned address error

Summary: app-misc/pax-utils: dumpelf: multiple misaligned address error

Status:	CONFIRMED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Toolchain Maintainers

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2017-02-09 15:18 UTC by Agostino Sarubbo
Modified:	2021-07-02 06:03 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2017-02-09 15:18:15 UTC

Found with UBSAN.
All issues are reproducibile with "dumpelf $FILE"
Tested on 1.2.2

1)
dumpelf.c:117:3: runtime error: member access within misaligned address 0x7f05d65120f6 for type 'const Elf32_Shdr', which requires 4 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00162-pax-utils-dumpelf-misalignedadd1


2)
dumpelf.c:118:3: runtime error: member access within misaligned address 0x7f03e43cb7e1 for type 'const Elf64_Shdr', which requires 8 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00163-pax-utils-dumpelf-misalignedadd2


3)
dumpelf.c:228:12: runtime error: member access within misaligned address 0x7efc7ecc426d for type 'const Elf32_Nhdr', which requires 4 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00164-pax-utils-dumpelf-misalignedadd3


4)
dumpelf.c:323:2: runtime error: member access within misaligned address 0x7f305b9830fa for type 'const Elf32_Phdr', which requires 4 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00165-pax-utils-dumpelf-misalignedadd4


5)
dumpelf.c:324:2: runtime error: member access within misaligned address 0x7f01c1be204b for type 'const Elf64_Phdr', which requires 8 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00166-pax-utils-dumpelf-misalignedadd5


6)
dumpelf.c:485:2: runtime error: member access within misaligned address 0x7f1cb0efb001 for type 'const Elf32_Dyn', which requires 4 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00167-pax-utils-dumpelf-misalignedadd6


7)
dumpelf.c:486:2: runtime error: member access within misaligned address 0x7f0d4ee54e7f for type 'const Elf64_Dyn', which requires 8 byte alignment

Reproducer:
https://github.com/asarubbo/poc/blob/master/00168-pax-utils-dumpelf-misalignedadd7

Comment 1 SpanKY gentoo-dev

2017-02-09 20:13:36 UTC

misaligned accesses are not security issues

Comment 2 Agostino Sarubbo gentoo-dev

2017-02-10 08:21:42 UTC

(In reply to SpanKY from comment #1)
> misaligned accesses are not security issues

The misaligned access error can cause an undefined behavior, but if you think it is different, for me is fine as-is. Thanks.

Comment 3 SpanKY gentoo-dev

2017-02-10 21:08:11 UTC

(In reply to Agostino Sarubbo from comment #2)

it isn't undefined behavior.  that is a very specific term in the C/C++ language space.

unaligned accesses are not a problem on most arches (like x86, although i'm ignoring newer sse optimization requirements as they don't apply here).  on many of the rest (like older arm systems), the kernel will fix them up on the fly so userspace doesn't notice.  if the access isn't handled (by hardware or software), the result is an immediate crash (e.g. SIGBUS), not undefined behavior.

search bugzilla history.  we've never treated unaligned accesses as a security problem.  i don't see a reason to start now.