Found with UBSAN. All issues are reproducibile with "dumpelf $FILE" Tested on 1.2.2 1) dumpelf.c:117:3: runtime error: member access within misaligned address 0x7f05d65120f6 for type 'const Elf32_Shdr', which requires 4 byte alignment Reproducer: https://github.com/asarubbo/poc/blob/master/00162-pax-utils-dumpelf-misalignedadd1 2) dumpelf.c:118:3: runtime error: member access within misaligned address 0x7f03e43cb7e1 for type 'const Elf64_Shdr', which requires 8 byte alignment Reproducer: https://github.com/asarubbo/poc/blob/master/00163-pax-utils-dumpelf-misalignedadd2 3) dumpelf.c:228:12: runtime error: member access within misaligned address 0x7efc7ecc426d for type 'const Elf32_Nhdr', which requires 4 byte alignment Reproducer: https://github.com/asarubbo/poc/blob/master/00164-pax-utils-dumpelf-misalignedadd3 4) dumpelf.c:323:2: runtime error: member access within misaligned address 0x7f305b9830fa for type 'const Elf32_Phdr', which requires 4 byte alignment Reproducer: https://github.com/asarubbo/poc/blob/master/00165-pax-utils-dumpelf-misalignedadd4 5) dumpelf.c:324:2: runtime error: member access within misaligned address 0x7f01c1be204b for type 'const Elf64_Phdr', which requires 8 byte alignment Reproducer: https://github.com/asarubbo/poc/blob/master/00166-pax-utils-dumpelf-misalignedadd5 6) dumpelf.c:485:2: runtime error: member access within misaligned address 0x7f1cb0efb001 for type 'const Elf32_Dyn', which requires 4 byte alignment Reproducer: https://github.com/asarubbo/poc/blob/master/00167-pax-utils-dumpelf-misalignedadd6 7) dumpelf.c:486:2: runtime error: member access within misaligned address 0x7f0d4ee54e7f for type 'const Elf64_Dyn', which requires 8 byte alignment Reproducer: https://github.com/asarubbo/poc/blob/master/00168-pax-utils-dumpelf-misalignedadd7
misaligned accesses are not security issues
(In reply to SpanKY from comment #1) > misaligned accesses are not security issues The misaligned access error can cause an undefined behavior, but if you think it is different, for me is fine as-is. Thanks.
(In reply to Agostino Sarubbo from comment #2) it isn't undefined behavior. that is a very specific term in the C/C++ language space. unaligned accesses are not a problem on most arches (like x86, although i'm ignoring newer sse optimization requirements as they don't apply here). on many of the rest (like older arm systems), the kernel will fix them up on the fly so userspace doesn't notice. if the access isn't handled (by hardware or software), the result is an immediate crash (e.g. SIGBUS), not undefined behavior. search bugzilla history. we've never treated unaligned accesses as a security problem. i don't see a reason to start now.