Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

debug/elf: slice out of bounds in ImportedLibraries #63610

Closed
catenacyber opened this issue Oct 18, 2023 · 3 comments
Closed

debug/elf: slice out of bounds in ImportedLibraries #63610

catenacyber opened this issue Oct 18, 2023 · 3 comments
Labels
compiler/runtime Issues related to the Go compiler and/or runtime. NeedsFix The path to resolution is known, but the work has not been done.
Milestone
Backlog

Comments

@catenacyber
Copy link
Contributor

What version of Go are you using (go version)?

$ go version
go version go1.21 linux/amd64

Does this issue reproduce with the latest release?

Happens only on dev branch, not in go 1.21

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/root/.cache/go-build"
GOENV="/root/.config/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/root/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/root/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/root/.go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/root/.go/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="go1.21"
GCCGO="gccgo"
GOAMD64="v1"
AR="ar"
CC="clang"
CXX="clang++"
CGO_ENABLED="1"
GOMOD="/src/ngolo-fuzzing/go.mod"
GOWORK=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -Wl,--no-gc-sections -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build2481516251=/tmp/go-build -gno-record-gcc-switches"

What did you do?

Run https://go.dev/play/p/YHQ22XnGe0d

What did you expect to see?

The program finishing and printing Hello, without panicking

What did you see instead?

panic: runtime error: slice bounds out of range [:4] with capacity 2

goroutine 1 [running]:
debug/elf.(*File).DynString(0xc000112000, 0x1)
	/usr/local/go-faketime/src/debug/elf/file.go:1620 +0x595
debug/elf.(*File).ImportedLibraries(...)
	/usr/local/go-faketime/src/debug/elf/file.go:1587
main.main()
	/tmp/sandbox1721714288/prog.go:13 +0x130

Program exited.

Found by https://github.com/catenacyber/ngolo-fuzzing with oss-fuzz :
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63166
@gopherbot gopherbot added the compiler/runtime Issues related to the Go compiler and/or runtime. label Oct 18, 2023
@gopherbot
Copy link

Change https://go.dev/cl/536400 mentions this issue: debug/elf: return error in DynString for invalid dynamic section size

@cagedmantis cagedmantis added the NeedsFix The path to resolution is known, but the work has not been done. label Oct 20, 2023
@cagedmantis cagedmantis added this to the Backlog milestone Oct 20, 2023
@cagedmantis
Copy link
Contributor

cc @golang/compiler

@ianlancetaylor
Copy link
Contributor

I sent a CL (https://go.dev/cl/536400), which is awaiting review.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
compiler/runtime Issues related to the Go compiler and/or runtime. NeedsFix The path to resolution is known, but the work has not been done.
Projects
None yet
Milestone
Backlog
Development

No branches or pull requests
4 participants
@cagedmantis @ianlancetaylor @gopherbot @catenacyber