zznop
commented
4 years ago @EMCELLY I worked on a fix last night and just merged this commit in master https://github.com/zznop/drow/pull/5/commits/7a040494aca05184e8fb2e4eea1e625d6c445523
I was able to reproduce the issue with Ubuntu ls. The problem was that it had a nobits RX segment (no sections in it). This commit adds a check to ensure that the last section in the RX segment is found. If it is not, then it continues parsing program headers to find the next RX segment (if one exists). drow now successfully applies the patch to the ubuntu binary that I tested with. I have not tested on Centos. Thanks for your contributions lately. Let me know if you have any other issues.
From @EMCELLY:
I did some quick testing here are the results.
Centos 8.1 - works as expected. Ubunutu 18 - segfault in drow Ubuntu 16 - segfault in drow Centos 7.-0 - segfault in drow Centos 6.0 - segfault in drow
Attaching some gdb logs and a core file since they all seem to be the same issue on line 103 of find_exe_seg_last_section function.
core.15948.gz ubuntu-18.crash.txt ubuntu-16.crash.txt centos-7.0.crash.txt centos-6.0-crash.txt
Originally posted by @EMCELLY in https://github.com/zznop/drow/issues/2#issuecomment-653823785