Skip to content

Loading ELF with NOTE sections at beginning causes duplicate symbols throughout code #6732

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wrffrz opened this issue Apr 25, 2025 · 0 comments
Open

Loading ELF with NOTE sections at beginning causes duplicate symbols throughout code #6732

wrffrz opened this issue Apr 25, 2025 · 0 comments

Comments

@wrffrz
Copy link

wrffrz commented Apr 25, 2025

Version and Platform (required):

  • Binary Ninja Version: 5.0.7290-Stable
  • OS: Windows 11 Pro
  • OS Version: 10.0.26100 Build 26100
  • CPU Architecture: x86-64

Bug Description:
When loading ELF executables with NOTE-type sections at the beginning, the note data is loaded into the address space which causes a shift in the address calculations for the following PROGBITS sections and duplicate symbols are created throughout the code section.

Steps To Reproduce:
Please provide all steps required to reproduce the behavior:

  1. Load the attached bonding.ko linux-armv7 kernel module executable and observe the duplicate functions that are created at the wrong offsets.

Expected Behavior:
The NOTE sections should not be loaded into the address space and cause a shift in the address calculations of the rest of the PROGBITS sections.

Screenshots/Video Recording:
Image

Binary:
bonding.zip

Additional Information:
Please add any other context about the problem here.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@wrffrz