. For this path it resolves the go symbols within the '.symtab' named section (for PE files at least). These symbols contain RVAs to index into the '.data' named section (for PE files). In the world there exists binaries where these symbols are malformed, I do not know why, potentially these were edited by hand on purpose, or potentially at some point in time a go compiler bug existed.
The epclntab symbol can in some instances point just beyond the .data section. I'm inclined to think this may be an old bug because subtracting the start address of the .data starting virtual address (4096 in this case) brings the value in range of the end of the data section. The binary I am dealing with is go 1.2
Either way, there is zero verification of the symbol values before indexing into the data array, this should be fixed so that a nice error can be ommited rather than panicking unexpectedly. This also involves my old ticket as well: #42954. For binaries such as this one with invalid symbols the tab can be trivially found with a signature scan. This would be an even better fallback behavior than printing an 'error malformed pclntab symbols'.
The text was updated successfully, but these errors were encountered: