-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Infinite loop? #15
Comments
I was able to reproduce this behavior. The problem appears to be in the
I haven't been able to identify the Linux structure that is causing the problem. The long term solution would involve a fix in golang dwarf package. A short term solution would involve modifying how |
Can someone make the changes given in the suggestion from above? That would be much appreciated. |
I don't think this has been resolved yet, so reopening so we don't lose track... |
The dwarf
It is not clear what type this is. It appears that golang The entry at the same offset (2391 == 0x957) as reported by
The definition for
|
I debugged this a bit and it appears to be related to ELF relocations being applied when they shouldn't be, prior to DWARF parsing. Removing relocations fixes at least one test case, but may introduce other regressions. I've pushed a branch, but we will need to do more testing and analysis, and perhaps discuss whether this might also be an issue for Mach-O. |
Hi @LawrenceRRogers, could you verify that PR #28 ( |
PR #28 is now merged. Please reopen this issue if that fix doesn't work for your use case. |
On Fedora 32, I am trying to construct a json for Volatility 3. I have built dwarf2json version 0.6.0 from https://github.com/volatilityfoundation/dwarf2json under Fedora 32 using golang-1.14.3-1. The build is successful, that is there are no errors. I then installed both kernel-debuginfo-5.6.15-300.fc32.x86_64 and kernel-debuginfo-common-x86_64-5.6.15-300.fc32.x86_64. I ran dwarf2json as follows:
$ dwarf2json-fc32x linux --elf /usr/lib/debug/usr/lib/modules/5.6.15-300.fc32.x86_64/vmlinux --system-map /boot/System.map-5.6.15-300.fc32.x86_64
and I get the errors noted in the attached text file
dwarf2json-error-001.txt
I received a recommendation from the Volatility 3 developer group that felt the issue was with dwarf2json which is why I am posting this note.
Thanks for any help. I have the same problem on Fedora 29 and CentOS 7.8.
The text was updated successfully, but these errors were encountered: