Skip to content

Rida crashes if .plt section is empty

One way to obtain executables with an empty .plt section is to compile a simple C program that does not call any library functions using GCC (this does not seem to happen with clang).

The simplest example would be the program: int main() { return 0; } compiled using gcc 9.4 (the default on ubuntu 20.04).

The issue consists of two parts:

  • The function handle_x86_plt reads four bytes over the boundary of the .plt section to check for the presence of an enhanced plt section
  • Parsing the .plt.got section (which usually contains at least the __cxa_finalize function) then assumes that it is not an enhanced plt and parses the instruction wrongly, crashing

As a possible solution, I can only think of checking for enhanced plt property in the .plt.got section separately if the .plt section is empty. I can currently not implement this since I do not know how to generate executables without the enhanced plt property to test the bugfix.