Print this page
5578 file(1) should validate Elf_Shdr->sh_name
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/cmd/file/elf_read.c
+++ new/usr/src/cmd/file/elf_read.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
22 22 /* All Rights Reserved */
23 23
24 24
25 25 /* Copyright (c) 1987, 1988 Microsoft Corporation */
26 26 /* All Rights Reserved */
27 27
28 28 /*
29 29 * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
30 30 * Use is subject to license terms.
31 31 */
32 32
33 33 /*
34 34 * ELF files can exceed 2GB in size. A standard 32-bit program
35 35 * like 'file' cannot read past 2GB, and will be unable to see
36 36 * the ELF section headers that typically are at the end of the
37 37 * object. The simplest solution to this problem would be to make
38 38 * the 'file' command a 64-bit application. However, as a matter of
39 39 * policy, we do not want to require this. A simple command like
40 40 * 'file' should not carry such a requirement, especially as we
41 41 * support 32-bit only hardware.
42 42 *
43 43 * An alternative solution is to build this code as 32-bit
44 44 * large file aware. The usual way to do this is to define a pair
45 45 * of preprocessor definitions:
46 46 *
47 47 * _LARGEFILE64_SOURCE
48 48 * Map standard I/O routines to their largefile aware versions.
49 49 *
50 50 * _FILE_OFFSET_BITS=64
51 51 * Map off_t to off64_t
52 52 *
53 53 * The problem with this solution is that libelf is not large file capable,
54 54 * and the libelf header file will prevent compilation if
55 55 * _FILE_OFFSET_BITS is set to 64.
56 56 *
57 57 * So, the solution used in this code is to define _LARGEFILE64_SOURCE
58 58 * to get access to the 64-bit APIs, not to define _FILE_OFFSET_BITS, and to
59 59 * use our own types in place of off_t, and size_t. We read all the file
60 60 * data directly using pread64(), and avoid the use of libelf for anything
61 61 * other than the xlate functionality.
62 62 */
63 63 #define _LARGEFILE64_SOURCE
64 64 #define FILE_ELF_OFF_T off64_t
65 65 #define FILE_ELF_SIZE_T uint64_t
66 66
67 67 #include <ctype.h>
68 68 #include <unistd.h>
69 69 #include <fcntl.h>
70 70 #include <stdio.h>
71 71 #include <libelf.h>
72 72 #include <stdlib.h>
73 73 #include <limits.h>
74 74 #include <locale.h>
75 75 #include <string.h>
76 76 #include <errno.h>
77 77 #include <procfs.h>
78 78 #include <sys/param.h>
79 79 #include <sys/types.h>
80 80 #include <sys/stat.h>
81 81 #include <sys/elf.h>
82 82 #include <elfcap.h>
83 83 #include "file.h"
84 84 #include "elf_read.h"
85 85
86 86 extern const char *File;
87 87
88 88 static int get_class(void);
89 89 static int get_version(void);
90 90 static int get_format(void);
91 91 static int process_shdr(Elf_Info *);
92 92 static int process_phdr(Elf_Info *);
93 93 static int file_xlatetom(Elf_Type, char *);
94 94 static int xlatetom_nhdr(Elf_Nhdr *);
95 95 static int get_phdr(Elf_Info *, int);
96 96 static int get_shdr(Elf_Info *, int);
97 97
98 98 static Elf_Ehdr EI_Ehdr; /* Elf_Ehdr to be stored */
99 99 static Elf_Word EI_Ehdr_shnum; /* # section headers */
100 100 static Elf_Word EI_Ehdr_phnum; /* # program headers */
101 101 static Elf_Word EI_Ehdr_shstrndx; /* Index of section hdr string table */
102 102 static Elf_Shdr EI_Shdr; /* recent Elf_Shdr to be stored */
103 103 static Elf_Phdr EI_Phdr; /* recent Elf_Phdr to be stored */
104 104
105 105
106 106 static int
107 107 get_class(void)
108 108 {
109 109 return (EI_Ehdr.e_ident[EI_CLASS]);
110 110 }
111 111
112 112 static int
113 113 get_version(void)
114 114 {
115 115 /* do as what libelf:_elf_config() does */
116 116 return (EI_Ehdr.e_ident[EI_VERSION] ?
117 117 EI_Ehdr.e_ident[EI_VERSION] : 1);
118 118 }
119 119
120 120 static int
121 121 get_format(void)
122 122 {
123 123 return (EI_Ehdr.e_ident[EI_DATA]);
124 124 }
125 125
126 126 /*
127 127 * file_xlatetom: translate different headers from file
128 128 * representation to memory representaion.
129 129 */
130 130 #define HDRSZ 512
131 131 static int
132 132 file_xlatetom(Elf_Type type, char *hdr)
133 133 {
134 134 Elf_Data src, dst;
135 135 char *hbuf[HDRSZ];
136 136 int version, format;
137 137
138 138 version = get_version();
139 139 format = get_format();
140 140
141 141 /* will convert only these types */
142 142 if (type != ELF_T_EHDR && type != ELF_T_PHDR &&
143 143 type != ELF_T_SHDR && type != ELF_T_WORD &&
144 144 type != ELF_T_CAP)
145 145 return (ELF_READ_FAIL);
146 146
147 147 src.d_buf = (Elf_Void *)hdr;
148 148 src.d_type = type;
149 149 src.d_version = version;
150 150
151 151 dst.d_buf = (Elf_Void *)&hbuf;
152 152 dst.d_version = EV_CURRENT;
153 153
154 154 src.d_size = elf_fsize(type, 1, version);
155 155 dst.d_size = elf_fsize(type, 1, EV_CURRENT);
156 156 if (elf_xlatetom(&dst, &src, format) == NULL)
157 157 return (ELF_READ_FAIL);
158 158
159 159 (void) memcpy(hdr, &hbuf, dst.d_size);
160 160 return (ELF_READ_OKAY);
161 161 }
162 162
163 163 /*
164 164 * xlatetom_nhdr: There is no routine to convert Note header
165 165 * so we convert each field of this header.
166 166 */
167 167 static int
168 168 xlatetom_nhdr(Elf_Nhdr *nhdr)
169 169 {
170 170 int r = ELF_READ_FAIL;
171 171
172 172 r |= file_xlatetom(ELF_T_WORD, (char *)&nhdr->n_namesz);
173 173 r |= file_xlatetom(ELF_T_WORD, (char *)&nhdr->n_descsz);
174 174 r |= file_xlatetom(ELF_T_WORD, (char *)&nhdr->n_type);
175 175 return (r);
176 176 }
177 177
178 178 /*
179 179 * elf_read: reads elf header, program, section headers to
180 180 * collect all information needed for file(1)
181 181 * output and stores them in Elf_Info.
182 182 */
183 183 int
184 184 elf_read(int fd, Elf_Info *EI)
185 185 {
186 186 FILE_ELF_SIZE_T size;
187 187 int ret = 1;
188 188
189 189 Elf_Ehdr *ehdr = &EI_Ehdr;
190 190
191 191 EI->elffd = fd;
192 192 size = sizeof (Elf_Ehdr);
193 193
194 194 if (pread64(EI->elffd, (void*)ehdr, size, 0) != size)
195 195 ret = 0;
196 196
197 197
198 198 if (file_xlatetom(ELF_T_EHDR, (char *)ehdr) == ELF_READ_FAIL)
199 199 ret = 0;
200 200
201 201 if (EI->file == NULL)
202 202 return (ELF_READ_FAIL);
203 203
204 204 /*
205 205 * Extended section or program indexes in use? If so, special
206 206 * values in the ELF header redirect us to get the real values
207 207 * from shdr[0].
208 208 */
209 209 EI_Ehdr_shnum = EI_Ehdr.e_shnum;
210 210 EI_Ehdr_phnum = EI_Ehdr.e_phnum;
211 211 EI_Ehdr_shstrndx = EI_Ehdr.e_shstrndx;
212 212 if (((EI_Ehdr_shnum == 0) || (EI_Ehdr_phnum == PN_XNUM)) &&
213 213 (EI_Ehdr.e_shoff != 0)) {
214 214 if (get_shdr(EI, 0) == ELF_READ_FAIL)
215 215 return (ELF_READ_FAIL);
216 216 if (EI_Ehdr_shnum == 0)
217 217 EI_Ehdr_shnum = EI_Shdr.sh_size;
218 218 if ((EI_Ehdr_phnum == PN_XNUM) && (EI_Shdr.sh_info != 0))
219 219 EI_Ehdr_phnum = EI_Shdr.sh_info;
220 220 if (EI_Ehdr_shstrndx == SHN_XINDEX)
221 221 EI_Ehdr_shstrndx = EI_Shdr.sh_link;
222 222 }
223 223
224 224 EI->type = ehdr->e_type;
225 225 EI->machine = ehdr->e_machine;
226 226 EI->flags = ehdr->e_flags;
227 227
228 228 if (ret == 0) {
229 229 (void) fprintf(stderr, gettext("%s: %s: can't "
230 230 "read ELF header\n"), File, EI->file);
231 231 return (ELF_READ_FAIL);
232 232 }
233 233 if (process_phdr(EI) == ELF_READ_FAIL)
234 234 return (ELF_READ_FAIL);
235 235
236 236 /* We don't need section info for core files */
237 237 if (ehdr->e_type != ET_CORE)
238 238 if (process_shdr(EI) == ELF_READ_FAIL)
239 239 return (ELF_READ_FAIL);
240 240
241 241 return (ELF_READ_OKAY);
242 242 }
243 243
244 244 /*
245 245 * get_phdr: reads program header of specified index.
246 246 */
247 247 static int
248 248 get_phdr(Elf_Info *EI, int inx)
249 249 {
250 250 FILE_ELF_OFF_T off = 0;
251 251 FILE_ELF_SIZE_T size;
252 252
253 253 if (inx >= EI_Ehdr_phnum)
254 254 return (ELF_READ_FAIL);
255 255
256 256 size = sizeof (Elf_Phdr);
257 257 off = (FILE_ELF_OFF_T)EI_Ehdr.e_phoff + (inx * size);
258 258 if (pread64(EI->elffd, (void *)&EI_Phdr, size, off) != size)
259 259 return (ELF_READ_FAIL);
260 260
261 261 if (file_xlatetom(ELF_T_PHDR, (char *)&EI_Phdr) == ELF_READ_FAIL)
262 262 return (ELF_READ_FAIL);
263 263
264 264 return (ELF_READ_OKAY);
265 265 }
266 266
267 267 /*
268 268 * get_shdr: reads section header of specified index.
269 269 */
270 270 static int
271 271 get_shdr(Elf_Info *EI, int inx)
272 272 {
273 273 FILE_ELF_OFF_T off = 0;
274 274 FILE_ELF_SIZE_T size;
275 275
276 276 /*
277 277 * Prevent access to non-existent section headers.
278 278 *
279 279 * A value of 0 for e_shoff means that there is no section header
280 280 * array in the file. A value of 0 for e_shndx does not necessarily
281 281 * mean this - there can still be a 1-element section header array
282 282 * to support extended section or program header indexes that
283 283 * exceed the 16-bit fields used in the ELF header to represent them.
284 284 */
285 285 if ((EI_Ehdr.e_shoff == 0) || ((inx > 0) && (inx >= EI_Ehdr_shnum)))
286 286 return (ELF_READ_FAIL);
287 287
288 288 size = sizeof (Elf_Shdr);
289 289 off = (FILE_ELF_OFF_T)EI_Ehdr.e_shoff + (inx * size);
290 290
291 291 if (pread64(EI->elffd, (void *)&EI_Shdr, size, off) != size)
292 292 return (ELF_READ_FAIL);
293 293
294 294 if (file_xlatetom(ELF_T_SHDR, (char *)&EI_Shdr) == ELF_READ_FAIL)
295 295 return (ELF_READ_FAIL);
296 296
297 297 return (ELF_READ_OKAY);
298 298 }
299 299
300 300 /*
301 301 * process_phdr: Read Program Headers and see if it is a core
302 302 * file of either new or (pre-restructured /proc)
303 303 * type, read the name of the file that dumped this
304 304 * core, else see if this is a dynamically linked.
305 305 */
306 306 static int
307 307 process_phdr(Elf_Info *EI)
308 308 {
309 309 register int inx;
310 310
311 311 Elf_Nhdr Nhdr, *nhdr; /* note header just read */
312 312 Elf_Phdr *phdr = &EI_Phdr;
313 313
314 314 FILE_ELF_SIZE_T nsz, nmsz, dsz;
315 315 FILE_ELF_OFF_T offset;
316 316 int class;
317 317 int ntype;
318 318 char *psinfo, *fname;
319 319
320 320 nsz = sizeof (Elf_Nhdr);
321 321 nhdr = &Nhdr;
322 322 class = get_class();
323 323 for (inx = 0; inx < EI_Ehdr_phnum; inx++) {
324 324 if (get_phdr(EI, inx) == ELF_READ_FAIL)
325 325 return (ELF_READ_FAIL);
326 326
327 327 /* read the note if it is a core */
328 328 if (phdr->p_type == PT_NOTE &&
329 329 EI_Ehdr.e_type == ET_CORE) {
330 330 /*
331 331 * If the next segment is also a note, use it instead.
332 332 */
333 333 if (get_phdr(EI, inx+1) == ELF_READ_FAIL)
334 334 return (ELF_READ_FAIL);
335 335 if (phdr->p_type != PT_NOTE) {
336 336 /* read the first phdr back */
337 337 if (get_phdr(EI, inx) == ELF_READ_FAIL)
338 338 return (ELF_READ_FAIL);
339 339 }
340 340 offset = phdr->p_offset;
341 341 if (pread64(EI->elffd, (void *)nhdr, nsz, offset)
342 342 != nsz)
343 343 return (ELF_READ_FAIL);
344 344
345 345 /* Translate the ELF note header */
346 346 if (xlatetom_nhdr(nhdr) == ELF_READ_FAIL)
347 347 return (ELF_READ_FAIL);
348 348
349 349 ntype = nhdr->n_type;
350 350 nmsz = nhdr->n_namesz;
351 351 dsz = nhdr->n_descsz;
352 352
353 353 offset += nsz + ((nmsz + 0x03) & ~0x3);
354 354 if ((psinfo = malloc(dsz)) == NULL) {
355 355 int err = errno;
356 356 (void) fprintf(stderr, gettext("%s: malloc "
357 357 "failed: %s\n"), File, strerror(err));
358 358 exit(1);
359 359 }
360 360 if (pread64(EI->elffd, psinfo, dsz, offset) != dsz)
361 361 return (ELF_READ_FAIL);
362 362 /*
363 363 * We want to print the string contained
364 364 * in psinfo->pr_fname[], where 'psinfo'
365 365 * is either an old NT_PRPSINFO structure
366 366 * or a new NT_PSINFO structure.
367 367 *
368 368 * Old core files have only type NT_PRPSINFO.
369 369 * New core files have type NT_PSINFO.
370 370 *
371 371 * These structures are also different by
372 372 * virtue of being contained in a core file
373 373 * of either 32-bit or 64-bit type.
374 374 *
375 375 * To further complicate matters, we ourself
376 376 * might be compiled either 32-bit or 64-bit.
377 377 *
378 378 * For these reason, we just *know* the offsets of
379 379 * pr_fname[] into the four different structures
380 380 * here, regardless of how we are compiled.
381 381 */
382 382 if (class == ELFCLASS32) {
383 383 /* 32-bit core file, 32-bit structures */
384 384 if (ntype == NT_PSINFO)
385 385 fname = psinfo + 88;
386 386 else /* old: NT_PRPSINFO */
387 387 fname = psinfo + 84;
388 388 } else if (class == ELFCLASS64) {
389 389 /* 64-bit core file, 64-bit structures */
390 390 if (ntype == NT_PSINFO)
391 391 fname = psinfo + 136;
392 392 else /* old: NT_PRPSINFO */
393 393 fname = psinfo + 120;
394 394 }
395 395 EI->core_type = (ntype == NT_PRPSINFO)?
396 396 EC_OLDCORE : EC_NEWCORE;
397 397 (void) memcpy(EI->fname, fname, strlen(fname));
398 398 free(psinfo);
399 399 }
400 400 if (phdr->p_type == PT_DYNAMIC) {
401 401 EI->dynamic = B_TRUE;
402 402 }
403 403 }
404 404 return (ELF_READ_OKAY);
405 405 }
406 406
407 407 /*
408 408 * process_shdr: Read Section Headers to attempt to get HW/SW
409 409 * capabilities by looking at the SUNW_cap
410 410 * section and set string in Elf_Info.
411 411 * Also look for symbol tables and debug
|
↓ open down ↓ |
411 lines elided |
↑ open up ↑ |
412 412 * information sections. Set the "stripped" field
413 413 * in Elf_Info with corresponding flags.
414 414 */
415 415 static int
416 416 process_shdr(Elf_Info *EI)
417 417 {
418 418 int capn, mac;
419 419 int i, j, idx;
420 420 FILE_ELF_OFF_T cap_off;
421 421 FILE_ELF_SIZE_T csize;
422 - char *section_name;
422 + char *strtab;
423 + size_t strtab_sz;
423 424 Elf_Cap Chdr;
424 425 Elf_Shdr *shdr = &EI_Shdr;
425 426
426 427
427 428 csize = sizeof (Elf_Cap);
428 429 mac = EI_Ehdr.e_machine;
429 430
430 431 /* if there are no sections, return success anyway */
431 432 if (EI_Ehdr.e_shoff == 0 && EI_Ehdr_shnum == 0)
432 433 return (ELF_READ_OKAY);
433 434
434 435 /* read section names from String Section */
435 436 if (get_shdr(EI, EI_Ehdr_shstrndx) == ELF_READ_FAIL)
436 437 return (ELF_READ_FAIL);
437 438
438 - if ((section_name = malloc(shdr->sh_size)) == NULL)
439 + if ((strtab = malloc(shdr->sh_size)) == NULL)
439 440 return (ELF_READ_FAIL);
440 441
441 - if (pread64(EI->elffd, section_name, shdr->sh_size, shdr->sh_offset)
442 + if (pread64(EI->elffd, strtab, shdr->sh_size, shdr->sh_offset)
442 443 != shdr->sh_size)
443 444 return (ELF_READ_FAIL);
444 445
446 + strtab_sz = shdr->sh_size;
447 +
445 448 /* read all the sections and process them */
446 449 for (idx = 1, i = 0; i < EI_Ehdr_shnum; idx++, i++) {
447 - char *str;
450 + char *shnam;
448 451
449 452 if (get_shdr(EI, i) == ELF_READ_FAIL)
450 453 return (ELF_READ_FAIL);
451 454
452 455 if (shdr->sh_type == SHT_NULL) {
453 456 idx--;
454 457 continue;
455 458 }
456 459
457 460 cap_off = shdr->sh_offset;
458 461 if (shdr->sh_type == SHT_SUNW_cap) {
459 462 char capstr[128];
460 463
461 464 if (shdr->sh_size == 0 || shdr->sh_entsize == 0) {
462 465 (void) fprintf(stderr, ELF_ERR_ELFCAP1,
463 466 File, EI->file);
464 467 return (ELF_READ_FAIL);
465 468 }
466 469 capn = (shdr->sh_size / shdr->sh_entsize);
467 470 for (j = 0; j < capn; j++) {
468 471 /*
469 472 * read cap and xlate the values
470 473 */
471 474 if (pread64(EI->elffd, &Chdr, csize, cap_off)
472 475 != csize ||
473 476 file_xlatetom(ELF_T_CAP, (char *)&Chdr)
474 477 == 0) {
475 478 (void) fprintf(stderr, ELF_ERR_ELFCAP2,
476 479 File, EI->file);
477 480 return (ELF_READ_FAIL);
478 481 }
479 482
480 483 cap_off += csize;
481 484
482 485 /*
483 486 * Each capatibility group is terminated with
484 487 * CA_SUNW_NULL. Groups other than the first
485 488 * represent symbol capabilities, and aren't
486 489 * interesting here.
487 490 */
488 491 if (Chdr.c_tag == CA_SUNW_NULL)
489 492 break;
490 493
491 494 (void) elfcap_tag_to_str(ELFCAP_STYLE_UC,
492 495 Chdr.c_tag, Chdr.c_un.c_val, capstr,
493 496 sizeof (capstr), ELFCAP_FMT_SNGSPACE,
494 497 mac);
495 498
496 499 if ((*EI->cap_str != '\0') && (*capstr != '\0'))
497 500 (void) strlcat(EI->cap_str, " ",
498 501 sizeof (EI->cap_str));
499 502
500 503 (void) strlcat(EI->cap_str, capstr,
501 504 sizeof (EI->cap_str));
502 505 }
503 506 }
504 507
505 508 /*
506 509 * Definition time:
507 510 * - "not stripped" means that an executable file
508 511 * contains a Symbol Table (.symtab)
509 512 * - "stripped" means that an executable file
510 513 * does not contain a Symbol Table.
511 514 * When strip -l or strip -x is run, it strips the
512 515 * debugging information (.line section name (strip -l),
513 516 * .line, .debug*, .stabs*, .dwarf* section names
514 517 * and SHT_SUNW_DEBUGSTR and SHT_SUNW_DEBUG
515 518 * section types (strip -x), however the Symbol
516 519 * Table will still be present.
517 520 * Therefore, if
518 521 * - No Symbol Table present, then report
519 522 * "stripped"
520 523 * - Symbol Table present with debugging
521 524 * information (line number or debug section names,
522 525 * or SHT_SUNW_DEBUGSTR or SHT_SUNW_DEBUG section
523 526 * types) then report:
524 527 * "not stripped"
525 528 * - Symbol Table present with no debugging
526 529 * information (line number or debug section names,
527 530 * or SHT_SUNW_DEBUGSTR or SHT_SUNW_DEBUG section
528 531 * types) then report:
529 532 * "not stripped, no debugging information
530 533 * available"
|
↓ open down ↓ |
73 lines elided |
↑ open up ↑ |
531 534 */
532 535 if ((EI->stripped & E_NOSTRIP) == E_NOSTRIP)
533 536 continue;
534 537
535 538 if (!(EI->stripped & E_SYMTAB) &&
536 539 (shdr->sh_type == SHT_SYMTAB)) {
537 540 EI->stripped |= E_SYMTAB;
538 541 continue;
539 542 }
540 543
541 - str = §ion_name[shdr->sh_name];
544 + if (shdr->sh_name >= strtab_sz)
545 + shnam = NULL;
546 + else
547 + shnam = &strtab[shdr->sh_name];
542 548
543 549 if (!(EI->stripped & E_DBGINF) &&
544 550 ((shdr->sh_type == SHT_SUNW_DEBUG) ||
545 551 (shdr->sh_type == SHT_SUNW_DEBUGSTR) ||
546 - (is_in_list(str)))) {
552 + (shnam != NULL && is_in_list(shnam)))) {
547 553 EI->stripped |= E_DBGINF;
548 554 }
549 555 }
550 - free(section_name);
556 + free(strtab);
551 557
552 558 return (ELF_READ_OKAY);
553 559 }
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX