Print this page
5688 ELF tools need to be more careful with dwarf data
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/cmd/sgs/tools/common/leb128.c
+++ new/usr/src/cmd/sgs/tools/common/leb128.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
24 24 * Use is subject to license terms.
25 25 */
26 26
27 27 #include <stdio.h>
28 28 #include <dwarf.h>
29 29 #include <sys/types.h>
30 30 #include <sys/elf.h>
31 31
32 32 /*
33 33 * Little Endian Base 128 (LEB128) numbers.
34 34 * ----------------------------------------
35 35 *
36 36 * LEB128 is a scheme for encoding integers densely that exploits the
37 37 * assumption that most integers are small in magnitude. (This encoding
38 38 * is equally suitable whether the target machine architecture represents
39 39 * data in big-endian or little- endian
40 40 *
41 41 * Unsigned LEB128 numbers are encoded as follows: start at the low order
42 42 * end of an unsigned integer and chop it into 7-bit chunks. Place each
43 43 * chunk into the low order 7 bits of a byte. Typically, several of the
44 44 * high order bytes will be zero; discard them. Emit the remaining bytes in
45 45 * a stream, starting with the low order byte; set the high order bit on
46 46 * each byte except the last emitted byte. The high bit of zero on the last
47 47 * byte indicates to the decoder that it has encountered the last byte.
48 48 * The integer zero is a special case, consisting of a single zero byte.
49 49 *
50 50 * Signed, 2s complement LEB128 numbers are encoded in a similar except
51 51 * that the criterion for discarding high order bytes is not whether they
52 52 * are zero, but whether they consist entirely of sign extension bits.
53 53 * Consider the 32-bit integer -2. The three high level bytes of the number
54 54 * are sign extension, thus LEB128 would represent it as a single byte
55 55 * containing the low order 7 bits, with the high order bit cleared to
56 56 * indicate the end of the byte stream.
57 57 *
58 58 * Note that there is nothing within the LEB128 representation that
59 59 * indicates whether an encoded number is signed or unsigned. The decoder
60 60 * must know what type of number to expect.
61 61 *
62 62 * DWARF Exception Header Encoding
63 63 * -------------------------------
64 64 *
65 65 * The DWARF Exception Header Encoding is used to describe the type of data
66 66 * used in the .eh_frame_hdr section. The upper 4 bits indicate how the
67 67 * value is to be applied. The lower 4 bits indicate the format of the data.
68 68 *
69 69 * DWARF Exception Header value format
70 70 *
71 71 * Name Value Meaning
72 72 * DW_EH_PE_omit 0xff No value is present.
73 73 * DW_EH_PE_absptr 0x00 Value is a void*
74 74 * DW_EH_PE_uleb128 0x01 Unsigned value is encoded using the
75 75 * Little Endian Base 128 (LEB128)
76 76 * DW_EH_PE_udata2 0x02 A 2 bytes unsigned value.
77 77 * DW_EH_PE_udata4 0x03 A 4 bytes unsigned value.
78 78 * DW_EH_PE_udata8 0x04 An 8 bytes unsigned value.
79 79 * DW_EH_PE_signed 0x08 bit on for all signed encodings
80 80 * DW_EH_PE_sleb128 0x09 Signed value is encoded using the
81 81 * Little Endian Base 128 (LEB128)
82 82 * DW_EH_PE_sdata2 0x0A A 2 bytes signed value.
83 83 * DW_EH_PE_sdata4 0x0B A 4 bytes signed value.
84 84 * DW_EH_PE_sdata8 0x0C An 8 bytes signed value.
85 85 *
86 86 * DWARF Exception Header application
87 87 *
88 88 * Name Value Meaning
89 89 * DW_EH_PE_absptr 0x00 Value is used with no modification.
90 90 * DW_EH_PE_pcrel 0x10 Value is reletive to the location of itself
91 91 * DW_EH_PE_textrel 0x20
|
↓ open down ↓ |
91 lines elided |
↑ open up ↑ |
92 92 * DW_EH_PE_datarel 0x30 Value is reletive to the beginning of the
93 93 * eh_frame_hdr segment ( segment type
94 94 * PT_GNU_EH_FRAME )
95 95 * DW_EH_PE_funcrel 0x40
96 96 * DW_EH_PE_aligned 0x50 value is an aligned void*
97 97 * DW_EH_PE_indirect 0x80 bit to signal indirection after relocation
98 98 * DW_EH_PE_omit 0xff No value is present.
99 99 *
100 100 */
101 101
102 -uint64_t
103 -uleb_extract(unsigned char *data, uint64_t *dotp)
102 +dwarf_error_t
103 +uleb_extract(unsigned char *data, uint64_t *dotp, size_t len, uint64_t *ret)
104 104 {
105 105 uint64_t dot = *dotp;
106 106 uint64_t res = 0;
107 107 int more = 1;
108 108 int shift = 0;
109 109 int val;
110 110
111 111 data += dot;
112 112
113 113 while (more) {
114 + if (dot > len)
115 + return (DW_OVERFLOW);
116 +
114 117 /*
115 118 * Pull off lower 7 bits
116 119 */
117 120 val = (*data) & 0x7f;
118 121
119 122 /*
120 123 * Add prepend value to head of number.
121 124 */
122 125 res = res | (val << shift);
123 126
124 127 /*
125 128 * Increment shift & dot pointer
126 129 */
|
↓ open down ↓ |
3 lines elided |
↑ open up ↑ |
127 130 shift += 7;
128 131 dot++;
129 132
130 133 /*
131 134 * Check to see if hi bit is set - if not, this
132 135 * is the last byte.
133 136 */
134 137 more = ((*data++) & 0x80) >> 7;
135 138 }
136 139 *dotp = dot;
137 - return (res);
140 + *ret = res;
141 + return (DW_SUCCESS);
138 142 }
139 143
140 -int64_t
141 -sleb_extract(unsigned char *data, uint64_t *dotp)
144 +dwarf_error_t
145 +sleb_extract(unsigned char *data, uint64_t *dotp, size_t len, int64_t *ret)
142 146 {
143 147 uint64_t dot = *dotp;
144 148 int64_t res = 0;
145 149 int more = 1;
146 150 int shift = 0;
147 151 int val;
148 152
149 153 data += dot;
150 154
151 155 while (more) {
156 + if (dot > len)
157 + return (DW_OVERFLOW);
158 +
152 159 /*
153 160 * Pull off lower 7 bits
154 161 */
155 162 val = (*data) & 0x7f;
156 163
157 164 /*
158 165 * Add prepend value to head of number.
159 166 */
160 167 res = res | (val << shift);
161 168
162 169 /*
163 170 * Increment shift & dot pointer
164 171 */
165 172 shift += 7;
166 173 dot++;
167 174
168 175 /*
169 176 * Check to see if hi bit is set - if not, this
|
↓ open down ↓ |
8 lines elided |
↑ open up ↑ |
170 177 * is the last byte.
171 178 */
172 179 more = ((*data++) & 0x80) >> 7;
173 180 }
174 181 *dotp = dot;
175 182
176 183 /*
177 184 * Make sure value is properly sign extended.
178 185 */
179 186 res = (res << (64 - shift)) >> (64 - shift);
180 -
181 - return (res);
187 + *ret = res;
188 + return (DW_SUCCESS);
182 189 }
183 190
184 191 /*
185 192 * Extract a DWARF encoded datum
186 193 *
187 194 * entry:
188 195 * data - Base of data buffer containing encoded bytes
189 196 * dotp - Address of variable containing index within data
190 197 * at which the desired datum starts.
191 198 * ehe_flags - DWARF encoding
192 199 * eident - ELF header e_ident[] array for object being processed
193 200 * frame_hdr - Boolean, true if we're extracting from .eh_frame_hdr
194 201 * sh_base - Base address of ELF section containing desired datum
195 202 * sh_offset - Offset relative to sh_base of desired datum.
196 203 * dbase - The base address to which DW_EH_PE_datarel is relative
197 204 * (if frame_hdr is false)
198 205 */
199 -uint64_t
200 -dwarf_ehe_extract(unsigned char *data, uint64_t *dotp, uint_t ehe_flags,
201 - unsigned char *eident, boolean_t frame_hdr, uint64_t sh_base,
202 - uint64_t sh_offset, uint64_t dbase)
206 +dwarf_error_t
207 +dwarf_ehe_extract(unsigned char *data, size_t len, uint64_t *dotp,
208 + uint64_t *ret, uint_t ehe_flags, unsigned char *eident,
209 + boolean_t frame_hdr, uint64_t sh_base, uint64_t sh_offset,
210 + uint64_t dbase)
203 211 {
204 212 uint64_t dot = *dotp;
205 213 uint_t lsb;
206 214 uint_t wordsize;
207 215 uint_t fsize;
208 216 uint64_t result;
209 217
210 218 if (eident[EI_DATA] == ELFDATA2LSB)
211 219 lsb = 1;
212 220 else
213 221 lsb = 0;
214 222
215 223 if (eident[EI_CLASS] == ELFCLASS64)
216 224 wordsize = 8;
217 225 else
218 226 wordsize = 4;
219 227
220 228 switch (ehe_flags & 0x0f) {
221 229 case DW_EH_PE_omit:
222 - return (0);
230 + *ret = 0;
231 + return (DW_SUCCESS);
223 232 case DW_EH_PE_absptr:
224 233 fsize = wordsize;
225 234 break;
226 235 case DW_EH_PE_udata8:
227 236 case DW_EH_PE_sdata8:
228 237 fsize = 8;
229 238 break;
230 239 case DW_EH_PE_udata4:
231 240 case DW_EH_PE_sdata4:
232 241 fsize = 4;
233 242 break;
234 243 case DW_EH_PE_udata2:
235 244 case DW_EH_PE_sdata2:
236 245 fsize = 2;
237 246 break;
238 247 case DW_EH_PE_uleb128:
239 - return (uleb_extract(data, dotp));
248 + return (uleb_extract(data, dotp, len, ret));
240 249 case DW_EH_PE_sleb128:
241 - return ((uint64_t)sleb_extract(data, dotp));
250 + return (sleb_extract(data, dotp, len, (int64_t *)ret));
242 251 default:
243 - return (0);
252 + *ret = 0;
253 + return (DW_BAD_ENCODING);
244 254 }
245 255
246 256 if (lsb) {
247 257 /*
248 258 * Extract unaligned LSB formated data
249 259 */
250 260 uint_t cnt;
251 261
252 262 result = 0;
253 263 for (cnt = 0; cnt < fsize;
254 264 cnt++, dot++) {
255 265 uint64_t val;
266 +
267 + if (dot > len)
268 + return (DW_OVERFLOW);
256 269 val = data[dot];
257 270 result |= val << (cnt * 8);
258 271 }
259 272 } else {
260 273 /*
261 274 * Extract unaligned MSB formated data
262 275 */
263 276 uint_t cnt;
264 277 result = 0;
265 278 for (cnt = 0; cnt < fsize;
266 279 cnt++, dot++) {
267 - uint64_t val;
280 + uint64_t val;
281 +
282 + if (dot > len)
283 + return (DW_OVERFLOW);
268 284 val = data[dot];
269 285 result |= val << ((fsize - cnt - 1) * 8);
270 286 }
271 287 }
272 288 /*
273 289 * perform sign extension
274 290 */
275 291 if ((ehe_flags & DW_EH_PE_signed) &&
276 292 (fsize < sizeof (uint64_t))) {
277 293 int64_t sresult;
278 294 uint_t bitshift;
279 295 sresult = result;
280 296 bitshift = (sizeof (uint64_t) - fsize) * 8;
281 297 sresult = (sresult << bitshift) >> bitshift;
282 298 result = sresult;
283 299 }
284 300
285 301 /*
286 302 * If value is relative to a base address, adjust it
287 303 */
288 304 switch (ehe_flags & 0xf0) {
289 305 case DW_EH_PE_pcrel:
290 306 result += sh_base + sh_offset;
291 307 break;
292 308
293 309 /*
294 310 * datarel is relative to .eh_frame_hdr if within .eh_frame,
295 311 * but GOT if not.
296 312 */
297 313 case DW_EH_PE_datarel:
298 314 if (frame_hdr)
299 315 result += sh_base;
|
↓ open down ↓ |
22 lines elided |
↑ open up ↑ |
300 316 else
301 317 result += dbase;
302 318 break;
303 319 }
304 320
305 321 /* Truncate the result to its specified size */
306 322 result = (result << ((sizeof (uint64_t) - fsize) * 8)) >>
307 323 ((sizeof (uint64_t) - fsize) * 8);
308 324
309 325 *dotp = dot;
310 - return (result);
326 + *ret = result;
327 + return (DW_SUCCESS);
311 328 }
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX