1 /* ELF core file support for BFD. 2 Copyright (C) 1995-2020 Free Software Foundation, Inc. 3 4 This file is part of BFD, the Binary File Descriptor library. 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License as published by 8 the Free Software Foundation; either version 3 of the License, or 9 (at your option) any later version. 10 11 This program is distributed in the hope that it will be useful, 12 but WITHOUT ANY WARRANTY; without even the implied warranty of 13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 GNU General Public License for more details. 15 16 You should have received a copy of the GNU General Public License 17 along with this program; if not, write to the Free Software 18 Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, 19 MA 02110-1301, USA. */ 20 21 char* 22 elf_core_file_failing_command (bfd *abfd) 23 { 24 return elf_tdata (abfd)->core->command; 25 } 26 27 int 28 elf_core_file_failing_signal (bfd *abfd) 29 { 30 return elf_tdata (abfd)->core->signal; 31 } 32 33 int 34 elf_core_file_pid (bfd *abfd) 35 { 36 return elf_tdata (abfd)->core->pid; 37 } 38 39 bfd_boolean 40 elf_core_file_matches_executable_p (bfd *core_bfd, bfd *exec_bfd) 41 { 42 char* corename; 43 44 /* xvecs must match if both are ELF files for the same target. */ 45 46 if (core_bfd->xvec != exec_bfd->xvec) 47 { 48 bfd_set_error (bfd_error_system_call); 49 return FALSE; 50 } 51 52 /* If both BFDs have identical build-ids, then they match. */ 53 if (core_bfd->build_id != NULL 54 && exec_bfd->build_id != NULL 55 && core_bfd->build_id->size == exec_bfd->build_id->size 56 && memcmp (core_bfd->build_id->data, exec_bfd->build_id->data, 57 core_bfd->build_id->size) == 0) 58 return TRUE; 59 60 /* See if the name in the corefile matches the executable name. */ 61 corename = elf_tdata (core_bfd)->core->program; 62 if (corename != NULL) 63 { 64 const char* execname = strrchr (bfd_get_filename (exec_bfd), '/'); 65 66 execname = execname ? execname + 1 : bfd_get_filename (exec_bfd); 67 68 if (strcmp (execname, corename) != 0) 69 return FALSE; 70 } 71 72 return TRUE; 73 } 74 75 /* Core files are simply standard ELF formatted files that partition 76 the file using the execution view of the file (program header table) 77 rather than the linking view. In fact, there is no section header 78 table in a core file. 79 80 The process status information (including the contents of the general 81 register set) and the floating point register set are stored in a 82 segment of type PT_NOTE. We handcraft a couple of extra bfd sections 83 that allow standard bfd access to the general registers (.reg) and the 84 floating point registers (.reg2). */ 85 86 bfd_cleanup 87 elf_core_file_p (bfd *abfd) 88 { 89 Elf_External_Ehdr x_ehdr; /* Elf file header, external form. */ 90 Elf_Internal_Ehdr *i_ehdrp; /* Elf file header, internal form. */ 91 Elf_Internal_Phdr *i_phdrp; /* Elf program header, internal form. */ 92 unsigned int phindex; 93 const struct elf_backend_data *ebd; 94 bfd_size_type amt; 95 96 /* Read in the ELF header in external format. */ 97 if (bfd_bread (&x_ehdr, sizeof (x_ehdr), abfd) != sizeof (x_ehdr)) 98 { 99 if (bfd_get_error () != bfd_error_system_call) 100 goto wrong; 101 else 102 goto fail; 103 } 104 105 /* Check the magic number. */ 106 if (! elf_file_p (&x_ehdr)) 107 goto wrong; 108 109 /* FIXME: Check EI_VERSION here ! */ 110 111 /* Check the address size ("class"). */ 112 if (x_ehdr.e_ident[EI_CLASS] != ELFCLASS) 113 goto wrong; 114 115 /* Check the byteorder. */ 116 switch (x_ehdr.e_ident[EI_DATA]) 117 { 118 case ELFDATA2MSB: /* Big-endian. */ 119 if (! bfd_big_endian (abfd)) 120 goto wrong; 121 break; 122 case ELFDATA2LSB: /* Little-endian. */ 123 if (! bfd_little_endian (abfd)) 124 goto wrong; 125 break; 126 default: 127 goto wrong; 128 } 129 130 /* Give abfd an elf_obj_tdata. */ 131 if (! (*abfd->xvec->_bfd_set_format[bfd_core]) (abfd)) 132 goto fail; 133 134 /* Swap in the rest of the header, now that we have the byte order. */ 135 i_ehdrp = elf_elfheader (abfd); 136 elf_swap_ehdr_in (abfd, &x_ehdr, i_ehdrp); 137 138 #if DEBUG & 1 139 elf_debug_file (i_ehdrp); 140 #endif 141 142 ebd = get_elf_backend_data (abfd); 143 144 /* Check that the ELF e_machine field matches what this particular 145 BFD format expects. */ 146 147 if (ebd->elf_machine_code != i_ehdrp->e_machine 148 && (ebd->elf_machine_alt1 == 0 149 || i_ehdrp->e_machine != ebd->elf_machine_alt1) 150 && (ebd->elf_machine_alt2 == 0 151 || i_ehdrp->e_machine != ebd->elf_machine_alt2)) 152 { 153 const bfd_target * const *target_ptr; 154 155 if (ebd->elf_machine_code != EM_NONE) 156 goto wrong; 157 158 /* This is the generic ELF target. Let it match any ELF target 159 for which we do not have a specific backend. */ 160 161 for (target_ptr = bfd_target_vector; *target_ptr != NULL; target_ptr++) 162 { 163 const struct elf_backend_data *back; 164 165 if ((*target_ptr)->flavour != bfd_target_elf_flavour) 166 continue; 167 back = xvec_get_elf_backend_data (*target_ptr); 168 if (back->s->arch_size != ARCH_SIZE) 169 continue; 170 if (back->elf_machine_code == i_ehdrp->e_machine 171 || (back->elf_machine_alt1 != 0 172 && i_ehdrp->e_machine == back->elf_machine_alt1) 173 || (back->elf_machine_alt2 != 0 174 && i_ehdrp->e_machine == back->elf_machine_alt2)) 175 { 176 /* target_ptr is an ELF backend which matches this 177 object file, so reject the generic ELF target. */ 178 goto wrong; 179 } 180 } 181 } 182 183 /* If there is no program header, or the type is not a core file, then 184 we are hosed. */ 185 if (i_ehdrp->e_phoff == 0 || i_ehdrp->e_type != ET_CORE) 186 goto wrong; 187 188 /* Does BFD's idea of the phdr size match the size 189 recorded in the file? */ 190 if (i_ehdrp->e_phentsize != sizeof (Elf_External_Phdr)) 191 goto wrong; 192 193 /* If the program header count is PN_XNUM(0xffff), the actual 194 count is in the first section header. */ 195 if (i_ehdrp->e_shoff != 0 && i_ehdrp->e_phnum == PN_XNUM) 196 { 197 Elf_External_Shdr x_shdr; 198 Elf_Internal_Shdr i_shdr; 199 file_ptr where = (file_ptr) i_ehdrp->e_shoff; 200 201 /* Seek to the section header table in the file. */ 202 if (bfd_seek (abfd, where, SEEK_SET) != 0) 203 goto fail; 204 205 /* Read the first section header at index 0, and convert to internal 206 form. */ 207 if (bfd_bread (&x_shdr, sizeof (x_shdr), abfd) != sizeof (x_shdr)) 208 goto fail; 209 elf_swap_shdr_in (abfd, &x_shdr, &i_shdr); 210 211 if (i_shdr.sh_info != 0) 212 { 213 i_ehdrp->e_phnum = i_shdr.sh_info; 214 if (i_ehdrp->e_phnum != i_shdr.sh_info) 215 goto wrong; 216 } 217 } 218 219 /* Sanity check that we can read all of the program headers. 220 It ought to be good enough to just read the last one. */ 221 if (i_ehdrp->e_phnum > 1) 222 { 223 Elf_External_Phdr x_phdr; 224 Elf_Internal_Phdr i_phdr; 225 file_ptr where; 226 227 /* Check that we don't have a totally silly number of 228 program headers. */ 229 if (i_ehdrp->e_phnum > (unsigned int) -1 / sizeof (x_phdr) 230 || i_ehdrp->e_phnum > (unsigned int) -1 / sizeof (i_phdr)) 231 goto wrong; 232 233 where = (file_ptr)(i_ehdrp->e_phoff + (i_ehdrp->e_phnum - 1) * sizeof (x_phdr)); 234 if ((bfd_size_type) where <= i_ehdrp->e_phoff) 235 goto wrong; 236 237 if (bfd_seek (abfd, where, SEEK_SET) != 0) 238 goto fail; 239 if (bfd_bread (&x_phdr, sizeof (x_phdr), abfd) != sizeof (x_phdr)) 240 goto fail; 241 } 242 243 /* Move to the start of the program headers. */ 244 if (bfd_seek (abfd, (file_ptr) i_ehdrp->e_phoff, SEEK_SET) != 0) 245 goto wrong; 246 247 /* Allocate space for the program headers. */ 248 amt = sizeof (*i_phdrp) * i_ehdrp->e_phnum; 249 i_phdrp = (Elf_Internal_Phdr *) bfd_alloc (abfd, amt); 250 if (!i_phdrp) 251 goto fail; 252 253 elf_tdata (abfd)->phdr = i_phdrp; 254 255 /* Read and convert to internal form. */ 256 for (phindex = 0; phindex < i_ehdrp->e_phnum; ++phindex) 257 { 258 Elf_External_Phdr x_phdr; 259 260 if (bfd_bread (&x_phdr, sizeof (x_phdr), abfd) != sizeof (x_phdr)) 261 goto fail; 262 263 elf_swap_phdr_in (abfd, &x_phdr, i_phdrp + phindex); 264 } 265 266 /* Set the machine architecture. Do this before processing the 267 program headers since we need to know the architecture type 268 when processing the notes of some systems' core files. */ 269 if (! bfd_default_set_arch_mach (abfd, ebd->arch, 0) 270 /* It's OK if this fails for the generic target. */ 271 && ebd->elf_machine_code != EM_NONE) 272 goto fail; 273 274 /* Let the backend double check the format and override global 275 information. We do this before processing the program headers 276 to allow the correct machine (as opposed to just the default 277 machine) to be set, making it possible for grok_prstatus and 278 grok_psinfo to rely on the mach setting. */ 279 if (ebd->elf_backend_object_p != NULL 280 && ! ebd->elf_backend_object_p (abfd)) 281 goto wrong; 282 283 /* Process each program header. */ 284 for (phindex = 0; phindex < i_ehdrp->e_phnum; ++phindex) 285 if (! bfd_section_from_phdr (abfd, i_phdrp + phindex, (int) phindex)) 286 goto fail; 287 288 /* Check for core truncation. */ 289 { 290 bfd_size_type high = 0; 291 struct stat statbuf; 292 for (phindex = 0; phindex < i_ehdrp->e_phnum; ++phindex) 293 { 294 Elf_Internal_Phdr *p = i_phdrp + phindex; 295 if (p->p_filesz) 296 { 297 bfd_size_type current = p->p_offset + p->p_filesz; 298 if (high < current) 299 high = current; 300 } 301 } 302 if (bfd_stat (abfd, &statbuf) == 0) 303 { 304 if ((bfd_size_type) statbuf.st_size < high) 305 { 306 _bfd_error_handler 307 /* xgettext:c-format */ 308 (_("warning: %pB is truncated: expected core file " 309 "size >= %" PRIu64 ", found: %" PRIu64), 310 abfd, (uint64_t) high, (uint64_t) statbuf.st_size); 311 } 312 } 313 } 314 315 /* Save the entry point from the ELF header. */ 316 abfd->start_address = i_ehdrp->e_entry; 317 return _bfd_no_cleanup; 318 319 wrong: 320 bfd_set_error (bfd_error_wrong_format); 321 fail: 322 return NULL; 323 } 324 325 /* Attempt to find a build-id in a core file from the core file BFD. 326 OFFSET is the file offset to a PT_LOAD segment that may contain 327 the build-id note. Returns TRUE upon success, FALSE otherwise. */ 328 329 bfd_boolean 330 NAME(_bfd_elf, core_find_build_id) 331 (bfd *abfd, 332 bfd_vma offset) 333 { 334 Elf_External_Ehdr x_ehdr; /* Elf file header, external form. */ 335 Elf_Internal_Ehdr i_ehdr; /* Elf file header, internal form. */ 336 Elf_Internal_Phdr *i_phdr; 337 unsigned int i; 338 size_t amt; 339 340 /* Seek to the position of the segment at OFFSET. */ 341 if (bfd_seek (abfd, offset, SEEK_SET) != 0) 342 goto fail; 343 344 /* Read in the ELF header in external format. */ 345 if (bfd_bread (&x_ehdr, sizeof (x_ehdr), abfd) != sizeof (x_ehdr)) 346 { 347 if (bfd_get_error () != bfd_error_system_call) 348 goto wrong; 349 else 350 goto fail; 351 } 352 353 /* Now check to see if we have a valid ELF file, and one that BFD can 354 make use of. The magic number must match, the address size ('class') 355 and byte-swapping must match our XVEC entry, and it must have a 356 section header table (FIXME: See comments re sections at top of this 357 file). */ 358 if (! elf_file_p (&x_ehdr) 359 || x_ehdr.e_ident[EI_VERSION] != EV_CURRENT 360 || x_ehdr.e_ident[EI_CLASS] != ELFCLASS) 361 goto wrong; 362 363 /* Check that file's byte order matches xvec's. */ 364 switch (x_ehdr.e_ident[EI_DATA]) 365 { 366 case ELFDATA2MSB: /* Big-endian. */ 367 if (! bfd_header_big_endian (abfd)) 368 goto wrong; 369 break; 370 case ELFDATA2LSB: /* Little-endian. */ 371 if (! bfd_header_little_endian (abfd)) 372 goto wrong; 373 break; 374 case ELFDATANONE: /* No data encoding specified. */ 375 default: /* Unknown data encoding specified . */ 376 goto wrong; 377 } 378 379 elf_swap_ehdr_in (abfd, &x_ehdr, &i_ehdr); 380 #if DEBUG 381 elf_debug_file (&i_ehdr); 382 #endif 383 384 if (i_ehdr.e_phentsize != sizeof (Elf_External_Phdr) || i_ehdr.e_phnum == 0) 385 goto fail; 386 387 /* Read in program headers. */ 388 if (_bfd_mul_overflow (i_ehdr.e_phnum, sizeof (*i_phdr), &amt)) 389 { 390 bfd_set_error (bfd_error_file_too_big); 391 goto fail; 392 } 393 i_phdr = (Elf_Internal_Phdr *) bfd_alloc (abfd, amt); 394 if (i_phdr == NULL) 395 goto fail; 396 397 if (bfd_seek (abfd, (file_ptr) (offset + i_ehdr.e_phoff), SEEK_SET) != 0) 398 goto fail; 399 400 /* Read in program headers and parse notes. */ 401 for (i = 0; i < i_ehdr.e_phnum; ++i, ++i_phdr) 402 { 403 Elf_External_Phdr x_phdr; 404 405 if (bfd_bread (&x_phdr, sizeof (x_phdr), abfd) != sizeof (x_phdr)) 406 goto fail; 407 elf_swap_phdr_in (abfd, &x_phdr, i_phdr); 408 409 if (i_phdr->p_type == PT_NOTE && i_phdr->p_filesz > 0) 410 { 411 elf_read_notes (abfd, offset + i_phdr->p_offset, 412 i_phdr->p_filesz, i_phdr->p_align); 413 if (abfd->build_id != NULL) 414 return TRUE; 415 } 416 } 417 418 /* Having gotten this far, we have a valid ELF section, but no 419 build-id was found. */ 420 goto fail; 421 422 wrong: 423 bfd_set_error (bfd_error_wrong_format); 424 fail: 425 return FALSE; 426 } 427