1 /* $OpenBSD: elf.c,v 1.23 2013/11/26 13:19:07 deraadt Exp $ */ 2 3 /* 4 * Copyright (c) 2003 Michael Shalayeff 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 * IN NO EVENT SHALL THE AUTHOR OR HIS RELATIVES BE LIABLE FOR ANY DIRECT, 20 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 22 * SERVICES; LOSS OF MIND, USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 24 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 25 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 26 * THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 #include <sys/param.h> 30 #include <sys/mman.h> 31 #include <unistd.h> 32 #include <a.out.h> 33 #include <elf_abi.h> 34 #include <errno.h> 35 #include <err.h> 36 #include <stdio.h> 37 #include <stdlib.h> 38 #include <string.h> 39 #include <ctype.h> 40 #include "elfuncs.h" 41 #include "util.h" 42 43 #if ELFSIZE == 32 44 #define swap_addr swap32 45 #define swap_off swap32 46 #define swap_sword swap32 47 #define swap_word swap32 48 #define swap_sxword swap32 49 #define swap_xword swap32 50 #define swap_half swap16 51 #define swap_quarter swap16 52 #define elf_fix_header elf32_fix_header 53 #define elf_load_shdrs elf32_load_shdrs 54 #define elf_load_phdrs elf32_load_phdrs 55 #define elf_fix_shdrs elf32_fix_shdrs 56 #define elf_fix_phdrs elf32_fix_phdrs 57 #define elf_fix_sym elf32_fix_sym 58 #define elf_size elf32_size 59 #define elf_symloadx elf32_symloadx 60 #define elf_symload elf32_symload 61 #define elf2nlist elf32_2nlist 62 #define elf_shn2type elf32_shn2type 63 #elif ELFSIZE == 64 64 #define swap_addr swap64 65 #define swap_off swap64 66 #ifdef __alpha__ 67 #define swap_sword swap64 68 #define swap_word swap64 69 #else 70 #define swap_sword swap32 71 #define swap_word swap32 72 #endif 73 #define swap_sxword swap64 74 #define swap_xword swap64 75 #define swap_half swap64 76 #define swap_quarter swap16 77 #define elf_fix_header elf64_fix_header 78 #define elf_load_shdrs elf64_load_shdrs 79 #define elf_load_phdrs elf64_load_phdrs 80 #define elf_fix_shdrs elf64_fix_shdrs 81 #define elf_fix_phdrs elf64_fix_phdrs 82 #define elf_fix_sym elf64_fix_sym 83 #define elf_size elf64_size 84 #define elf_symloadx elf64_symloadx 85 #define elf_symload elf64_symload 86 #define elf2nlist elf64_2nlist 87 #define elf_shn2type elf64_shn2type 88 #else 89 #error "Unsupported ELF class" 90 #endif 91 92 #define ELF_SDATA ".sdata" 93 #define ELF_TDATA ".tdata" 94 #define ELF_SBSS ".sbss" 95 #define ELF_TBSS ".tbss" 96 #define ELF_PLT ".plt" 97 98 #ifndef SHN_MIPS_ACOMMON 99 #define SHN_MIPS_ACOMMON SHN_LOPROC + 0 100 #endif 101 #ifndef SHN_MIPS_TEXT 102 #define SHN_MIPS_TEXT SHN_LOPROC + 1 103 #endif 104 #ifndef SHN_MIPS_DATA 105 #define SHN_MIPS_DATA SHN_LOPROC + 2 106 #endif 107 #ifndef SHN_MIPS_SUNDEFINED 108 #define SHN_MIPS_SUNDEFINED SHN_LOPROC + 4 109 #endif 110 #ifndef SHN_MIPS_SCOMMON 111 #define SHN_MIPS_SCOMMON SHN_LOPROC + 3 112 #endif 113 114 #ifndef STT_PARISC_MILLI 115 #define STT_PARISC_MILLI STT_LOPROC + 0 116 #endif 117 118 int elf_shn2type(Elf_Ehdr *, u_int, const char *); 119 int elf2nlist(Elf_Sym *, Elf_Ehdr *, Elf_Shdr *, char *, struct nlist *); 120 121 int 122 elf_fix_header(Elf_Ehdr *eh) 123 { 124 /* nothing to do */ 125 if (eh->e_ident[EI_DATA] == ELF_TARG_DATA) 126 return (0); 127 128 eh->e_type = swap16(eh->e_type); 129 eh->e_machine = swap16(eh->e_machine); 130 eh->e_version = swap32(eh->e_version); 131 eh->e_entry = swap_addr(eh->e_entry); 132 eh->e_phoff = swap_off(eh->e_phoff); 133 eh->e_shoff = swap_off(eh->e_shoff); 134 eh->e_flags = swap32(eh->e_flags); 135 eh->e_ehsize = swap16(eh->e_ehsize); 136 eh->e_phentsize = swap16(eh->e_phentsize); 137 eh->e_phnum = swap16(eh->e_phnum); 138 eh->e_shentsize = swap16(eh->e_shentsize); 139 eh->e_shnum = swap16(eh->e_shnum); 140 eh->e_shstrndx = swap16(eh->e_shstrndx); 141 142 return (1); 143 } 144 145 Elf_Shdr * 146 elf_load_shdrs(const char *name, FILE *fp, off_t foff, Elf_Ehdr *head) 147 { 148 Elf_Shdr *shdr; 149 150 elf_fix_header(head); 151 152 if ((shdr = calloc(head->e_shentsize, head->e_shnum)) == NULL) { 153 warn("%s: malloc shdr", name); 154 return (NULL); 155 } 156 157 if (fseeko(fp, foff + head->e_shoff, SEEK_SET)) { 158 warn("%s: fseeko", name); 159 free(shdr); 160 return (NULL); 161 } 162 163 if (fread(shdr, head->e_shentsize, head->e_shnum, fp) != head->e_shnum) { 164 warnx("%s: premature EOF", name); 165 free(shdr); 166 return (NULL); 167 } 168 169 elf_fix_shdrs(head, shdr); 170 return (shdr); 171 } 172 173 Elf_Phdr * 174 elf_load_phdrs(const char *name, FILE *fp, off_t foff, Elf_Ehdr *head) 175 { 176 Elf_Phdr *phdr; 177 178 if ((phdr = calloc(head->e_phentsize, head->e_phnum)) == NULL) { 179 warn("%s: malloc phdr", name); 180 return (NULL); 181 } 182 183 if (fseeko(fp, foff + head->e_phoff, SEEK_SET)) { 184 warn("%s: fseeko", name); 185 free(phdr); 186 return (NULL); 187 } 188 189 if (fread(phdr, head->e_phentsize, head->e_phnum, fp) != head->e_phnum) { 190 warnx("%s: premature EOF", name); 191 free(phdr); 192 return (NULL); 193 } 194 195 elf_fix_phdrs(head, phdr); 196 return (phdr); 197 } 198 199 int 200 elf_fix_shdrs(Elf_Ehdr *eh, Elf_Shdr *shdr) 201 { 202 int i; 203 204 /* nothing to do */ 205 if (eh->e_ident[EI_DATA] == ELF_TARG_DATA) 206 return (0); 207 208 for (i = eh->e_shnum; i--; shdr++) { 209 shdr->sh_name = swap32(shdr->sh_name); 210 shdr->sh_type = swap32(shdr->sh_type); 211 shdr->sh_flags = swap_xword(shdr->sh_flags); 212 shdr->sh_addr = swap_addr(shdr->sh_addr); 213 shdr->sh_offset = swap_off(shdr->sh_offset); 214 shdr->sh_size = swap_xword(shdr->sh_size); 215 shdr->sh_link = swap32(shdr->sh_link); 216 shdr->sh_info = swap32(shdr->sh_info); 217 shdr->sh_addralign = swap_xword(shdr->sh_addralign); 218 shdr->sh_entsize = swap_xword(shdr->sh_entsize); 219 } 220 221 return (1); 222 } 223 224 int 225 elf_fix_phdrs(Elf_Ehdr *eh, Elf_Phdr *phdr) 226 { 227 int i; 228 229 /* nothing to do */ 230 if (eh->e_ident[EI_DATA] == ELF_TARG_DATA) 231 return (0); 232 233 for (i = eh->e_phnum; i--; phdr++) { 234 phdr->p_type = swap32(phdr->p_type); 235 phdr->p_flags = swap32(phdr->p_flags); 236 phdr->p_offset = swap_off(phdr->p_offset); 237 phdr->p_vaddr = swap_addr(phdr->p_vaddr); 238 phdr->p_paddr = swap_addr(phdr->p_paddr); 239 phdr->p_filesz = swap_xword(phdr->p_filesz); 240 phdr->p_memsz = swap_xword(phdr->p_memsz); 241 phdr->p_align = swap_xword(phdr->p_align); 242 } 243 244 return (1); 245 } 246 247 int 248 elf_fix_sym(Elf_Ehdr *eh, Elf_Sym *sym) 249 { 250 /* nothing to do */ 251 if (eh->e_ident[EI_DATA] == ELF_TARG_DATA) 252 return (0); 253 254 sym->st_name = swap32(sym->st_name); 255 sym->st_shndx = swap16(sym->st_shndx); 256 sym->st_value = swap_addr(sym->st_value); 257 sym->st_size = swap_xword(sym->st_size); 258 259 return (1); 260 } 261 262 int 263 elf_shn2type(Elf_Ehdr *eh, u_int shn, const char *sn) 264 { 265 switch (shn) { 266 case SHN_MIPS_SUNDEFINED: 267 if (eh->e_machine == EM_MIPS) 268 return (N_UNDF | N_EXT); 269 break; 270 271 case SHN_UNDEF: 272 return (N_UNDF | N_EXT); 273 274 case SHN_ABS: 275 return (N_ABS); 276 277 case SHN_MIPS_ACOMMON: 278 if (eh->e_machine == EM_MIPS) 279 return (N_COMM); 280 break; 281 282 case SHN_MIPS_SCOMMON: 283 if (eh->e_machine == EM_MIPS) 284 return (N_COMM); 285 break; 286 287 case SHN_COMMON: 288 return (N_COMM); 289 290 case SHN_MIPS_TEXT: 291 if (eh->e_machine == EM_MIPS) 292 return (N_TEXT); 293 break; 294 295 case SHN_MIPS_DATA: 296 if (eh->e_machine == EM_MIPS) 297 return (N_DATA); 298 break; 299 300 default: 301 /* TODO: beyond 8 a table-driven binsearch should be used */ 302 if (sn == NULL) 303 return (-1); 304 else if (!strcmp(sn, ELF_TEXT)) 305 return (N_TEXT); 306 else if (!strcmp(sn, ELF_RODATA)) 307 return (N_SIZE); 308 else if (!strcmp(sn, ELF_DATA)) 309 return (N_DATA); 310 else if (!strcmp(sn, ELF_SDATA)) 311 return (N_DATA); 312 else if (!strcmp(sn, ELF_TDATA)) 313 return (N_DATA); 314 else if (!strcmp(sn, ELF_BSS)) 315 return (N_BSS); 316 else if (!strcmp(sn, ELF_SBSS)) 317 return (N_BSS); 318 else if (!strcmp(sn, ELF_TBSS)) 319 return (N_BSS); 320 else if (!strncmp(sn, ELF_GOT, sizeof(ELF_GOT) - 1)) 321 return (N_DATA); 322 else if (!strncmp(sn, ELF_PLT, sizeof(ELF_PLT) - 1)) 323 return (N_DATA); 324 } 325 326 return (-1); 327 } 328 329 /* 330 * Devise nlist's type from Elf_Sym. 331 * XXX this task is done as well in libc and kvm_mkdb. 332 */ 333 int 334 elf2nlist(Elf_Sym *sym, Elf_Ehdr *eh, Elf_Shdr *shdr, char *shstr, struct nlist *np) 335 { 336 u_char stt; 337 const char *sn; 338 int type; 339 340 if (sym->st_shndx < eh->e_shnum) 341 sn = shstr + shdr[sym->st_shndx].sh_name; 342 else 343 sn = NULL; 344 #if 0 345 { 346 extern char *stab; 347 printf("%d:%s %d %d %s\n", sym->st_shndx, sn? sn : "", 348 ELF_ST_TYPE(sym->st_info), ELF_ST_BIND(sym->st_info), 349 stab + sym->st_name); 350 } 351 #endif 352 353 switch (stt = ELF_ST_TYPE(sym->st_info)) { 354 case STT_NOTYPE: 355 case STT_OBJECT: 356 case STT_TLS: 357 type = elf_shn2type(eh, sym->st_shndx, sn); 358 if (type < 0) { 359 if (sn == NULL) 360 np->n_other = '?'; 361 else 362 np->n_type = stt == STT_NOTYPE? N_COMM : N_DATA; 363 } else { 364 /* a hack for .rodata check (; */ 365 if (type == N_SIZE) { 366 np->n_type = N_DATA; 367 np->n_other = 'r'; 368 } else 369 np->n_type = type; 370 } 371 if (ELF_ST_BIND(sym->st_info) == STB_WEAK) 372 np->n_other = 'W'; 373 break; 374 375 case STT_FUNC: 376 type = elf_shn2type(eh, sym->st_shndx, NULL); 377 np->n_type = type < 0? N_TEXT : type; 378 if (ELF_ST_BIND(sym->st_info) == STB_WEAK) { 379 np->n_type = N_INDR; 380 np->n_other = 'W'; 381 } else if (sn != NULL && *sn != 0 && 382 strcmp(sn, ELF_INIT) && 383 strcmp(sn, ELF_TEXT) && 384 strcmp(sn, ELF_FINI)) /* XXX GNU compat */ 385 np->n_other = '?'; 386 break; 387 388 case STT_SECTION: 389 type = elf_shn2type(eh, sym->st_shndx, NULL); 390 if (type < 0) 391 np->n_other = '?'; 392 else 393 np->n_type = type; 394 break; 395 396 case STT_FILE: 397 np->n_type = N_FN | N_EXT; 398 break; 399 400 case STT_PARISC_MILLI: 401 if (eh->e_machine == EM_PARISC) 402 np->n_type = N_TEXT; 403 else 404 np->n_other = '?'; 405 break; 406 407 default: 408 np->n_other = '?'; 409 break; 410 } 411 if (np->n_type != N_UNDF && ELF_ST_BIND(sym->st_info) != STB_LOCAL) { 412 np->n_type |= N_EXT; 413 if (np->n_other) 414 np->n_other = toupper((unsigned char)np->n_other); 415 } 416 417 return (0); 418 } 419 420 int 421 elf_size(Elf_Ehdr *head, Elf_Shdr *shdr, 422 u_long *ptext, u_long *pdata, u_long *pbss) 423 { 424 int i; 425 426 *ptext = *pdata = *pbss = 0; 427 428 for (i = 0; i < head->e_shnum; i++) { 429 if (!(shdr[i].sh_flags & SHF_ALLOC)) 430 ; 431 else if (shdr[i].sh_flags & SHF_EXECINSTR || 432 !(shdr[i].sh_flags & SHF_WRITE)) 433 *ptext += shdr[i].sh_size; 434 else if (shdr[i].sh_type == SHT_NOBITS) 435 *pbss += shdr[i].sh_size; 436 else 437 *pdata += shdr[i].sh_size; 438 } 439 440 return (0); 441 } 442 443 int 444 elf_symloadx(const char *name, FILE *fp, off_t foff, Elf_Ehdr *eh, 445 Elf_Shdr *shdr, char *shstr, struct nlist **pnames, 446 struct nlist ***psnames, size_t *pstabsize, int *pnrawnames, 447 const char *strtab, const char *symtab) 448 { 449 long symsize; 450 struct nlist *np; 451 Elf_Sym sbuf; 452 int i; 453 454 for (i = 0; i < eh->e_shnum; i++) { 455 if (!strcmp(shstr + shdr[i].sh_name, strtab)) { 456 *pstabsize = shdr[i].sh_size; 457 if (*pstabsize > SIZE_T_MAX) { 458 warnx("%s: corrupt file", name); 459 return (1); 460 } 461 462 MMAP(stab, *pstabsize, PROT_READ, MAP_PRIVATE|MAP_FILE, 463 fileno(fp), foff + shdr[i].sh_offset); 464 if (stab == MAP_FAILED) 465 return (1); 466 } 467 } 468 for (i = 0; i < eh->e_shnum; i++) { 469 if (!strcmp(shstr + shdr[i].sh_name, symtab)) { 470 symsize = shdr[i].sh_size; 471 if (fseeko(fp, foff + shdr[i].sh_offset, SEEK_SET)) { 472 warn("%s: fseeko", name); 473 if (stab) 474 MUNMAP(stab, *pstabsize); 475 return (1); 476 } 477 478 *pnrawnames = symsize / sizeof(sbuf); 479 if ((*pnames = calloc(*pnrawnames, sizeof(*np))) == NULL) { 480 warn("%s: malloc names", name); 481 if (stab) 482 MUNMAP(stab, *pstabsize); 483 return (1); 484 } 485 if ((*psnames = calloc(*pnrawnames, sizeof(np))) == NULL) { 486 warn("%s: malloc snames", name); 487 if (stab) 488 MUNMAP(stab, *pstabsize); 489 free(*pnames); 490 return (1); 491 } 492 493 for (np = *pnames; symsize > 0; symsize -= sizeof(sbuf)) { 494 if (fread(&sbuf, 1, sizeof(sbuf), 495 fp) != sizeof(sbuf)) { 496 warn("%s: read symbol", name); 497 if (stab) 498 MUNMAP(stab, *pstabsize); 499 free(*pnames); 500 free(*psnames); 501 return (1); 502 } 503 504 elf_fix_sym(eh, &sbuf); 505 506 if (!sbuf.st_name || 507 sbuf.st_name > *pstabsize) 508 continue; 509 510 elf2nlist(&sbuf, eh, shdr, shstr, np); 511 np->n_value = sbuf.st_value; 512 np->n_un.n_strx = sbuf.st_name; 513 np++; 514 } 515 *pnrawnames = np - *pnames; 516 } 517 } 518 return (0); 519 } 520 521 int 522 elf_symload(const char *name, FILE *fp, off_t foff, Elf_Ehdr *eh, 523 Elf_Shdr *shdr, struct nlist **pnames, struct nlist ***psnames, 524 size_t *pstabsize, int *pnrawnames) 525 { 526 long shstrsize; 527 char *shstr; 528 529 shstrsize = shdr[eh->e_shstrndx].sh_size; 530 if (shstrsize == 0) { 531 warnx("%s: no name list", name); 532 return (1); 533 } 534 535 if ((shstr = malloc(shstrsize)) == NULL) { 536 warn("%s: malloc shsrt", name); 537 return (1); 538 } 539 540 if (fseeko(fp, foff + shdr[eh->e_shstrndx].sh_offset, SEEK_SET)) { 541 warn("%s: fseeko", name); 542 free(shstr); 543 return (1); 544 } 545 546 if (fread(shstr, 1, shstrsize, fp) != shstrsize) { 547 warnx("%s: premature EOF", name); 548 free(shstr); 549 return(1); 550 } 551 552 stab = NULL; 553 *pnames = NULL; *psnames = NULL; 554 elf_symloadx(name, fp, foff, eh, shdr, shstr, pnames, 555 psnames, pstabsize, pnrawnames, ELF_STRTAB, ELF_SYMTAB); 556 if (stab == NULL) { 557 elf_symloadx(name, fp, foff, eh, shdr, shstr, pnames, 558 psnames, pstabsize, pnrawnames, ELF_DYNSTR, ELF_DYNSYM); 559 } 560 561 free(shstr); 562 if (stab == NULL) { 563 warnx("%s: no name list", name); 564 if (*pnames) 565 free(*pnames); 566 if (*psnames) 567 free(*psnames); 568 return (1); 569 } 570 571 return (0); 572 } 573