1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 /* 28 * Dump an elf file. 29 */ 30 #include <stddef.h> 31 #include <sys/elf_386.h> 32 #include <sys/elf_amd64.h> 33 #include <sys/elf_SPARC.h> 34 #include <_libelf.h> 35 #include <dwarf.h> 36 #include <stdio.h> 37 #include <unistd.h> 38 #include <errno.h> 39 #include <strings.h> 40 #include <debug.h> 41 #include <conv.h> 42 #include <msg.h> 43 #include <_elfdump.h> 44 45 46 /* 47 * VERSYM_STATE is used to maintain information about the VERSYM section 48 * in the object being analyzed. It is filled in by versions(), and used 49 * by init_symtbl_state() when displaying symbol information. 50 * 51 * There are three forms of symbol versioning known to us: 52 * 53 * 1) The original form, introduced with Solaris 2.5, in which 54 * the Versym contains indexes to Verdef records, and the 55 * Versym values for UNDEF symbols resolved by other objects 56 * are all set to 0. 57 * 2) The GNU form, which is backward compatible with the original 58 * Solaris form, but which adds several extensions: 59 * - The Versym also contains indexes to Verneed records, recording 60 * which object/version contributed the external symbol at 61 * link time. These indexes start with the next value following 62 * the final Verdef index. The index is written to the previously 63 * reserved vna_other field of the ELF Vernaux structure. 64 * - The top bit of the Versym value is no longer part of the index, 65 * but is used as a "hidden bit" to prevent binding to the symbol. 66 * - Multiple implementations of a given symbol, contained in varying 67 * versions are allowed, using special assembler pseudo ops, 68 * and encoded in the symbol name using '@' characters. 69 * 3) Modified Solaris form, in which we adopt the first GNU extension 70 * (Versym indexes to Verneed records), but not the others. 71 * 72 * elfdump can handle any of these cases. The presence of a DT_VERSYM 73 * dynamic element indicates a full GNU object. An object that lacks 74 * a DT_VERSYM entry, but which has non-zero vna_other fields in the Vernaux 75 * structures is a modified Solaris object. An object that has neither of 76 * these uses the original form. 77 * 78 * max_verndx contains the largest version index that can appear 79 * in a Versym entry. This can never be less than 1: In the case where 80 * there is no verdef/verneed sections, the [0] index is reserved 81 * for local symbols, and the [1] index for globals. If the original 82 * Solaris versioning rules are in effect and there is a verdef section, 83 * then max_verndex is the number of defined versions. If one of the 84 * other versioning forms is in effect, then: 85 * 1) If there is no verneed section, it is the same as for 86 * original Solaris versioning. 87 * 2) If there is a verneed section, the vna_other field of the 88 * Vernaux structs contain versions, and max_verndx is the 89 * largest such index. 90 * 91 * If gnu_full is True, the object uses the full GNU form of versioning. 92 * The value of the gnu_full field is based on the presence of 93 * a DT_VERSYM entry in the dynamic section: GNU ld produces these, and 94 * Solaris ld does not. 95 * 96 * The gnu_needed field is True if the Versym contains indexes to 97 * Verneed records, as indicated by non-zero vna_other fields in the Verneed 98 * section. If gnu_full is True, then gnu_needed will always be true. 99 * However, gnu_needed can be true without gnu_full. This is the modified 100 * Solaris form. 101 */ 102 typedef struct { 103 Cache *cache; /* Pointer to cache entry for VERSYM */ 104 Versym *data; /* Pointer to versym array */ 105 int gnu_full; /* True if object uses GNU versioning rules */ 106 int gnu_needed; /* True if object uses VERSYM indexes for */ 107 /* VERNEED (subset of gnu_full) */ 108 int max_verndx; /* largest versym index value */ 109 } VERSYM_STATE; 110 111 /* 112 * SYMTBL_STATE is used to maintain information about a single symbol 113 * table section, for use by the routines that display symbol information. 114 */ 115 typedef struct { 116 const char *file; /* Name of file */ 117 Ehdr *ehdr; /* ELF header for file */ 118 Cache *cache; /* Cache of all section headers */ 119 uchar_t osabi; /* OSABI to use */ 120 Word shnum; /* # of sections in cache */ 121 Cache *seccache; /* Cache of symbol table section hdr */ 122 Word secndx; /* Index of symbol table section hdr */ 123 const char *secname; /* Name of section */ 124 uint_t flags; /* Command line option flags */ 125 struct { /* Extended section index data */ 126 int checked; /* TRUE if already checked for shxndx */ 127 Word *data; /* NULL, or extended section index */ 128 /* used for symbol table entries */ 129 uint_t n; /* # items in shxndx.data */ 130 } shxndx; 131 VERSYM_STATE *versym; /* NULL, or associated VERSYM section */ 132 Sym *sym; /* Array of symbols */ 133 Word symn; /* # of symbols */ 134 } SYMTBL_STATE; 135 136 /* 137 * A variable of this type is used to track information related to 138 * .eh_frame and .eh_frame_hdr sections across calls to unwind_eh_frame(). 139 */ 140 typedef struct { 141 Word frame_cnt; /* # .eh_frame sections seen */ 142 Word frame_ndx; /* Section index of 1st .eh_frame */ 143 Word hdr_cnt; /* # .eh_frame_hdr sections seen */ 144 Word hdr_ndx; /* Section index of 1st .eh_frame_hdr */ 145 uint64_t frame_ptr; /* Value of FramePtr field from first */ 146 /* .eh_frame_hdr section */ 147 uint64_t frame_base; /* Data addr of 1st .eh_frame */ 148 } gnu_eh_state_t; 149 150 /* 151 * C++ .exception_ranges entries make use of the signed ptrdiff_t 152 * type to record self-relative pointer values. We need a type 153 * for this that is matched to the ELFCLASS being processed. 154 */ 155 #if defined(_ELF64) 156 typedef int64_t PTRDIFF_T; 157 #else 158 typedef int32_t PTRDIFF_T; 159 #endif 160 161 /* 162 * The Sun C++ ABI uses this struct to define each .exception_ranges 163 * entry. From the ABI: 164 * 165 * The field ret_addr is a self relative pointer to the start of the address 166 * range. The name was chosen because in the current implementation the range 167 * typically starts at the return address for a call site. 168 * 169 * The field length is the difference, in bytes, between the pc of the last 170 * instruction covered by the exception range and the first. When only a 171 * single call site is represented without optimization, this will equal zero. 172 * 173 * The field handler_addr is a relative pointer which stores the difference 174 * between the start of the exception range and the address of all code to 175 * catch exceptions and perform the cleanup for stack unwinding. 176 * 177 * The field type_block is a relative pointer which stores the difference 178 * between the start of the exception range and the address of an array used 179 * for storing a list of the types of exceptions which can be caught within 180 * the exception range. 181 */ 182 typedef struct { 183 PTRDIFF_T ret_addr; 184 Xword length; 185 PTRDIFF_T handler_addr; 186 PTRDIFF_T type_block; 187 Xword reserved; 188 } exception_range_entry; 189 190 /* 191 * Focal point for verifying symbol names. 192 */ 193 static const char * 194 string(Cache *refsec, Word ndx, Cache *strsec, const char *file, Word name) 195 { 196 /* 197 * If an error in this routine is due to a property of the string 198 * section, as opposed to a bad offset into the section (a property of 199 * the referencing section), then we will detect the same error on 200 * every call involving those sections. We use these static variables 201 * to retain the information needed to only issue each such error once. 202 */ 203 static Cache *last_refsec; /* Last referencing section seen */ 204 static int strsec_err; /* True if error issued */ 205 206 const char *strs; 207 Word strn; 208 209 if (strsec->c_data == NULL) 210 return (NULL); 211 212 strs = (char *)strsec->c_data->d_buf; 213 strn = strsec->c_data->d_size; 214 215 /* 216 * We only print a diagnostic regarding a bad string table once per 217 * input section being processed. If the refsec has changed, reset 218 * our retained error state. 219 */ 220 if (last_refsec != refsec) { 221 last_refsec = refsec; 222 strsec_err = 0; 223 } 224 225 /* Verify that strsec really is a string table */ 226 if (strsec->c_shdr->sh_type != SHT_STRTAB) { 227 if (!strsec_err) { 228 (void) fprintf(stderr, MSG_INTL(MSG_ERR_NOTSTRTAB), 229 file, strsec->c_ndx, refsec->c_ndx); 230 strsec_err = 1; 231 } 232 return (MSG_INTL(MSG_STR_UNKNOWN)); 233 } 234 235 /* 236 * Is the string table offset within range of the available strings? 237 */ 238 if (name >= strn) { 239 /* 240 * Do we have a empty string table? 241 */ 242 if (strs == NULL) { 243 if (!strsec_err) { 244 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 245 file, strsec->c_name); 246 strsec_err = 1; 247 } 248 } else { 249 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSTOFF), 250 file, refsec->c_name, EC_WORD(ndx), strsec->c_name, 251 EC_WORD(name), EC_WORD(strn - 1)); 252 } 253 254 /* 255 * Return the empty string so that the calling function can 256 * continue it's output diagnostics. 257 */ 258 return (MSG_INTL(MSG_STR_UNKNOWN)); 259 } 260 return (strs + name); 261 } 262 263 /* 264 * Relocations can reference section symbols and standard symbols. If the 265 * former, establish the section name. 266 */ 267 static const char * 268 relsymname(Cache *cache, Cache *csec, Cache *strsec, Word symndx, Word symnum, 269 Word relndx, Sym *syms, char *secstr, size_t secsz, const char *file) 270 { 271 Sym *sym; 272 const char *name; 273 274 if (symndx >= symnum) { 275 (void) fprintf(stderr, MSG_INTL(MSG_ERR_RELBADSYMNDX), 276 file, EC_WORD(symndx), EC_WORD(relndx)); 277 return (MSG_INTL(MSG_STR_UNKNOWN)); 278 } 279 280 sym = (Sym *)(syms + symndx); 281 name = string(csec, symndx, strsec, file, sym->st_name); 282 283 /* 284 * If the symbol represents a section offset construct an appropriate 285 * string. Note, although section symbol table entries typically have 286 * a NULL name pointer, entries do exist that point into the string 287 * table to their own NULL strings. 288 */ 289 if ((ELF_ST_TYPE(sym->st_info) == STT_SECTION) && 290 ((sym->st_name == 0) || (*name == '\0'))) { 291 (void) snprintf(secstr, secsz, MSG_INTL(MSG_STR_SECTION), 292 cache[sym->st_shndx].c_name); 293 return ((const char *)secstr); 294 } 295 296 return (name); 297 } 298 299 /* 300 * Focal point for establishing a string table section. Data such as the 301 * dynamic information simply points to a string table. Data such as 302 * relocations, reference a symbol table, which in turn is associated with a 303 * string table. 304 */ 305 static int 306 stringtbl(Cache *cache, int symtab, Word ndx, Word shnum, const char *file, 307 Word *symnum, Cache **symsec, Cache **strsec) 308 { 309 Shdr *shdr = cache[ndx].c_shdr; 310 311 if (symtab) { 312 /* 313 * Validate the symbol table section. 314 */ 315 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 316 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 317 file, cache[ndx].c_name, EC_WORD(shdr->sh_link)); 318 return (0); 319 } 320 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 321 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 322 file, cache[ndx].c_name); 323 return (0); 324 } 325 326 /* 327 * Obtain, and verify the symbol table data. 328 */ 329 if ((cache[ndx].c_data == NULL) || 330 (cache[ndx].c_data->d_buf == NULL)) { 331 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 332 file, cache[ndx].c_name); 333 return (0); 334 } 335 336 /* 337 * Establish the string table index. 338 */ 339 ndx = shdr->sh_link; 340 shdr = cache[ndx].c_shdr; 341 342 /* 343 * Return symbol table information. 344 */ 345 if (symnum) 346 *symnum = (shdr->sh_size / shdr->sh_entsize); 347 if (symsec) 348 *symsec = &cache[ndx]; 349 } 350 351 /* 352 * Validate the associated string table section. 353 */ 354 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 355 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 356 file, cache[ndx].c_name, EC_WORD(shdr->sh_link)); 357 return (0); 358 } 359 360 if (strsec) 361 *strsec = &cache[shdr->sh_link]; 362 363 return (1); 364 } 365 366 /* 367 * Lookup a symbol and set Sym accordingly. 368 * 369 * entry: 370 * name - Name of symbol to lookup 371 * cache - Cache of all section headers 372 * shnum - # of sections in cache 373 * sym - Address of pointer to receive symbol 374 * target - NULL, or section to which the symbol must be associated. 375 * symtab - Symbol table to search for symbol 376 * file - Name of file 377 * 378 * exit: 379 * If the symbol is found, *sym is set to reference it, and True is 380 * returned. If target is non-NULL, the symbol must reference the given 381 * section --- otherwise the section is not checked. 382 * 383 * If no symbol is found, False is returned. 384 */ 385 static int 386 symlookup(const char *name, Cache *cache, Word shnum, Sym **sym, 387 Cache *target, Cache *symtab, const char *file) 388 { 389 Shdr *shdr; 390 Word symn, cnt; 391 Sym *syms; 392 393 if (symtab == 0) 394 return (0); 395 396 shdr = symtab->c_shdr; 397 398 /* 399 * Determine the symbol data and number. 400 */ 401 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 402 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 403 file, symtab->c_name); 404 return (0); 405 } 406 if (symtab->c_data == NULL) 407 return (0); 408 409 /* LINTED */ 410 symn = (Word)(shdr->sh_size / shdr->sh_entsize); 411 syms = (Sym *)symtab->c_data->d_buf; 412 413 /* 414 * Get the associated string table section. 415 */ 416 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 417 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 418 file, symtab->c_name, EC_WORD(shdr->sh_link)); 419 return (0); 420 } 421 422 /* 423 * Loop through the symbol table to find a match. 424 */ 425 *sym = NULL; 426 for (cnt = 0; cnt < symn; syms++, cnt++) { 427 const char *symname; 428 429 symname = string(symtab, cnt, &cache[shdr->sh_link], file, 430 syms->st_name); 431 432 if (symname && (strcmp(name, symname) == 0) && 433 ((target == NULL) || (target->c_ndx == syms->st_shndx))) { 434 /* 435 * It is possible, though rare, for a local and 436 * global symbol of the same name to exist, each 437 * contributed by a different input object. If the 438 * symbol just found is local, remember it, but 439 * continue looking. 440 */ 441 *sym = syms; 442 if (ELF_ST_BIND(syms->st_info) != STB_LOCAL) 443 break; 444 } 445 } 446 447 return (*sym != NULL); 448 } 449 450 /* 451 * Print section headers. 452 */ 453 static void 454 sections(const char *file, Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi) 455 { 456 size_t seccnt; 457 458 for (seccnt = 1; seccnt < shnum; seccnt++) { 459 Cache *_cache = &cache[seccnt]; 460 Shdr *shdr = _cache->c_shdr; 461 const char *secname = _cache->c_name; 462 463 /* 464 * Although numerous section header entries can be zero, it's 465 * usually a sign of trouble if the type is zero. 466 */ 467 if (shdr->sh_type == 0) { 468 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHTYPE), 469 file, secname, EC_WORD(shdr->sh_type)); 470 } 471 472 if (!match(MATCH_F_ALL, secname, seccnt, shdr->sh_type)) 473 continue; 474 475 /* 476 * Identify any sections that are suspicious. A .got section 477 * shouldn't exist in a relocatable object. 478 */ 479 if (ehdr->e_type == ET_REL) { 480 if (strncmp(secname, MSG_ORIG(MSG_ELF_GOT), 481 MSG_ELF_GOT_SIZE) == 0) { 482 (void) fprintf(stderr, 483 MSG_INTL(MSG_GOT_UNEXPECTED), file, 484 secname); 485 } 486 } 487 488 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 489 dbg_print(0, MSG_INTL(MSG_ELF_SHDR), EC_WORD(seccnt), secname); 490 Elf_shdr(0, osabi, ehdr->e_machine, shdr); 491 } 492 } 493 494 /* 495 * Obtain a specified Phdr entry. 496 */ 497 static Phdr * 498 getphdr(Word phnum, Word *type_arr, Word type_cnt, const char *file, Elf *elf) 499 { 500 Word cnt, tcnt; 501 Phdr *phdr; 502 503 if ((phdr = elf_getphdr(elf)) == NULL) { 504 failure(file, MSG_ORIG(MSG_ELF_GETPHDR)); 505 return (NULL); 506 } 507 508 for (cnt = 0; cnt < phnum; phdr++, cnt++) { 509 for (tcnt = 0; tcnt < type_cnt; tcnt++) { 510 if (phdr->p_type == type_arr[tcnt]) 511 return (phdr); 512 } 513 } 514 return (NULL); 515 } 516 517 /* 518 * Display the contents of GNU/amd64 .eh_frame and .eh_frame_hdr 519 * sections. 520 * 521 * entry: 522 * cache - Cache of all section headers 523 * shndx - Index of .eh_frame or .eh_frame_hdr section to be displayed 524 * shnum - Total number of sections which exist 525 * uphdr - NULL, or unwind program header associated with 526 * the .eh_frame_hdr section. 527 * ehdr - ELF header for file 528 * eh_state - Data used across calls to this routine. The 529 * caller should zero it before the first call, and 530 * pass it on every call. 531 * osabi - OSABI to use in displaying information 532 * file - Name of file 533 * flags - Command line option flags 534 */ 535 static void 536 unwind_eh_frame(Cache *cache, Word shndx, Word shnum, Phdr *uphdr, Ehdr *ehdr, 537 gnu_eh_state_t *eh_state, uchar_t osabi, const char *file, uint_t flags) 538 { 539 #if defined(_ELF64) 540 #define MSG_UNW_BINSRTAB2 MSG_UNW_BINSRTAB2_64 541 #define MSG_UNW_BINSRTABENT MSG_UNW_BINSRTABENT_64 542 #else 543 #define MSG_UNW_BINSRTAB2 MSG_UNW_BINSRTAB2_32 544 #define MSG_UNW_BINSRTABENT MSG_UNW_BINSRTABENT_32 545 #endif 546 547 Cache *_cache = &cache[shndx]; 548 Shdr *shdr = _cache->c_shdr; 549 uchar_t *data = (uchar_t *)(_cache->c_data->d_buf); 550 size_t datasize = _cache->c_data->d_size; 551 Conv_dwarf_ehe_buf_t dwarf_ehe_buf; 552 uint64_t ndx, frame_ptr, fde_cnt, tabndx; 553 uint_t vers, frame_ptr_enc, fde_cnt_enc, table_enc; 554 uint64_t initloc, initloc0; 555 uint64_t gotaddr = 0; 556 int cnt; 557 558 for (cnt = 1; cnt < shnum; cnt++) { 559 if (strncmp(cache[cnt].c_name, MSG_ORIG(MSG_ELF_GOT), 560 MSG_ELF_GOT_SIZE) == 0) { 561 gotaddr = cache[cnt].c_shdr->sh_addr; 562 break; 563 } 564 } 565 566 /* 567 * Is this a .eh_frame_hdr? 568 */ 569 if ((uphdr && (shdr->sh_addr == uphdr->p_vaddr)) || 570 (strncmp(_cache->c_name, MSG_ORIG(MSG_SCN_FRMHDR), 571 MSG_SCN_FRMHDR_SIZE) == 0)) { 572 /* 573 * There can only be a single .eh_frame_hdr. 574 * Flag duplicates. 575 */ 576 if (++eh_state->hdr_cnt > 1) 577 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MULTEHFRMHDR), 578 file, EC_WORD(shndx), _cache->c_name); 579 580 dbg_print(0, MSG_ORIG(MSG_UNW_FRMHDR)); 581 ndx = 0; 582 583 vers = data[ndx++]; 584 frame_ptr_enc = data[ndx++]; 585 fde_cnt_enc = data[ndx++]; 586 table_enc = data[ndx++]; 587 588 dbg_print(0, MSG_ORIG(MSG_UNW_FRMVERS), vers); 589 590 frame_ptr = dwarf_ehe_extract(data, &ndx, frame_ptr_enc, 591 ehdr->e_ident, B_TRUE, shdr->sh_addr, ndx, gotaddr); 592 if (eh_state->hdr_cnt == 1) { 593 eh_state->hdr_ndx = shndx; 594 eh_state->frame_ptr = frame_ptr; 595 } 596 597 dbg_print(0, MSG_ORIG(MSG_UNW_FRPTRENC), 598 conv_dwarf_ehe(frame_ptr_enc, &dwarf_ehe_buf), 599 EC_XWORD(frame_ptr)); 600 601 fde_cnt = dwarf_ehe_extract(data, &ndx, fde_cnt_enc, 602 ehdr->e_ident, B_TRUE, shdr->sh_addr, ndx, gotaddr); 603 604 dbg_print(0, MSG_ORIG(MSG_UNW_FDCNENC), 605 conv_dwarf_ehe(fde_cnt_enc, &dwarf_ehe_buf), 606 EC_XWORD(fde_cnt)); 607 dbg_print(0, MSG_ORIG(MSG_UNW_TABENC), 608 conv_dwarf_ehe(table_enc, &dwarf_ehe_buf)); 609 dbg_print(0, MSG_ORIG(MSG_UNW_BINSRTAB1)); 610 dbg_print(0, MSG_ORIG(MSG_UNW_BINSRTAB2)); 611 612 for (tabndx = 0; tabndx < fde_cnt; tabndx++) { 613 initloc = dwarf_ehe_extract(data, &ndx, table_enc, 614 ehdr->e_ident, B_TRUE, shdr->sh_addr, ndx, gotaddr); 615 /*LINTED:E_VAR_USED_BEFORE_SET*/ 616 if ((tabndx != 0) && (initloc0 > initloc)) 617 (void) fprintf(stderr, 618 MSG_INTL(MSG_ERR_BADSORT), file, 619 _cache->c_name, EC_WORD(tabndx)); 620 dbg_print(0, MSG_ORIG(MSG_UNW_BINSRTABENT), 621 EC_XWORD(initloc), 622 EC_XWORD(dwarf_ehe_extract(data, &ndx, 623 table_enc, ehdr->e_ident, B_TRUE, shdr->sh_addr, 624 ndx, gotaddr))); 625 initloc0 = initloc; 626 } 627 } else { /* Display the .eh_frame section */ 628 eh_state->frame_cnt++; 629 if (eh_state->frame_cnt == 1) { 630 eh_state->frame_ndx = shndx; 631 eh_state->frame_base = shdr->sh_addr; 632 } else if ((eh_state->frame_cnt > 1) && 633 (ehdr->e_type != ET_REL)) { 634 Conv_inv_buf_t inv_buf; 635 636 (void) fprintf(stderr, MSG_INTL(MSG_WARN_MULTEHFRM), 637 file, EC_WORD(shndx), _cache->c_name, 638 conv_ehdr_type(osabi, ehdr->e_type, 0, &inv_buf)); 639 } 640 dump_eh_frame(data, datasize, shdr->sh_addr, 641 ehdr->e_machine, ehdr->e_ident, gotaddr); 642 } 643 644 /* 645 * If we've seen the .eh_frame_hdr and the first .eh_frame section, 646 * compare the header frame_ptr to the address of the actual frame 647 * section to ensure the link-editor got this right. Note, this 648 * diagnostic is only produced when unwind information is explicitly 649 * asked for, as shared objects built with an older ld(1) may reveal 650 * this inconsistency. Although an inconsistency, it doesn't seem to 651 * have any adverse effect on existing tools. 652 */ 653 if (((flags & FLG_MASK_SHOW) != FLG_MASK_SHOW) && 654 (eh_state->hdr_cnt > 0) && (eh_state->frame_cnt > 0) && 655 (eh_state->frame_ptr != eh_state->frame_base)) 656 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADEHFRMPTR), 657 file, EC_WORD(eh_state->hdr_ndx), 658 cache[eh_state->hdr_ndx].c_name, 659 EC_XWORD(eh_state->frame_ptr), 660 EC_WORD(eh_state->frame_ndx), 661 cache[eh_state->frame_ndx].c_name, 662 EC_XWORD(eh_state->frame_base)); 663 #undef MSG_UNW_BINSRTAB2 664 #undef MSG_UNW_BINSRTABENT 665 } 666 667 /* 668 * Convert a self relative pointer into an address. A self relative 669 * pointer adds the address where the pointer resides to the offset 670 * contained in the pointer. The benefit is that the value of the 671 * pointer does not require relocation. 672 * 673 * entry: 674 * base_addr - Address of the pointer. 675 * delta - Offset relative to base_addr giving desired address 676 * 677 * exit: 678 * The computed address is returned. 679 * 680 * note: 681 * base_addr is an unsigned value, while ret_addr is signed. This routine 682 * used explicit testing and casting to explicitly control type 683 * conversion, and ensure that we handle the maximum possible range. 684 */ 685 static Addr 686 srelptr(Addr base_addr, PTRDIFF_T delta) 687 { 688 if (delta < 0) 689 return (base_addr - (Addr) (-delta)); 690 691 return (base_addr + (Addr) delta); 692 } 693 694 /* 695 * Byte swap a PTRDIFF_T value. 696 */ 697 static PTRDIFF_T 698 swap_ptrdiff(PTRDIFF_T value) 699 { 700 PTRDIFF_T r; 701 uchar_t *dst = (uchar_t *)&r; 702 uchar_t *src = (uchar_t *)&value; 703 704 UL_ASSIGN_BSWAP_XWORD(dst, src); 705 return (r); 706 } 707 708 /* 709 * Display exception_range_entry items from the .exception_ranges section 710 * of a Sun C++ object. 711 */ 712 static void 713 unwind_exception_ranges(Cache *_cache, const char *file, int do_swap) 714 { 715 /* 716 * Translate a PTRDIFF_T self-relative address field of 717 * an exception_range_entry struct into an address. 718 * 719 * entry: 720 * exc_addr - Address of base of exception_range_entry struct 721 * cur_ent - Pointer to data in the struct to be translated 722 * 723 * _f - Field of struct to be translated 724 */ 725 #define SRELPTR(_f) \ 726 srelptr(exc_addr + offsetof(exception_range_entry, _f), cur_ent->_f) 727 728 #if defined(_ELF64) 729 #define MSG_EXR_TITLE MSG_EXR_TITLE_64 730 #define MSG_EXR_ENTRY MSG_EXR_ENTRY_64 731 #else 732 #define MSG_EXR_TITLE MSG_EXR_TITLE_32 733 #define MSG_EXR_ENTRY MSG_EXR_ENTRY_32 734 #endif 735 736 exception_range_entry scratch, *ent, *cur_ent = &scratch; 737 char index[MAXNDXSIZE]; 738 Word i, nelts; 739 Addr addr, addr0, offset = 0; 740 Addr exc_addr = _cache->c_shdr->sh_addr; 741 742 dbg_print(0, MSG_INTL(MSG_EXR_TITLE)); 743 ent = (exception_range_entry *)(_cache->c_data->d_buf); 744 nelts = _cache->c_data->d_size / sizeof (exception_range_entry); 745 746 for (i = 0; i < nelts; i++, ent++) { 747 if (do_swap) { 748 /* 749 * Copy byte swapped values into the scratch buffer. 750 * The reserved field is not used, so we skip it. 751 */ 752 scratch.ret_addr = swap_ptrdiff(ent->ret_addr); 753 scratch.length = BSWAP_XWORD(ent->length); 754 scratch.handler_addr = swap_ptrdiff(ent->handler_addr); 755 scratch.type_block = swap_ptrdiff(ent->type_block); 756 } else { 757 cur_ent = ent; 758 } 759 760 /* 761 * The table is required to be sorted by the address 762 * derived from ret_addr, to allow binary searching. Ensure 763 * that addresses grow monotonically. 764 */ 765 addr = SRELPTR(ret_addr); 766 /*LINTED:E_VAR_USED_BEFORE_SET*/ 767 if ((i != 0) && (addr0 > addr)) 768 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSORT), 769 file, _cache->c_name, EC_WORD(i)); 770 771 (void) snprintf(index, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INDEX), 772 EC_XWORD(i)); 773 dbg_print(0, MSG_INTL(MSG_EXR_ENTRY), index, EC_ADDR(offset), 774 EC_ADDR(addr), EC_ADDR(cur_ent->length), 775 EC_ADDR(SRELPTR(handler_addr)), 776 EC_ADDR(SRELPTR(type_block))); 777 778 addr0 = addr; 779 exc_addr += sizeof (exception_range_entry); 780 offset += sizeof (exception_range_entry); 781 } 782 783 #undef SRELPTR 784 #undef MSG_EXR_TITLE 785 #undef MSG_EXR_ENTRY 786 } 787 788 /* 789 * Display information from unwind/exception sections: 790 * 791 * - GNU/amd64 .eh_frame and .eh_frame_hdr 792 * - Sun C++ .exception_ranges 793 * 794 */ 795 static void 796 unwind(Cache *cache, Word shnum, Word phnum, Ehdr *ehdr, uchar_t osabi, 797 const char *file, Elf *elf, uint_t flags) 798 { 799 static Word phdr_types[] = { PT_SUNW_UNWIND, PT_SUNW_EH_FRAME }; 800 801 Word cnt; 802 Phdr *uphdr = NULL; 803 gnu_eh_state_t eh_state; 804 805 /* 806 * Historical background: .eh_frame and .eh_frame_hdr sections 807 * come from the GNU compilers (particularly C++), and are used 808 * under all architectures. Their format is based on DWARF. When 809 * the amd64 ABI was defined, these sections were adopted wholesale 810 * from the existing practice. 811 * 812 * When amd64 support was added to Solaris, support for these 813 * sections was added, using the SHT_AMD64_UNWIND section type 814 * to identify them. At first, we ignored them in objects for 815 * non-amd64 targets, but later broadened our support to include 816 * other architectures in order to better support gcc-generated 817 * objects. 818 * 819 * .exception_ranges implement the same basic concepts, but 820 * were invented at Sun for the Sun C++ compiler. 821 * 822 * We match these sections by name, rather than section type, 823 * because they can come in as either SHT_AMD64_UNWIND, or as 824 * SHT_PROGBITS, and because the type isn't enough to determine 825 * how they should be interpreted. 826 */ 827 /* Find the program header for .eh_frame_hdr if present */ 828 if (phnum) 829 uphdr = getphdr(phnum, phdr_types, 830 sizeof (phdr_types) / sizeof (*phdr_types), file, elf); 831 832 /* 833 * eh_state is used to retain data used by unwind_eh_frame() 834 * across calls. 835 */ 836 bzero(&eh_state, sizeof (eh_state)); 837 838 for (cnt = 1; cnt < shnum; cnt++) { 839 Cache *_cache = &cache[cnt]; 840 Shdr *shdr = _cache->c_shdr; 841 int is_exrange; 842 843 /* 844 * Skip sections of the wrong type. On amd64, they 845 * can be SHT_AMD64_UNWIND. On all platforms, they 846 * can be SHT_PROGBITS (including amd64, if using 847 * the GNU compilers). 848 * 849 * Skip anything other than these two types. The name 850 * test below will thin out the SHT_PROGBITS that don't apply. 851 */ 852 if ((shdr->sh_type != SHT_PROGBITS) && 853 (shdr->sh_type != SHT_AMD64_UNWIND)) 854 continue; 855 856 /* 857 * Only sections with certain well known names are of interest. 858 * These are: 859 * 860 * .eh_frame - amd64/GNU-compiler unwind sections 861 * .eh_frame_hdr - Sorted table referencing .eh_frame 862 * .exception_ranges - Sun C++ unwind sections 863 * 864 * We do a prefix comparison, allowing for naming conventions 865 * like .eh_frame.foo, hence the use of strncmp() rather than 866 * strcmp(). This means that we only really need to test for 867 * .eh_frame, as it's a prefix of .eh_frame_hdr. 868 */ 869 is_exrange = strncmp(_cache->c_name, 870 MSG_ORIG(MSG_SCN_EXRANGE), MSG_SCN_EXRANGE_SIZE) == 0; 871 if ((strncmp(_cache->c_name, MSG_ORIG(MSG_SCN_FRM), 872 MSG_SCN_FRM_SIZE) != 0) && !is_exrange) 873 continue; 874 875 if (!match(MATCH_F_ALL, _cache->c_name, cnt, shdr->sh_type)) 876 continue; 877 878 if (_cache->c_data == NULL) 879 continue; 880 881 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 882 dbg_print(0, MSG_INTL(MSG_ELF_SCN_UNWIND), _cache->c_name); 883 884 if (is_exrange) 885 unwind_exception_ranges(_cache, file, 886 _elf_sys_encoding() != ehdr->e_ident[EI_DATA]); 887 else 888 unwind_eh_frame(cache, cnt, shnum, uphdr, ehdr, 889 &eh_state, osabi, file, flags); 890 } 891 } 892 893 /* 894 * Initialize a symbol table state structure 895 * 896 * entry: 897 * state - State structure to be initialized 898 * cache - Cache of all section headers 899 * shnum - # of sections in cache 900 * secndx - Index of symbol table section 901 * ehdr - ELF header for file 902 * versym - Information about versym section 903 * file - Name of file 904 * flags - Command line option flags 905 */ 906 static int 907 init_symtbl_state(SYMTBL_STATE *state, Cache *cache, Word shnum, Word secndx, 908 Ehdr *ehdr, uchar_t osabi, VERSYM_STATE *versym, const char *file, 909 uint_t flags) 910 { 911 Shdr *shdr; 912 913 state->file = file; 914 state->ehdr = ehdr; 915 state->cache = cache; 916 state->osabi = osabi; 917 state->shnum = shnum; 918 state->seccache = &cache[secndx]; 919 state->secndx = secndx; 920 state->secname = state->seccache->c_name; 921 state->flags = flags; 922 state->shxndx.checked = 0; 923 state->shxndx.data = NULL; 924 state->shxndx.n = 0; 925 926 shdr = state->seccache->c_shdr; 927 928 /* 929 * Check the symbol data and per-item size. 930 */ 931 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 932 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 933 file, state->secname); 934 return (0); 935 } 936 if (state->seccache->c_data == NULL) 937 return (0); 938 939 /* LINTED */ 940 state->symn = (Word)(shdr->sh_size / shdr->sh_entsize); 941 state->sym = (Sym *)state->seccache->c_data->d_buf; 942 943 /* 944 * Check associated string table section. 945 */ 946 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 947 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 948 file, state->secname, EC_WORD(shdr->sh_link)); 949 return (0); 950 } 951 952 /* 953 * Determine if there is a associated Versym section 954 * with this Symbol Table. 955 */ 956 if (versym && versym->cache && 957 (versym->cache->c_shdr->sh_link == state->secndx)) 958 state->versym = versym; 959 else 960 state->versym = NULL; 961 962 963 return (1); 964 } 965 966 /* 967 * Determine the extended section index used for symbol tables entries. 968 */ 969 static void 970 symbols_getxindex(SYMTBL_STATE *state) 971 { 972 uint_t symn; 973 Word symcnt; 974 975 state->shxndx.checked = 1; /* Note that we've been called */ 976 for (symcnt = 1; symcnt < state->shnum; symcnt++) { 977 Cache *_cache = &state->cache[symcnt]; 978 Shdr *shdr = _cache->c_shdr; 979 980 if ((shdr->sh_type != SHT_SYMTAB_SHNDX) || 981 (shdr->sh_link != state->secndx)) 982 continue; 983 984 if ((shdr->sh_entsize) && 985 /* LINTED */ 986 ((symn = (uint_t)(shdr->sh_size / shdr->sh_entsize)) == 0)) 987 continue; 988 989 if (_cache->c_data == NULL) 990 continue; 991 992 state->shxndx.data = _cache->c_data->d_buf; 993 state->shxndx.n = symn; 994 return; 995 } 996 } 997 998 /* 999 * Produce a line of output for the given symbol 1000 * 1001 * entry: 1002 * state - Symbol table state 1003 * symndx - Index of symbol within the table 1004 * info - Value of st_info (indicates local/global range) 1005 * symndx_disp - Index to display. This may not be the same 1006 * as symndx if the display is relative to the logical 1007 * combination of the SUNW_ldynsym/dynsym tables. 1008 * sym - Symbol to display 1009 */ 1010 static void 1011 output_symbol(SYMTBL_STATE *state, Word symndx, Word info, Word disp_symndx, 1012 Sym *sym) 1013 { 1014 /* 1015 * Symbol types for which we check that the specified 1016 * address/size land inside the target section. 1017 */ 1018 static const int addr_symtype[] = { 1019 0, /* STT_NOTYPE */ 1020 1, /* STT_OBJECT */ 1021 1, /* STT_FUNC */ 1022 0, /* STT_SECTION */ 1023 0, /* STT_FILE */ 1024 1, /* STT_COMMON */ 1025 0, /* STT_TLS */ 1026 0, /* 7 */ 1027 0, /* 8 */ 1028 0, /* 9 */ 1029 0, /* 10 */ 1030 0, /* 11 */ 1031 0, /* 12 */ 1032 0, /* STT_SPARC_REGISTER */ 1033 0, /* 14 */ 1034 0, /* 15 */ 1035 }; 1036 #if STT_NUM != (STT_TLS + 1) 1037 #error "STT_NUM has grown. Update addr_symtype[]" 1038 #endif 1039 1040 char index[MAXNDXSIZE]; 1041 const char *symname, *sec; 1042 Versym verndx; 1043 int gnuver; 1044 uchar_t type; 1045 Shdr *tshdr; 1046 Word shndx; 1047 Conv_inv_buf_t inv_buf; 1048 1049 /* Ensure symbol index is in range */ 1050 if (symndx >= state->symn) { 1051 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSYMNDX), 1052 state->file, state->secname, EC_WORD(symndx)); 1053 return; 1054 } 1055 1056 /* 1057 * If we are using extended symbol indexes, find the 1058 * corresponding SHN_SYMTAB_SHNDX table. 1059 */ 1060 if ((sym->st_shndx == SHN_XINDEX) && (state->shxndx.checked == 0)) 1061 symbols_getxindex(state); 1062 1063 /* LINTED */ 1064 symname = string(state->seccache, symndx, 1065 &state->cache[state->seccache->c_shdr->sh_link], state->file, 1066 sym->st_name); 1067 1068 tshdr = NULL; 1069 sec = NULL; 1070 1071 if (state->ehdr->e_type == ET_CORE) { 1072 sec = (char *)MSG_INTL(MSG_STR_UNKNOWN); 1073 } else if (state->flags & FLG_CTL_FAKESHDR) { 1074 /* 1075 * If we are using fake section headers derived from 1076 * the program headers, then the section indexes 1077 * in the symbols do not correspond to these headers. 1078 * The section names are not available, so all we can 1079 * do is to display them in numeric form. 1080 */ 1081 sec = conv_sym_shndx(state->osabi, state->ehdr->e_machine, 1082 sym->st_shndx, CONV_FMT_DECIMAL, &inv_buf); 1083 } else if ((sym->st_shndx < SHN_LORESERVE) && 1084 (sym->st_shndx < state->shnum)) { 1085 shndx = sym->st_shndx; 1086 tshdr = state->cache[shndx].c_shdr; 1087 sec = state->cache[shndx].c_name; 1088 } else if (sym->st_shndx == SHN_XINDEX) { 1089 if (state->shxndx.data) { 1090 Word _shxndx; 1091 1092 if (symndx > state->shxndx.n) { 1093 (void) fprintf(stderr, 1094 MSG_INTL(MSG_ERR_BADSYMXINDEX1), 1095 state->file, state->secname, 1096 EC_WORD(symndx)); 1097 } else if ((_shxndx = 1098 state->shxndx.data[symndx]) > state->shnum) { 1099 (void) fprintf(stderr, 1100 MSG_INTL(MSG_ERR_BADSYMXINDEX2), 1101 state->file, state->secname, 1102 EC_WORD(symndx), EC_WORD(_shxndx)); 1103 } else { 1104 shndx = _shxndx; 1105 tshdr = state->cache[shndx].c_shdr; 1106 sec = state->cache[shndx].c_name; 1107 } 1108 } else { 1109 (void) fprintf(stderr, 1110 MSG_INTL(MSG_ERR_BADSYMXINDEX3), 1111 state->file, state->secname, EC_WORD(symndx)); 1112 } 1113 } else if ((sym->st_shndx < SHN_LORESERVE) && 1114 (sym->st_shndx >= state->shnum)) { 1115 (void) fprintf(stderr, 1116 MSG_INTL(MSG_ERR_BADSYM5), state->file, 1117 state->secname, EC_WORD(symndx), 1118 demangle(symname, state->flags), sym->st_shndx); 1119 } 1120 1121 /* 1122 * If versioning is available display the 1123 * version index. If not, then use 0. 1124 */ 1125 if (state->versym) { 1126 Versym test_verndx; 1127 1128 verndx = test_verndx = state->versym->data[symndx]; 1129 gnuver = state->versym->gnu_full; 1130 1131 /* 1132 * Check to see if this is a defined symbol with a 1133 * version index that is outside the valid range for 1134 * the file. The interpretation of this depends on 1135 * the style of versioning used by the object. 1136 * 1137 * Versions >= VER_NDX_LORESERVE have special meanings, 1138 * and are exempt from this checking. 1139 * 1140 * GNU style version indexes use the top bit of the 1141 * 16-bit index value (0x8000) as the "hidden bit". 1142 * We must mask off this bit in order to compare 1143 * the version against the maximum value. 1144 */ 1145 if (gnuver) 1146 test_verndx &= ~0x8000; 1147 1148 if ((test_verndx > state->versym->max_verndx) && 1149 (verndx < VER_NDX_LORESERVE)) 1150 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADVER), 1151 state->file, state->secname, EC_WORD(symndx), 1152 EC_HALF(test_verndx), state->versym->max_verndx); 1153 } else { 1154 verndx = 0; 1155 gnuver = 0; 1156 } 1157 1158 /* 1159 * Error checking for TLS. 1160 */ 1161 type = ELF_ST_TYPE(sym->st_info); 1162 if (type == STT_TLS) { 1163 if (tshdr && 1164 (sym->st_shndx != SHN_UNDEF) && 1165 ((tshdr->sh_flags & SHF_TLS) == 0)) { 1166 (void) fprintf(stderr, 1167 MSG_INTL(MSG_ERR_BADSYM3), state->file, 1168 state->secname, EC_WORD(symndx), 1169 demangle(symname, state->flags)); 1170 } 1171 } else if ((type != STT_SECTION) && sym->st_size && 1172 tshdr && (tshdr->sh_flags & SHF_TLS)) { 1173 (void) fprintf(stderr, 1174 MSG_INTL(MSG_ERR_BADSYM4), state->file, 1175 state->secname, EC_WORD(symndx), 1176 demangle(symname, state->flags)); 1177 } 1178 1179 /* 1180 * If a symbol with non-zero size has a type that 1181 * specifies an address, then make sure the location 1182 * it references is actually contained within the 1183 * section. UNDEF symbols don't count in this case, 1184 * so we ignore them. 1185 * 1186 * The meaning of the st_value field in a symbol 1187 * depends on the type of object. For a relocatable 1188 * object, it is the offset within the section. 1189 * For sharable objects, it is the offset relative to 1190 * the base of the object, and for other types, it is 1191 * the virtual address. To get an offset within the 1192 * section for non-ET_REL files, we subtract the 1193 * base address of the section. 1194 */ 1195 if (addr_symtype[type] && (sym->st_size > 0) && 1196 (sym->st_shndx != SHN_UNDEF) && ((sym->st_shndx < SHN_LORESERVE) || 1197 (sym->st_shndx == SHN_XINDEX)) && (tshdr != NULL)) { 1198 Word v = sym->st_value; 1199 if (state->ehdr->e_type != ET_REL) 1200 v -= tshdr->sh_addr; 1201 if (((v + sym->st_size) > tshdr->sh_size)) { 1202 (void) fprintf(stderr, 1203 MSG_INTL(MSG_ERR_BADSYM6), state->file, 1204 state->secname, EC_WORD(symndx), 1205 demangle(symname, state->flags), 1206 EC_WORD(shndx), EC_XWORD(tshdr->sh_size), 1207 EC_XWORD(sym->st_value), EC_XWORD(sym->st_size)); 1208 } 1209 } 1210 1211 /* 1212 * A typical symbol table uses the sh_info field to indicate one greater 1213 * than the symbol table index of the last local symbol, STB_LOCAL. 1214 * Therefore, symbol indexes less than sh_info should have local 1215 * binding. Symbol indexes greater than, or equal to sh_info, should 1216 * have global binding. Note, we exclude UNDEF/NOTY symbols with zero 1217 * value and size, as these symbols may be the result of an mcs(1) 1218 * section deletion. 1219 */ 1220 if (info) { 1221 uchar_t bind = ELF_ST_BIND(sym->st_info); 1222 1223 if ((symndx < info) && (bind != STB_LOCAL)) { 1224 (void) fprintf(stderr, 1225 MSG_INTL(MSG_ERR_BADSYM7), state->file, 1226 state->secname, EC_WORD(symndx), 1227 demangle(symname, state->flags), EC_XWORD(info)); 1228 1229 } else if ((symndx >= info) && (bind == STB_LOCAL) && 1230 ((sym->st_shndx != SHN_UNDEF) || 1231 (ELF_ST_TYPE(sym->st_info) != STT_NOTYPE) || 1232 (sym->st_size != 0) || (sym->st_value != 0))) { 1233 (void) fprintf(stderr, 1234 MSG_INTL(MSG_ERR_BADSYM8), state->file, 1235 state->secname, EC_WORD(symndx), 1236 demangle(symname, state->flags), EC_XWORD(info)); 1237 } 1238 } 1239 1240 (void) snprintf(index, MAXNDXSIZE, 1241 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(disp_symndx)); 1242 Elf_syms_table_entry(0, ELF_DBG_ELFDUMP, index, state->osabi, 1243 state->ehdr->e_machine, sym, verndx, gnuver, sec, symname); 1244 } 1245 1246 /* 1247 * Process a SHT_SUNW_cap capabilities section. 1248 */ 1249 static int 1250 cap_section(const char *file, Cache *cache, Word shnum, Cache *ccache, 1251 uchar_t osabi, Ehdr *ehdr, uint_t flags) 1252 { 1253 SYMTBL_STATE state; 1254 Word cnum, capnum, nulls, symcaps; 1255 int descapndx, objcap, title; 1256 Cap *cap = (Cap *)ccache->c_data->d_buf; 1257 Shdr *cishdr, *cshdr = ccache->c_shdr; 1258 Cache *cicache, *strcache; 1259 Capinfo *capinfo = NULL; 1260 Word capinfonum; 1261 const char *strs = NULL; 1262 size_t strs_size; 1263 1264 if ((cshdr->sh_entsize == 0) || (cshdr->sh_size == 0)) { 1265 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 1266 file, ccache->c_name); 1267 return (0); 1268 } 1269 1270 /* 1271 * If this capabilities section is associated with symbols, then the 1272 * sh_link field points to the associated capabilities information 1273 * section. The sh_link field of the capabilities information section 1274 * points to the associated symbol table. 1275 */ 1276 if (cshdr->sh_link) { 1277 Cache *scache; 1278 Shdr *sshdr; 1279 1280 /* 1281 * Validate that the sh_link field points to a capabilities 1282 * information section. 1283 */ 1284 if (cshdr->sh_link >= shnum) { 1285 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1286 file, ccache->c_name, EC_WORD(cshdr->sh_link)); 1287 return (0); 1288 } 1289 1290 cicache = &cache[cshdr->sh_link]; 1291 cishdr = cicache->c_shdr; 1292 1293 if (cishdr->sh_type != SHT_SUNW_capinfo) { 1294 (void) fprintf(stderr, MSG_INTL(MSG_ERR_INVCAP), 1295 file, ccache->c_name, EC_WORD(cshdr->sh_link)); 1296 return (0); 1297 } 1298 1299 capinfo = cicache->c_data->d_buf; 1300 capinfonum = (Word)(cishdr->sh_size / cishdr->sh_entsize); 1301 1302 /* 1303 * Validate that the sh_link field of the capabilities 1304 * information section points to a valid symbol table. 1305 */ 1306 if ((cishdr->sh_link == 0) || (cishdr->sh_link >= shnum)) { 1307 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1308 file, cicache->c_name, EC_WORD(cishdr->sh_link)); 1309 return (0); 1310 } 1311 scache = &cache[cishdr->sh_link]; 1312 sshdr = scache->c_shdr; 1313 1314 if ((sshdr->sh_type != SHT_SYMTAB) && 1315 (sshdr->sh_type != SHT_DYNSYM)) { 1316 (void) fprintf(stderr, MSG_INTL(MSG_ERR_INVCAPINFO1), 1317 file, cicache->c_name, EC_WORD(cishdr->sh_link)); 1318 return (0); 1319 } 1320 1321 if (!init_symtbl_state(&state, cache, shnum, 1322 cishdr->sh_link, ehdr, osabi, NULL, file, flags)) 1323 return (0); 1324 } 1325 1326 /* 1327 * If this capabilities section contains capability string entries, 1328 * then determine the associated string table. Capabilities entries 1329 * that define names require that the capability section indicate 1330 * which string table to use via sh_info. 1331 */ 1332 if (cshdr->sh_info) { 1333 Shdr *strshdr; 1334 1335 /* 1336 * Validate that the sh_info field points to a string table. 1337 */ 1338 if (cshdr->sh_info >= shnum) { 1339 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1340 file, ccache->c_name, EC_WORD(cshdr->sh_info)); 1341 return (0); 1342 } 1343 1344 strcache = &cache[cshdr->sh_info]; 1345 strshdr = strcache->c_shdr; 1346 1347 if (strshdr->sh_type != SHT_STRTAB) { 1348 (void) fprintf(stderr, MSG_INTL(MSG_ERR_INVCAP), 1349 file, ccache->c_name, EC_WORD(cshdr->sh_info)); 1350 return (0); 1351 } 1352 strs = (const char *)strcache->c_data->d_buf; 1353 strs_size = strcache->c_data->d_size; 1354 } 1355 1356 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1357 dbg_print(0, MSG_INTL(MSG_ELF_SCN_CAP), ccache->c_name); 1358 1359 capnum = (Word)(cshdr->sh_size / cshdr->sh_entsize); 1360 1361 nulls = symcaps = 0; 1362 objcap = title = 1; 1363 descapndx = -1; 1364 1365 /* 1366 * Traverse the capabilities section printing each capability group. 1367 * The first capabilities group defines any object capabilities. Any 1368 * following groups define symbol capabilities. In the case where no 1369 * object capabilities exist, but symbol capabilities do, a single 1370 * CA_SUNW_NULL terminator for the object capabilities exists. 1371 */ 1372 for (cnum = 0; cnum < capnum; cap++, cnum++) { 1373 if (cap->c_tag == CA_SUNW_NULL) { 1374 /* 1375 * A CA_SUNW_NULL tag terminates a capabilities group. 1376 * If the first capabilities tag is CA_SUNW_NULL, then 1377 * no object capabilities exist. 1378 */ 1379 if ((nulls++ == 0) && (cnum == 0)) 1380 objcap = 0; 1381 title = 1; 1382 } else { 1383 if (title) { 1384 if (nulls == 0) { 1385 /* 1386 * If this capabilities group represents 1387 * the object capabilities (i.e., no 1388 * CA_SUNW_NULL tag has been processed 1389 * yet), then display an object 1390 * capabilities title. 1391 */ 1392 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1393 dbg_print(0, 1394 MSG_INTL(MSG_OBJ_CAP_TITLE)); 1395 } else { 1396 /* 1397 * If this is a symbols capabilities 1398 * group (i.e., a CA_SUNW_NULL tag has 1399 * already be found that terminates 1400 * the object capabilities group), then 1401 * display a symbol capabilities title, 1402 * and retain this capabilities index 1403 * for later processing. 1404 */ 1405 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1406 dbg_print(0, 1407 MSG_INTL(MSG_SYM_CAP_TITLE)); 1408 descapndx = cnum; 1409 } 1410 Elf_cap_title(0); 1411 title = 0; 1412 } 1413 1414 /* 1415 * Print the capabilities data. 1416 * 1417 * Note that CA_SUNW_PLAT, CA_SUNW_MACH and CA_SUNW_ID 1418 * entries require a string table, which should have 1419 * already been established. 1420 */ 1421 if ((strs == NULL) && ((cap->c_tag == CA_SUNW_PLAT) || 1422 (cap->c_tag == CA_SUNW_MACH) || 1423 (cap->c_tag == CA_SUNW_ID))) { 1424 (void) fprintf(stderr, 1425 MSG_INTL(MSG_WARN_INVCAP4), file, 1426 EC_WORD(elf_ndxscn(ccache->c_scn)), 1427 ccache->c_name, EC_WORD(cshdr->sh_info)); 1428 } 1429 Elf_cap_entry(0, cap, cnum, strs, strs_size, 1430 ehdr->e_machine); 1431 } 1432 1433 /* 1434 * If this CA_SUNW_NULL tag terminates a symbol capabilities 1435 * group, determine the associated symbols. 1436 */ 1437 if ((cap->c_tag == CA_SUNW_NULL) && (nulls > 1) && 1438 (descapndx != -1)) { 1439 Capinfo *cip; 1440 Word inum; 1441 1442 symcaps++; 1443 1444 /* 1445 * Make sure we've discovered a SHT_SUNW_capinfo table. 1446 */ 1447 if ((cip = capinfo) == NULL) { 1448 (void) fprintf(stderr, 1449 MSG_INTL(MSG_ERR_INVCAP), file, 1450 ccache->c_name, EC_WORD(cshdr->sh_link)); 1451 return (0); 1452 } 1453 1454 /* 1455 * Determine what symbols reference this capabilities 1456 * group. 1457 */ 1458 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1459 dbg_print(0, MSG_INTL(MSG_CAPINFO_ENTRIES)); 1460 Elf_syms_table_title(0, ELF_DBG_ELFDUMP); 1461 1462 for (inum = 1, cip++; inum < capinfonum; 1463 inum++, cip++) { 1464 Word gndx = (Word)ELF_C_GROUP(*cip); 1465 1466 if (gndx && (gndx == descapndx)) { 1467 output_symbol(&state, inum, 0, 1468 inum, state.sym + inum); 1469 } 1470 } 1471 descapndx = -1; 1472 continue; 1473 } 1474 1475 /* 1476 * An SF1_SUNW_ADDR32 software capability tag in a 32-bit 1477 * object is suspicious as it has no effect. 1478 */ 1479 if ((cap->c_tag == CA_SUNW_SF_1) && 1480 (ehdr->e_ident[EI_CLASS] == ELFCLASS32) && 1481 (cap->c_un.c_val & SF1_SUNW_ADDR32)) { 1482 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INADDR32SF1), 1483 file, ccache->c_name); 1484 } 1485 } 1486 1487 /* 1488 * If this is a dynamic object, with symbol capabilities, then a 1489 * .SUNW_capchain section should exist. This section contains a chain 1490 * of symbol indexes for each capabilities family. This is the list 1491 * that is searched by ld.so.1 to determine the best capabilities 1492 * candidate. 1493 * 1494 * Note, more than one capabilities lead symbol can point to the same 1495 * family chain. For example, a weak/global pair of symbols can both 1496 * represent the same family of capabilities symbols. Therefore, to 1497 * display all possible families we traverse the capabilities 1498 * information section looking for CAPINFO_SUNW_GLOB lead symbols. 1499 * From these we determine the associated capabilities chain to inspect. 1500 */ 1501 if (symcaps && 1502 ((ehdr->e_type == ET_EXEC) || (ehdr->e_type == ET_DYN))) { 1503 Capinfo *cip; 1504 Capchain *chain; 1505 Cache *chcache; 1506 Shdr *chshdr; 1507 Word chainnum, inum; 1508 1509 /* 1510 * Validate that the sh_info field of the capabilities 1511 * information section points to a capabilities chain section. 1512 */ 1513 if (cishdr->sh_info >= shnum) { 1514 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1515 file, cicache->c_name, EC_WORD(cishdr->sh_info)); 1516 return (0); 1517 } 1518 1519 chcache = &cache[cishdr->sh_info]; 1520 chshdr = chcache->c_shdr; 1521 1522 if (chshdr->sh_type != SHT_SUNW_capchain) { 1523 (void) fprintf(stderr, MSG_INTL(MSG_ERR_INVCAPINFO2), 1524 file, cicache->c_name, EC_WORD(cishdr->sh_info)); 1525 return (0); 1526 } 1527 1528 chainnum = (Word)(chshdr->sh_size / chshdr->sh_entsize); 1529 chain = (Capchain *)chcache->c_data->d_buf; 1530 1531 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1532 dbg_print(0, MSG_INTL(MSG_ELF_SCN_CAPCHAIN), chcache->c_name); 1533 1534 /* 1535 * Traverse the capabilities information section looking for 1536 * CAPINFO_SUNW_GLOB lead capabilities symbols. 1537 */ 1538 cip = capinfo; 1539 for (inum = 1, cip++; inum < capinfonum; inum++, cip++) { 1540 const char *name; 1541 Sym *sym; 1542 Word sndx, cndx; 1543 Word gndx = (Word)ELF_C_GROUP(*cip); 1544 1545 if ((gndx == 0) || (gndx != CAPINFO_SUNW_GLOB)) 1546 continue; 1547 1548 /* 1549 * Determine the symbol that is associated with this 1550 * capability information entry, and use this to 1551 * identify this capability family. 1552 */ 1553 sym = (Sym *)(state.sym + inum); 1554 name = string(cicache, inum, strcache, file, 1555 sym->st_name); 1556 1557 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1558 dbg_print(0, MSG_INTL(MSG_CAPCHAIN_TITLE), name); 1559 dbg_print(0, MSG_INTL(MSG_CAPCHAIN_ENTRY)); 1560 1561 cndx = (Word)ELF_C_SYM(*cip); 1562 1563 /* 1564 * Traverse this families chain and identify each 1565 * family member. 1566 */ 1567 for (;;) { 1568 char _chain[MAXNDXSIZE], _symndx[MAXNDXSIZE]; 1569 1570 if (cndx >= chainnum) { 1571 (void) fprintf(stderr, 1572 MSG_INTL(MSG_ERR_INVCAPINFO3), file, 1573 cicache->c_name, EC_WORD(inum), 1574 EC_WORD(cndx)); 1575 break; 1576 } 1577 if ((sndx = chain[cndx]) == 0) 1578 break; 1579 1580 /* 1581 * Determine this entries symbol reference. 1582 */ 1583 if (sndx > state.symn) { 1584 (void) fprintf(stderr, 1585 MSG_INTL(MSG_ERR_CHBADSYMNDX), file, 1586 EC_WORD(sndx), chcache->c_name, 1587 EC_WORD(cndx)); 1588 name = MSG_INTL(MSG_STR_UNKNOWN); 1589 } else { 1590 sym = (Sym *)(state.sym + sndx); 1591 name = string(chcache, sndx, 1592 strcache, file, sym->st_name); 1593 } 1594 1595 /* 1596 * Display the family member. 1597 */ 1598 (void) snprintf(_chain, MAXNDXSIZE, 1599 MSG_ORIG(MSG_FMT_INTEGER), cndx); 1600 (void) snprintf(_symndx, MAXNDXSIZE, 1601 MSG_ORIG(MSG_FMT_INDEX2), EC_WORD(sndx)); 1602 dbg_print(0, MSG_ORIG(MSG_FMT_CHAIN_INFO), 1603 _chain, _symndx, demangle(name, flags)); 1604 1605 cndx++; 1606 } 1607 } 1608 } 1609 return (objcap); 1610 } 1611 1612 /* 1613 * Print the capabilities. 1614 * 1615 * A .SUNW_cap section can contain one or more, CA_SUNW_NULL terminated, 1616 * capabilities groups. The first group defines the object capabilities. 1617 * This group defines the minimum capability requirements of the entire 1618 * object file. If this is a dynamic object, this group should be associated 1619 * with a PT_SUNWCAP program header. 1620 * 1621 * Additional capabilities groups define the association of individual symbols 1622 * to specific capabilities. 1623 */ 1624 static void 1625 cap(const char *file, Cache *cache, Word shnum, Word phnum, Ehdr *ehdr, 1626 uchar_t osabi, Elf *elf, uint_t flags) 1627 { 1628 Word cnt; 1629 Shdr *cshdr = NULL; 1630 Cache *ccache; 1631 Off cphdr_off = 0; 1632 Xword cphdr_sz; 1633 1634 /* 1635 * Determine if a global capabilities header exists. 1636 */ 1637 if (phnum) { 1638 Phdr *phdr; 1639 1640 if ((phdr = elf_getphdr(elf)) == NULL) { 1641 failure(file, MSG_ORIG(MSG_ELF_GETPHDR)); 1642 return; 1643 } 1644 1645 for (cnt = 0; cnt < phnum; phdr++, cnt++) { 1646 if (phdr->p_type == PT_SUNWCAP) { 1647 cphdr_off = phdr->p_offset; 1648 cphdr_sz = phdr->p_filesz; 1649 break; 1650 } 1651 } 1652 } 1653 1654 /* 1655 * Determine if a capabilities section exists. 1656 */ 1657 for (cnt = 1; cnt < shnum; cnt++) { 1658 Cache *_cache = &cache[cnt]; 1659 Shdr *shdr = _cache->c_shdr; 1660 1661 /* 1662 * Process any capabilities information. 1663 */ 1664 if (shdr->sh_type == SHT_SUNW_cap) { 1665 if (cap_section(file, cache, shnum, _cache, osabi, 1666 ehdr, flags)) { 1667 /* 1668 * If this section defined an object capability 1669 * group, retain the section information for 1670 * program header validation. 1671 */ 1672 ccache = _cache; 1673 cshdr = shdr; 1674 } 1675 continue; 1676 } 1677 } 1678 1679 if ((cshdr == NULL) && (cphdr_off == 0)) 1680 return; 1681 1682 if (cphdr_off && (cshdr == NULL)) 1683 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVCAP1), file); 1684 1685 /* 1686 * If this object is an executable or shared object, and it provided 1687 * an object capabilities group, then the group should have an 1688 * accompanying PT_SUNWCAP program header. 1689 */ 1690 if (cshdr && ((ehdr->e_type == ET_EXEC) || (ehdr->e_type == ET_DYN))) { 1691 if (cphdr_off == 0) { 1692 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVCAP2), 1693 file, EC_WORD(elf_ndxscn(ccache->c_scn)), 1694 ccache->c_name); 1695 } else if ((cphdr_off != cshdr->sh_offset) || 1696 (cphdr_sz != cshdr->sh_size)) { 1697 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVCAP3), 1698 file, EC_WORD(elf_ndxscn(ccache->c_scn)), 1699 ccache->c_name); 1700 } 1701 } 1702 } 1703 1704 /* 1705 * Print the interpretor. 1706 */ 1707 static void 1708 interp(const char *file, Cache *cache, Word shnum, Word phnum, Elf *elf) 1709 { 1710 static Word phdr_types[] = { PT_INTERP }; 1711 1712 1713 Word cnt; 1714 Shdr *ishdr = NULL; 1715 Cache *icache; 1716 Off iphdr_off = 0; 1717 Xword iphdr_fsz; 1718 1719 /* 1720 * Determine if an interp header exists. 1721 */ 1722 if (phnum) { 1723 Phdr *phdr; 1724 1725 phdr = getphdr(phnum, phdr_types, 1726 sizeof (phdr_types) / sizeof (*phdr_types), file, elf); 1727 if (phdr != NULL) { 1728 iphdr_off = phdr->p_offset; 1729 iphdr_fsz = phdr->p_filesz; 1730 } 1731 } 1732 1733 if (iphdr_off == 0) 1734 return; 1735 1736 /* 1737 * Determine if an interp section exists. 1738 */ 1739 for (cnt = 1; cnt < shnum; cnt++) { 1740 Cache *_cache = &cache[cnt]; 1741 Shdr *shdr = _cache->c_shdr; 1742 1743 /* 1744 * Scan sections to find a section which contains the PT_INTERP 1745 * string. The target section can't be in a NOBITS section. 1746 */ 1747 if ((shdr->sh_type == SHT_NOBITS) || 1748 (iphdr_off < shdr->sh_offset) || 1749 (iphdr_off + iphdr_fsz) > (shdr->sh_offset + shdr->sh_size)) 1750 continue; 1751 1752 icache = _cache; 1753 ishdr = shdr; 1754 break; 1755 } 1756 1757 /* 1758 * Print the interpreter string based on the offset defined in the 1759 * program header, as this is the offset used by the kernel. 1760 */ 1761 if (ishdr && icache->c_data) { 1762 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1763 dbg_print(0, MSG_INTL(MSG_ELF_SCN_INTERP), icache->c_name); 1764 dbg_print(0, MSG_ORIG(MSG_FMT_INDENT), 1765 (char *)icache->c_data->d_buf + 1766 (iphdr_off - ishdr->sh_offset)); 1767 } else 1768 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVINTERP1), file); 1769 1770 /* 1771 * If there are any inconsistences between the program header and 1772 * section information, flag them. 1773 */ 1774 if (ishdr && ((iphdr_off != ishdr->sh_offset) || 1775 (iphdr_fsz != ishdr->sh_size))) { 1776 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVINTERP2), file, 1777 icache->c_name); 1778 } 1779 } 1780 1781 /* 1782 * Print the syminfo section. 1783 */ 1784 static void 1785 syminfo(Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, const char *file) 1786 { 1787 Shdr *infoshdr; 1788 Syminfo *info; 1789 Sym *syms; 1790 Dyn *dyns; 1791 Word infonum, cnt, ndx, symnum, dynnum; 1792 Cache *infocache = NULL, *dyncache = NULL, *symsec, *strsec; 1793 Boolean *dynerr; 1794 1795 for (cnt = 1; cnt < shnum; cnt++) { 1796 if (cache[cnt].c_shdr->sh_type == SHT_SUNW_syminfo) { 1797 infocache = &cache[cnt]; 1798 break; 1799 } 1800 } 1801 if (infocache == NULL) 1802 return; 1803 1804 infoshdr = infocache->c_shdr; 1805 if ((infoshdr->sh_entsize == 0) || (infoshdr->sh_size == 0)) { 1806 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 1807 file, infocache->c_name); 1808 return; 1809 } 1810 if (infocache->c_data == NULL) 1811 return; 1812 1813 infonum = (Word)(infoshdr->sh_size / infoshdr->sh_entsize); 1814 info = (Syminfo *)infocache->c_data->d_buf; 1815 1816 /* 1817 * If there is no associated dynamic section, determine if one 1818 * is needed, and if so issue a warning. If there is an 1819 * associated dynamic section, validate it and get the data buffer 1820 * for it. 1821 */ 1822 dyns = NULL; 1823 dynnum = 0; 1824 if (infoshdr->sh_info == 0) { 1825 Syminfo *_info = info + 1; 1826 1827 for (ndx = 1; ndx < infonum; ndx++, _info++) { 1828 if ((_info->si_flags == 0) && (_info->si_boundto == 0)) 1829 continue; 1830 1831 if (_info->si_boundto < SYMINFO_BT_LOWRESERVE) 1832 (void) fprintf(stderr, 1833 MSG_INTL(MSG_ERR_BADSHINFO), file, 1834 infocache->c_name, 1835 EC_WORD(infoshdr->sh_info)); 1836 } 1837 } else if ((infoshdr->sh_info >= shnum) || 1838 (cache[infoshdr->sh_info].c_shdr->sh_type != SHT_DYNAMIC)) { 1839 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHINFO), 1840 file, infocache->c_name, EC_WORD(infoshdr->sh_info)); 1841 } else { 1842 dyncache = &cache[infoshdr->sh_info]; 1843 if ((dyncache->c_data == NULL) || 1844 ((dyns = dyncache->c_data->d_buf) == NULL)) { 1845 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 1846 file, dyncache->c_name); 1847 } 1848 if (dyns != NULL) { 1849 dynnum = dyncache->c_shdr->sh_size / 1850 dyncache->c_shdr->sh_entsize; 1851 1852 /* 1853 * We validate the type of dynamic elements referenced 1854 * from the syminfo. This array is used report any 1855 * bad dynamic entries. 1856 */ 1857 if ((dynerr = calloc(dynnum, sizeof (*dynerr))) == 1858 NULL) { 1859 int err = errno; 1860 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 1861 file, strerror(err)); 1862 return; 1863 } 1864 } 1865 } 1866 1867 /* 1868 * Get the data buffer for the associated symbol table and string table. 1869 */ 1870 if (stringtbl(cache, 1, cnt, shnum, file, 1871 &symnum, &symsec, &strsec) == 0) 1872 return; 1873 1874 syms = symsec->c_data->d_buf; 1875 1876 /* 1877 * Loop through the syminfo entries. 1878 */ 1879 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1880 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMINFO), infocache->c_name); 1881 Elf_syminfo_title(0); 1882 1883 for (ndx = 1, info++; ndx < infonum; ndx++, info++) { 1884 Sym *sym; 1885 const char *needed, *name; 1886 Word expect_dt; 1887 Word boundto = info->si_boundto; 1888 1889 if ((info->si_flags == 0) && (boundto == 0)) 1890 continue; 1891 1892 sym = &syms[ndx]; 1893 name = string(infocache, ndx, strsec, file, sym->st_name); 1894 1895 /* Is si_boundto set to one of the reserved values? */ 1896 if (boundto >= SYMINFO_BT_LOWRESERVE) { 1897 Elf_syminfo_entry(0, ndx, info, name, NULL); 1898 continue; 1899 } 1900 1901 /* 1902 * si_boundto is referencing a dynamic section. If we don't 1903 * have one, an error was already issued above, so it suffices 1904 * to display an empty string. If we are out of bounds, then 1905 * report that and then display an empty string. 1906 */ 1907 if ((dyns == NULL) || (boundto >= dynnum)) { 1908 if (dyns != NULL) 1909 (void) fprintf(stderr, 1910 MSG_INTL(MSG_ERR_BADSIDYNNDX), file, 1911 infocache->c_ndx, infocache->c_name, 1912 EC_WORD(ndx), EC_WORD(dynnum - 1), 1913 EC_WORD(boundto)); 1914 Elf_syminfo_entry(0, ndx, info, name, 1915 MSG_ORIG(MSG_STR_EMPTY)); 1916 continue; 1917 } 1918 1919 /* 1920 * The si_boundto reference expects a specific dynamic element 1921 * type at the given index. The dynamic element is always a 1922 * string that gives an object name. The specific type depends 1923 * on the si_flags present. Ensure that we've got the right 1924 * type. 1925 */ 1926 if (info->si_flags & SYMINFO_FLG_FILTER) 1927 expect_dt = DT_SUNW_FILTER; 1928 else if (info->si_flags & SYMINFO_FLG_AUXILIARY) 1929 expect_dt = DT_SUNW_AUXILIARY; 1930 else if (info->si_flags & (SYMINFO_FLG_DIRECT | 1931 SYMINFO_FLG_LAZYLOAD | SYMINFO_FLG_DIRECTBIND)) 1932 expect_dt = DT_NEEDED; 1933 else 1934 expect_dt = DT_NULL; /* means we ignore the type */ 1935 1936 if ((dyns[boundto].d_tag != expect_dt) && 1937 (expect_dt != DT_NULL)) { 1938 Conv_inv_buf_t buf1, buf2; 1939 1940 /* Only complain about each dynamic element once */ 1941 if (!dynerr[boundto]) { 1942 (void) fprintf(stderr, 1943 MSG_INTL(MSG_ERR_BADSIDYNTAG), 1944 file, infocache->c_ndx, infocache->c_name, 1945 EC_WORD(ndx), dyncache->c_ndx, 1946 dyncache->c_name, EC_WORD(boundto), 1947 conv_dyn_tag(expect_dt, osabi, 1948 ehdr->e_machine, CONV_FMT_ALT_CF, &buf1), 1949 conv_dyn_tag(dyns[boundto].d_tag, osabi, 1950 ehdr->e_machine, CONV_FMT_ALT_CF, &buf2)); 1951 dynerr[boundto] = TRUE; 1952 } 1953 } 1954 1955 /* 1956 * Whether or not the DT item we're pointing at is 1957 * of the right type, if it's a type we recognize as 1958 * providing a string, go ahead and show it. Otherwise 1959 * an empty string. 1960 */ 1961 switch (dyns[boundto].d_tag) { 1962 case DT_NEEDED: 1963 case DT_SONAME: 1964 case DT_RPATH: 1965 case DT_RUNPATH: 1966 case DT_CONFIG: 1967 case DT_DEPAUDIT: 1968 case DT_USED: 1969 case DT_AUDIT: 1970 case DT_SUNW_AUXILIARY: 1971 case DT_SUNW_FILTER: 1972 case DT_FILTER: 1973 case DT_AUXILIARY: 1974 needed = string(infocache, boundto, 1975 strsec, file, dyns[boundto].d_un.d_val); 1976 break; 1977 default: 1978 needed = MSG_ORIG(MSG_STR_EMPTY); 1979 } 1980 Elf_syminfo_entry(0, ndx, info, name, needed); 1981 } 1982 if (dyns != NULL) 1983 free(dynerr); 1984 } 1985 1986 /* 1987 * Print version definition section entries. 1988 */ 1989 static void 1990 version_def(Verdef *vdf, Word vdf_num, Cache *vcache, Cache *scache, 1991 const char *file) 1992 { 1993 Word cnt; 1994 char index[MAXNDXSIZE]; 1995 1996 Elf_ver_def_title(0); 1997 1998 for (cnt = 1; cnt <= vdf_num; cnt++, 1999 vdf = (Verdef *)((uintptr_t)vdf + vdf->vd_next)) { 2000 Conv_ver_flags_buf_t ver_flags_buf; 2001 const char *name, *dep; 2002 Half vcnt = vdf->vd_cnt - 1; 2003 Half ndx = vdf->vd_ndx; 2004 Verdaux *vdap = (Verdaux *)((uintptr_t)vdf + vdf->vd_aux); 2005 2006 /* 2007 * Obtain the name and first dependency (if any). 2008 */ 2009 name = string(vcache, cnt, scache, file, vdap->vda_name); 2010 vdap = (Verdaux *)((uintptr_t)vdap + vdap->vda_next); 2011 if (vcnt) 2012 dep = string(vcache, cnt, scache, file, vdap->vda_name); 2013 else 2014 dep = MSG_ORIG(MSG_STR_EMPTY); 2015 2016 (void) snprintf(index, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INDEX), 2017 EC_XWORD(ndx)); 2018 Elf_ver_line_1(0, index, name, dep, 2019 conv_ver_flags(vdf->vd_flags, 0, &ver_flags_buf)); 2020 2021 /* 2022 * Print any additional dependencies. 2023 */ 2024 if (vcnt) { 2025 vdap = (Verdaux *)((uintptr_t)vdap + vdap->vda_next); 2026 for (vcnt--; vcnt; vcnt--, 2027 vdap = (Verdaux *)((uintptr_t)vdap + 2028 vdap->vda_next)) { 2029 dep = string(vcache, cnt, scache, file, 2030 vdap->vda_name); 2031 Elf_ver_line_2(0, MSG_ORIG(MSG_STR_EMPTY), dep); 2032 } 2033 } 2034 } 2035 } 2036 2037 /* 2038 * Print version needed section entries. 2039 * 2040 * entry: 2041 * vnd - Address of verneed data 2042 * vnd_num - # of Verneed entries 2043 * vcache - Cache of verneed section being processed 2044 * scache - Cache of associated string table section 2045 * file - Name of object being processed. 2046 * versym - Information about versym section 2047 * 2048 * exit: 2049 * The versions have been printed. If GNU style versioning 2050 * is in effect, versym->max_verndx has been updated to 2051 * contain the largest version index seen. 2052 * 2053 * note: 2054 * The versym section of an object that follows the original 2055 * Solaris versioning rules only contains indexes into the verdef 2056 * section. Symbols defined in other objects (UNDEF) are given 2057 * a version of 0, indicating that they are not defined by 2058 * this file, and the Verneed entries do not have associated version 2059 * indexes. For these reasons, we do not display a version index 2060 * for original-style Verneed sections. 2061 * 2062 * The GNU versioning extensions alter this: Symbols defined in other 2063 * objects receive a version index in the range above those defined 2064 * by the Verdef section, and the vna_other field of the Vernaux 2065 * structs inside the Verneed section contain the version index for 2066 * that item. We therefore display the index when showing the 2067 * contents of a GNU style Verneed section. You should not 2068 * necessarily expect these indexes to appear in sorted 2069 * order --- it seems that the GNU ld assigns the versions as 2070 * symbols are encountered during linking, and then the results 2071 * are assembled into the Verneed section afterwards. 2072 */ 2073 static void 2074 version_need(Verneed *vnd, Word vnd_num, Cache *vcache, Cache *scache, 2075 const char *file, VERSYM_STATE *versym) 2076 { 2077 Word cnt; 2078 char index[MAXNDXSIZE]; 2079 const char *index_str; 2080 2081 Elf_ver_need_title(0, versym->gnu_needed); 2082 2083 for (cnt = 1; cnt <= vnd_num; cnt++, 2084 vnd = (Verneed *)((uintptr_t)vnd + vnd->vn_next)) { 2085 Conv_ver_flags_buf_t ver_flags_buf; 2086 const char *name, *dep; 2087 Half vcnt = vnd->vn_cnt; 2088 Vernaux *vnap = (Vernaux *)((uintptr_t)vnd + vnd->vn_aux); 2089 2090 /* 2091 * Obtain the name of the needed file and the version name 2092 * within it that we're dependent on. Note that the count 2093 * should be at least one, otherwise this is a pretty bogus 2094 * entry. 2095 */ 2096 name = string(vcache, cnt, scache, file, vnd->vn_file); 2097 if (vcnt) 2098 dep = string(vcache, cnt, scache, file, vnap->vna_name); 2099 else 2100 dep = MSG_INTL(MSG_STR_NULL); 2101 2102 if (vnap->vna_other == 0) { /* Traditional form */ 2103 index_str = MSG_ORIG(MSG_STR_EMPTY); 2104 } else { /* GNU form */ 2105 index_str = index; 2106 /* Format the version index value */ 2107 (void) snprintf(index, MAXNDXSIZE, 2108 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(vnap->vna_other)); 2109 if (vnap->vna_other > versym->max_verndx) 2110 versym->max_verndx = vnap->vna_other; 2111 } 2112 Elf_ver_line_1(0, index_str, name, dep, 2113 conv_ver_flags(vnap->vna_flags, 0, &ver_flags_buf)); 2114 2115 /* 2116 * Print any additional version dependencies. 2117 */ 2118 if (vcnt) { 2119 vnap = (Vernaux *)((uintptr_t)vnap + vnap->vna_next); 2120 for (vcnt--; vcnt; vcnt--, 2121 vnap = (Vernaux *)((uintptr_t)vnap + 2122 vnap->vna_next)) { 2123 dep = string(vcache, cnt, scache, file, 2124 vnap->vna_name); 2125 if (vnap->vna_other > 0) { 2126 /* Format the next index value */ 2127 (void) snprintf(index, MAXNDXSIZE, 2128 MSG_ORIG(MSG_FMT_INDEX), 2129 EC_XWORD(vnap->vna_other)); 2130 Elf_ver_line_1(0, index, 2131 MSG_ORIG(MSG_STR_EMPTY), dep, 2132 conv_ver_flags(vnap->vna_flags, 2133 0, &ver_flags_buf)); 2134 if (vnap->vna_other > 2135 versym->max_verndx) 2136 versym->max_verndx = 2137 vnap->vna_other; 2138 } else { 2139 Elf_ver_line_3(0, 2140 MSG_ORIG(MSG_STR_EMPTY), dep, 2141 conv_ver_flags(vnap->vna_flags, 2142 0, &ver_flags_buf)); 2143 } 2144 } 2145 } 2146 } 2147 } 2148 2149 /* 2150 * Examine the Verneed section for information related to GNU 2151 * style Versym indexing: 2152 * - A non-zero vna_other field indicates that Versym indexes can 2153 * reference Verneed records. 2154 * - If the object uses GNU style Versym indexing, the 2155 * maximum index value is needed to detect bad Versym entries. 2156 * 2157 * entry: 2158 * vnd - Address of verneed data 2159 * vnd_num - # of Verneed entries 2160 * versym - Information about versym section 2161 * 2162 * exit: 2163 * If a non-zero vna_other field is seen, versym->gnu_needed is set. 2164 * 2165 * versym->max_verndx has been updated to contain the largest 2166 * version index seen. 2167 */ 2168 static void 2169 update_gnu_verndx(Verneed *vnd, Word vnd_num, VERSYM_STATE *versym) 2170 { 2171 Word cnt; 2172 2173 for (cnt = 1; cnt <= vnd_num; cnt++, 2174 vnd = (Verneed *)((uintptr_t)vnd + vnd->vn_next)) { 2175 Half vcnt = vnd->vn_cnt; 2176 Vernaux *vnap = (Vernaux *)((uintptr_t)vnd + vnd->vn_aux); 2177 2178 /* 2179 * A non-zero value of vna_other indicates that this 2180 * object references VERNEED items from the VERSYM 2181 * array. 2182 */ 2183 if (vnap->vna_other != 0) { 2184 versym->gnu_needed = 1; 2185 if (vnap->vna_other > versym->max_verndx) 2186 versym->max_verndx = vnap->vna_other; 2187 } 2188 2189 /* 2190 * Check any additional version dependencies. 2191 */ 2192 if (vcnt) { 2193 vnap = (Vernaux *)((uintptr_t)vnap + vnap->vna_next); 2194 for (vcnt--; vcnt; vcnt--, 2195 vnap = (Vernaux *)((uintptr_t)vnap + 2196 vnap->vna_next)) { 2197 if (vnap->vna_other == 0) 2198 continue; 2199 2200 versym->gnu_needed = 1; 2201 if (vnap->vna_other > versym->max_verndx) 2202 versym->max_verndx = vnap->vna_other; 2203 } 2204 } 2205 } 2206 } 2207 2208 /* 2209 * Display version section information if the flags require it. 2210 * Return version information needed by other output. 2211 * 2212 * entry: 2213 * cache - Cache of all section headers 2214 * shnum - # of sections in cache 2215 * file - Name of file 2216 * flags - Command line option flags 2217 * versym - VERSYM_STATE block to be filled in. 2218 */ 2219 static void 2220 versions(Cache *cache, Word shnum, const char *file, uint_t flags, 2221 VERSYM_STATE *versym) 2222 { 2223 GElf_Word cnt; 2224 Cache *verdef_cache = NULL, *verneed_cache = NULL; 2225 2226 2227 /* Gather information about the version sections */ 2228 versym->max_verndx = 1; 2229 for (cnt = 1; cnt < shnum; cnt++) { 2230 Cache *_cache = &cache[cnt]; 2231 Shdr *shdr = _cache->c_shdr; 2232 Dyn *dyn; 2233 ulong_t numdyn; 2234 2235 switch (shdr->sh_type) { 2236 case SHT_DYNAMIC: 2237 /* 2238 * The GNU ld puts a DT_VERSYM entry in the dynamic 2239 * section so that the runtime linker can use it to 2240 * implement their versioning rules. They allow multiple 2241 * incompatible functions with the same name to exist 2242 * in different versions. The Solaris ld does not 2243 * support this mechanism, and as such, does not 2244 * produce DT_VERSYM. We use this fact to determine 2245 * which ld produced this object, and how to interpret 2246 * the version values. 2247 */ 2248 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0) || 2249 (_cache->c_data == NULL)) 2250 continue; 2251 numdyn = shdr->sh_size / shdr->sh_entsize; 2252 dyn = (Dyn *)_cache->c_data->d_buf; 2253 for (; numdyn-- > 0; dyn++) 2254 if (dyn->d_tag == DT_VERSYM) { 2255 versym->gnu_full = 2256 versym->gnu_needed = 1; 2257 break; 2258 } 2259 break; 2260 2261 case SHT_SUNW_versym: 2262 /* Record data address for later symbol processing */ 2263 if (_cache->c_data != NULL) { 2264 versym->cache = _cache; 2265 versym->data = _cache->c_data->d_buf; 2266 continue; 2267 } 2268 break; 2269 2270 case SHT_SUNW_verdef: 2271 case SHT_SUNW_verneed: 2272 /* 2273 * Ensure the data is non-NULL and the number 2274 * of items is non-zero. Otherwise, we don't 2275 * understand the section, and will not use it. 2276 */ 2277 if ((_cache->c_data == NULL) || 2278 (_cache->c_data->d_buf == NULL)) { 2279 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 2280 file, _cache->c_name); 2281 continue; 2282 } 2283 if (shdr->sh_info == 0) { 2284 (void) fprintf(stderr, 2285 MSG_INTL(MSG_ERR_BADSHINFO), 2286 file, _cache->c_name, 2287 EC_WORD(shdr->sh_info)); 2288 continue; 2289 } 2290 2291 /* Make sure the string table index is in range */ 2292 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 2293 (void) fprintf(stderr, 2294 MSG_INTL(MSG_ERR_BADSHLINK), file, 2295 _cache->c_name, EC_WORD(shdr->sh_link)); 2296 continue; 2297 } 2298 2299 /* 2300 * The section is usable. Save the cache entry. 2301 */ 2302 if (shdr->sh_type == SHT_SUNW_verdef) { 2303 verdef_cache = _cache; 2304 /* 2305 * Under Solaris rules, if there is a verdef 2306 * section, the max versym index is number 2307 * of version definitions it supplies. 2308 */ 2309 versym->max_verndx = shdr->sh_info; 2310 } else { 2311 verneed_cache = _cache; 2312 } 2313 break; 2314 } 2315 } 2316 2317 /* 2318 * If there is a Verneed section, examine it for information 2319 * related to GNU style versioning. 2320 */ 2321 if (verneed_cache != NULL) 2322 update_gnu_verndx((Verneed *)verneed_cache->c_data->d_buf, 2323 verneed_cache->c_shdr->sh_info, versym); 2324 2325 /* 2326 * Now that all the information is available, display the 2327 * Verdef and Verneed section contents, if requested. 2328 */ 2329 if ((flags & FLG_SHOW_VERSIONS) == 0) 2330 return; 2331 if (verdef_cache != NULL) { 2332 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2333 dbg_print(0, MSG_INTL(MSG_ELF_SCN_VERDEF), 2334 verdef_cache->c_name); 2335 version_def((Verdef *)verdef_cache->c_data->d_buf, 2336 verdef_cache->c_shdr->sh_info, verdef_cache, 2337 &cache[verdef_cache->c_shdr->sh_link], file); 2338 } 2339 if (verneed_cache != NULL) { 2340 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2341 dbg_print(0, MSG_INTL(MSG_ELF_SCN_VERNEED), 2342 verneed_cache->c_name); 2343 /* 2344 * If GNU versioning applies to this object, version_need() 2345 * will update versym->max_verndx, and it is not 2346 * necessary to call update_gnu_verndx(). 2347 */ 2348 version_need((Verneed *)verneed_cache->c_data->d_buf, 2349 verneed_cache->c_shdr->sh_info, verneed_cache, 2350 &cache[verneed_cache->c_shdr->sh_link], file, versym); 2351 } 2352 } 2353 2354 /* 2355 * Search for and process any symbol tables. 2356 */ 2357 void 2358 symbols(Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, 2359 VERSYM_STATE *versym, const char *file, uint_t flags) 2360 { 2361 SYMTBL_STATE state; 2362 Cache *_cache; 2363 Word secndx; 2364 2365 for (secndx = 1; secndx < shnum; secndx++) { 2366 Word symcnt; 2367 Shdr *shdr; 2368 2369 _cache = &cache[secndx]; 2370 shdr = _cache->c_shdr; 2371 2372 if ((shdr->sh_type != SHT_SYMTAB) && 2373 (shdr->sh_type != SHT_DYNSYM) && 2374 ((shdr->sh_type != SHT_SUNW_LDYNSYM) || 2375 (osabi != ELFOSABI_SOLARIS))) 2376 continue; 2377 if (!match(MATCH_F_ALL, _cache->c_name, secndx, shdr->sh_type)) 2378 continue; 2379 2380 if (!init_symtbl_state(&state, cache, shnum, secndx, ehdr, 2381 osabi, versym, file, flags)) 2382 continue; 2383 /* 2384 * Loop through the symbol tables entries. 2385 */ 2386 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2387 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMTAB), state.secname); 2388 Elf_syms_table_title(0, ELF_DBG_ELFDUMP); 2389 2390 for (symcnt = 0; symcnt < state.symn; symcnt++) 2391 output_symbol(&state, symcnt, shdr->sh_info, symcnt, 2392 state.sym + symcnt); 2393 } 2394 } 2395 2396 /* 2397 * Search for and process any SHT_SUNW_symsort or SHT_SUNW_tlssort sections. 2398 * These sections are always associated with the .SUNW_ldynsym./.dynsym pair. 2399 */ 2400 static void 2401 sunw_sort(Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, 2402 VERSYM_STATE *versym, const char *file, uint_t flags) 2403 { 2404 SYMTBL_STATE ldynsym_state, dynsym_state; 2405 Cache *sortcache, *symcache; 2406 Shdr *sortshdr, *symshdr; 2407 Word sortsecndx, symsecndx; 2408 Word ldynsym_cnt; 2409 Word *ndx; 2410 Word ndxn; 2411 int output_cnt = 0; 2412 Conv_inv_buf_t inv_buf; 2413 2414 for (sortsecndx = 1; sortsecndx < shnum; sortsecndx++) { 2415 2416 sortcache = &cache[sortsecndx]; 2417 sortshdr = sortcache->c_shdr; 2418 2419 if ((sortshdr->sh_type != SHT_SUNW_symsort) && 2420 (sortshdr->sh_type != SHT_SUNW_tlssort)) 2421 continue; 2422 if (!match(MATCH_F_ALL, sortcache->c_name, sortsecndx, 2423 sortshdr->sh_type)) 2424 continue; 2425 2426 /* 2427 * If the section references a SUNW_ldynsym, then we 2428 * expect to see the associated .dynsym immediately 2429 * following. If it references a .dynsym, there is no 2430 * SUNW_ldynsym. If it is any other type, then we don't 2431 * know what to do with it. 2432 */ 2433 if ((sortshdr->sh_link == 0) || (sortshdr->sh_link >= shnum)) { 2434 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 2435 file, sortcache->c_name, 2436 EC_WORD(sortshdr->sh_link)); 2437 continue; 2438 } 2439 symcache = &cache[sortshdr->sh_link]; 2440 symshdr = symcache->c_shdr; 2441 symsecndx = sortshdr->sh_link; 2442 ldynsym_cnt = 0; 2443 switch (symshdr->sh_type) { 2444 case SHT_SUNW_LDYNSYM: 2445 if (!init_symtbl_state(&ldynsym_state, cache, shnum, 2446 symsecndx, ehdr, osabi, versym, file, flags)) 2447 continue; 2448 ldynsym_cnt = ldynsym_state.symn; 2449 /* 2450 * We know that the dynsym follows immediately 2451 * after the SUNW_ldynsym, and so, should be at 2452 * (sortshdr->sh_link + 1). However, elfdump is a 2453 * diagnostic tool, so we do the full paranoid 2454 * search instead. 2455 */ 2456 for (symsecndx = 1; symsecndx < shnum; symsecndx++) { 2457 symcache = &cache[symsecndx]; 2458 symshdr = symcache->c_shdr; 2459 if (symshdr->sh_type == SHT_DYNSYM) 2460 break; 2461 } 2462 if (symsecndx >= shnum) { /* Dynsym not found! */ 2463 (void) fprintf(stderr, 2464 MSG_INTL(MSG_ERR_NODYNSYM), 2465 file, sortcache->c_name); 2466 continue; 2467 } 2468 /* Fallthrough to process associated dynsym */ 2469 /* FALLTHROUGH */ 2470 case SHT_DYNSYM: 2471 if (!init_symtbl_state(&dynsym_state, cache, shnum, 2472 symsecndx, ehdr, osabi, versym, file, flags)) 2473 continue; 2474 break; 2475 default: 2476 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADNDXSEC), 2477 file, sortcache->c_name, 2478 conv_sec_type(osabi, ehdr->e_machine, 2479 symshdr->sh_type, 0, &inv_buf)); 2480 continue; 2481 } 2482 2483 /* 2484 * Output header 2485 */ 2486 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2487 if (ldynsym_cnt > 0) { 2488 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMSORT2), 2489 sortcache->c_name, ldynsym_state.secname, 2490 dynsym_state.secname); 2491 /* 2492 * The data for .SUNW_ldynsym and dynsym sections 2493 * is supposed to be adjacent with SUNW_ldynsym coming 2494 * first. Check, and issue a warning if it isn't so. 2495 */ 2496 if (((ldynsym_state.sym + ldynsym_state.symn) 2497 != dynsym_state.sym) && 2498 ((flags & FLG_CTL_FAKESHDR) == 0)) 2499 (void) fprintf(stderr, 2500 MSG_INTL(MSG_ERR_LDYNNOTADJ), file, 2501 ldynsym_state.secname, 2502 dynsym_state.secname); 2503 } else { 2504 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMSORT1), 2505 sortcache->c_name, dynsym_state.secname); 2506 } 2507 Elf_syms_table_title(0, ELF_DBG_ELFDUMP); 2508 2509 /* If not first one, insert a line of white space */ 2510 if (output_cnt++ > 0) 2511 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2512 2513 /* 2514 * SUNW_dynsymsort and SUNW_dyntlssort are arrays of 2515 * symbol indices. Iterate over the array entries, 2516 * dispaying the referenced symbols. 2517 */ 2518 ndxn = sortshdr->sh_size / sortshdr->sh_entsize; 2519 ndx = (Word *)sortcache->c_data->d_buf; 2520 for (; ndxn-- > 0; ndx++) { 2521 if (*ndx >= ldynsym_cnt) { 2522 Word sec_ndx = *ndx - ldynsym_cnt; 2523 2524 output_symbol(&dynsym_state, sec_ndx, 0, 2525 *ndx, dynsym_state.sym + sec_ndx); 2526 } else { 2527 output_symbol(&ldynsym_state, *ndx, 0, 2528 *ndx, ldynsym_state.sym + *ndx); 2529 } 2530 } 2531 } 2532 } 2533 2534 /* 2535 * Search for and process any relocation sections. 2536 */ 2537 static void 2538 reloc(Cache *cache, Word shnum, Ehdr *ehdr, const char *file) 2539 { 2540 Word cnt; 2541 2542 for (cnt = 1; cnt < shnum; cnt++) { 2543 Word type, symnum; 2544 Xword relndx, relnum, relsize; 2545 void *rels; 2546 Sym *syms; 2547 Cache *symsec, *strsec; 2548 Cache *_cache = &cache[cnt]; 2549 Shdr *shdr = _cache->c_shdr; 2550 char *relname = _cache->c_name; 2551 Conv_inv_buf_t inv_buf; 2552 2553 if (((type = shdr->sh_type) != SHT_RELA) && 2554 (type != SHT_REL)) 2555 continue; 2556 if (!match(MATCH_F_ALL, relname, cnt, type)) 2557 continue; 2558 2559 /* 2560 * Decide entry size. 2561 */ 2562 if (((relsize = shdr->sh_entsize) == 0) || 2563 (relsize > shdr->sh_size)) { 2564 if (type == SHT_RELA) 2565 relsize = sizeof (Rela); 2566 else 2567 relsize = sizeof (Rel); 2568 } 2569 2570 /* 2571 * Determine the number of relocations available. 2572 */ 2573 if (shdr->sh_size == 0) { 2574 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 2575 file, relname); 2576 continue; 2577 } 2578 if (_cache->c_data == NULL) 2579 continue; 2580 2581 rels = _cache->c_data->d_buf; 2582 relnum = shdr->sh_size / relsize; 2583 2584 /* 2585 * Get the data buffer for the associated symbol table and 2586 * string table. 2587 */ 2588 if (stringtbl(cache, 1, cnt, shnum, file, 2589 &symnum, &symsec, &strsec) == 0) 2590 continue; 2591 2592 syms = symsec->c_data->d_buf; 2593 2594 /* 2595 * Loop through the relocation entries. 2596 */ 2597 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2598 dbg_print(0, MSG_INTL(MSG_ELF_SCN_RELOC), _cache->c_name); 2599 Elf_reloc_title(0, ELF_DBG_ELFDUMP, type); 2600 2601 for (relndx = 0; relndx < relnum; relndx++, 2602 rels = (void *)((char *)rels + relsize)) { 2603 Half mach = ehdr->e_machine; 2604 char section[BUFSIZ]; 2605 const char *symname; 2606 Word symndx, reltype; 2607 Rela *rela; 2608 Rel *rel; 2609 2610 /* 2611 * Unravel the relocation and determine the symbol with 2612 * which this relocation is associated. 2613 */ 2614 if (type == SHT_RELA) { 2615 rela = (Rela *)rels; 2616 symndx = ELF_R_SYM(rela->r_info); 2617 reltype = ELF_R_TYPE(rela->r_info, mach); 2618 } else { 2619 rel = (Rel *)rels; 2620 symndx = ELF_R_SYM(rel->r_info); 2621 reltype = ELF_R_TYPE(rel->r_info, mach); 2622 } 2623 2624 symname = relsymname(cache, _cache, strsec, symndx, 2625 symnum, relndx, syms, section, BUFSIZ, file); 2626 2627 /* 2628 * A zero symbol index is only valid for a few 2629 * relocations. 2630 */ 2631 if (symndx == 0) { 2632 int badrel = 0; 2633 2634 if ((mach == EM_SPARC) || 2635 (mach == EM_SPARC32PLUS) || 2636 (mach == EM_SPARCV9)) { 2637 if ((reltype != R_SPARC_NONE) && 2638 (reltype != R_SPARC_REGISTER) && 2639 (reltype != R_SPARC_RELATIVE)) 2640 badrel++; 2641 } else if (mach == EM_386) { 2642 if ((reltype != R_386_NONE) && 2643 (reltype != R_386_RELATIVE)) 2644 badrel++; 2645 } else if (mach == EM_AMD64) { 2646 if ((reltype != R_AMD64_NONE) && 2647 (reltype != R_AMD64_RELATIVE)) 2648 badrel++; 2649 } 2650 2651 if (badrel) { 2652 (void) fprintf(stderr, 2653 MSG_INTL(MSG_ERR_BADREL1), file, 2654 conv_reloc_type(mach, reltype, 2655 0, &inv_buf)); 2656 } 2657 } 2658 2659 Elf_reloc_entry_1(0, ELF_DBG_ELFDUMP, 2660 MSG_ORIG(MSG_STR_EMPTY), ehdr->e_machine, type, 2661 rels, relname, symname, 0); 2662 } 2663 } 2664 } 2665 2666 2667 /* 2668 * This value controls which test dyn_test() performs. 2669 */ 2670 typedef enum { DYN_TEST_ADDR, DYN_TEST_SIZE, DYN_TEST_ENTSIZE } dyn_test_t; 2671 2672 /* 2673 * Used by dynamic() to compare the value of a dynamic element against 2674 * the starting address of the section it references. 2675 * 2676 * entry: 2677 * test_type - Specify which dyn item is being tested. 2678 * sh_type - SHT_* type value for required section. 2679 * sec_cache - Cache entry for section, or NULL if the object lacks 2680 * a section of this type. 2681 * dyn - Dyn entry to be tested 2682 * dynsec_cnt - # of dynamic section being examined. The first 2683 * dynamic section is 1, the next is 2, and so on... 2684 * ehdr - ELF header for file 2685 * file - Name of file 2686 */ 2687 static void 2688 dyn_test(dyn_test_t test_type, Word sh_type, Cache *sec_cache, Dyn *dyn, 2689 Word dynsec_cnt, Ehdr *ehdr, uchar_t osabi, const char *file) 2690 { 2691 Conv_inv_buf_t buf1, buf2; 2692 2693 /* 2694 * These tests are based around the implicit assumption that 2695 * there is only one dynamic section in an object, and also only 2696 * one of the sections it references. We have therefore gathered 2697 * all of the necessary information to test this in a single pass 2698 * over the section headers, which is very efficient. We are not 2699 * aware of any case where more than one dynamic section would 2700 * be meaningful in an ELF object, so this is a reasonable solution. 2701 * 2702 * To test multiple dynamic sections correctly would be more 2703 * expensive in code and time. We would have to build a data structure 2704 * containing all the dynamic elements. Then, we would use the address 2705 * to locate the section it references and ensure the section is of 2706 * the right type and that the address in the dynamic element is 2707 * to the start of the section. Then, we could check the size and 2708 * entsize values against those same sections. This is O(n^2), and 2709 * also complicated. 2710 * 2711 * In the highly unlikely case that there is more than one dynamic 2712 * section, we only test the first one, and simply allow the values 2713 * of the subsequent one to be displayed unchallenged. 2714 */ 2715 if (dynsec_cnt != 1) 2716 return; 2717 2718 /* 2719 * A DT_ item that references a section address should always find 2720 * the section in the file. 2721 */ 2722 if (sec_cache == NULL) { 2723 const char *name; 2724 2725 /* 2726 * Supply section names instead of section types for 2727 * things that reference progbits so that the error 2728 * message will make more sense. 2729 */ 2730 switch (dyn->d_tag) { 2731 case DT_INIT: 2732 name = MSG_ORIG(MSG_ELF_INIT); 2733 break; 2734 case DT_FINI: 2735 name = MSG_ORIG(MSG_ELF_FINI); 2736 break; 2737 default: 2738 name = conv_sec_type(osabi, ehdr->e_machine, 2739 sh_type, 0, &buf1); 2740 break; 2741 } 2742 (void) fprintf(stderr, MSG_INTL(MSG_ERR_DYNNOBCKSEC), file, 2743 name, conv_dyn_tag(dyn->d_tag, osabi, ehdr->e_machine, 2744 CONV_FMT_ALT_CF, &buf2)); 2745 return; 2746 } 2747 2748 2749 switch (test_type) { 2750 case DYN_TEST_ADDR: 2751 /* The section address should match the DT_ item value */ 2752 if (dyn->d_un.d_val != sec_cache->c_shdr->sh_addr) 2753 (void) fprintf(stderr, 2754 MSG_INTL(MSG_ERR_DYNBADADDR), file, 2755 conv_dyn_tag(dyn->d_tag, osabi, ehdr->e_machine, 2756 CONV_FMT_ALT_CF, &buf1), EC_ADDR(dyn->d_un.d_val), 2757 sec_cache->c_ndx, sec_cache->c_name, 2758 EC_ADDR(sec_cache->c_shdr->sh_addr)); 2759 break; 2760 2761 case DYN_TEST_SIZE: 2762 /* The section size should match the DT_ item value */ 2763 if (dyn->d_un.d_val != sec_cache->c_shdr->sh_size) 2764 (void) fprintf(stderr, 2765 MSG_INTL(MSG_ERR_DYNBADSIZE), file, 2766 conv_dyn_tag(dyn->d_tag, osabi, ehdr->e_machine, 2767 CONV_FMT_ALT_CF, &buf1), EC_XWORD(dyn->d_un.d_val), 2768 sec_cache->c_ndx, sec_cache->c_name, 2769 EC_XWORD(sec_cache->c_shdr->sh_size)); 2770 break; 2771 2772 case DYN_TEST_ENTSIZE: 2773 /* The sh_entsize value should match the DT_ item value */ 2774 if (dyn->d_un.d_val != sec_cache->c_shdr->sh_entsize) 2775 (void) fprintf(stderr, 2776 MSG_INTL(MSG_ERR_DYNBADENTSIZE), file, 2777 conv_dyn_tag(dyn->d_tag, osabi, ehdr->e_machine, 2778 CONV_FMT_ALT_CF, &buf1), EC_XWORD(dyn->d_un.d_val), 2779 sec_cache->c_ndx, sec_cache->c_name, 2780 EC_XWORD(sec_cache->c_shdr->sh_entsize)); 2781 break; 2782 } 2783 } 2784 2785 /* 2786 * There are some DT_ entries that have corresponding symbols 2787 * (e.g. DT_INIT and _init). It is expected that these items will 2788 * both have the same value if both are present. This routine 2789 * examines the well known symbol tables for such symbols and 2790 * issues warnings for any that don't match. 2791 * 2792 * entry: 2793 * dyn - Dyn entry to be tested 2794 * symname - Name of symbol that corresponds to dyn 2795 * symtab_cache, dynsym_cache, ldynsym_cache - Symbol tables to check 2796 * target_cache - Section the symname section is expected to be 2797 * associated with. 2798 * cache - Cache of all section headers 2799 * shnum - # of sections in cache 2800 * ehdr - ELF header for file 2801 * osabi - OSABI to apply when interpreting object 2802 * file - Name of file 2803 */ 2804 static void 2805 dyn_symtest(Dyn *dyn, const char *symname, Cache *symtab_cache, 2806 Cache *dynsym_cache, Cache *ldynsym_cache, Cache *target_cache, 2807 Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, const char *file) 2808 { 2809 Conv_inv_buf_t buf; 2810 int i; 2811 Sym *sym; 2812 Cache *_cache; 2813 2814 for (i = 0; i < 3; i++) { 2815 switch (i) { 2816 case 0: 2817 _cache = symtab_cache; 2818 break; 2819 case 1: 2820 _cache = dynsym_cache; 2821 break; 2822 case 2: 2823 _cache = ldynsym_cache; 2824 break; 2825 } 2826 2827 if ((_cache != NULL) && 2828 symlookup(symname, cache, shnum, &sym, target_cache, 2829 _cache, file) && (sym->st_value != dyn->d_un.d_val)) 2830 (void) fprintf(stderr, MSG_INTL(MSG_ERR_DYNSYMVAL), 2831 file, _cache->c_name, conv_dyn_tag(dyn->d_tag, 2832 osabi, ehdr->e_machine, CONV_FMT_ALT_CF, &buf), 2833 symname, EC_ADDR(sym->st_value)); 2834 } 2835 } 2836 2837 /* 2838 * Search for and process a .dynamic section. 2839 */ 2840 static void 2841 dynamic(Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, const char *file) 2842 { 2843 struct { 2844 Cache *symtab; 2845 Cache *dynstr; 2846 Cache *dynsym; 2847 Cache *hash; 2848 Cache *fini; 2849 Cache *fini_array; 2850 Cache *init; 2851 Cache *init_array; 2852 Cache *preinit_array; 2853 Cache *rel; 2854 Cache *rela; 2855 Cache *sunw_cap; 2856 Cache *sunw_capinfo; 2857 Cache *sunw_capchain; 2858 Cache *sunw_ldynsym; 2859 Cache *sunw_move; 2860 Cache *sunw_syminfo; 2861 Cache *sunw_symsort; 2862 Cache *sunw_tlssort; 2863 Cache *sunw_verdef; 2864 Cache *sunw_verneed; 2865 Cache *sunw_versym; 2866 } sec; 2867 Word dynsec_ndx; 2868 Word dynsec_num; 2869 int dynsec_cnt; 2870 Word cnt; 2871 int osabi_solaris = osabi == ELFOSABI_SOLARIS; 2872 2873 /* 2874 * Make a pass over all the sections, gathering section information 2875 * we'll need below. 2876 */ 2877 dynsec_num = 0; 2878 bzero(&sec, sizeof (sec)); 2879 for (cnt = 1; cnt < shnum; cnt++) { 2880 Cache *_cache = &cache[cnt]; 2881 2882 switch (_cache->c_shdr->sh_type) { 2883 case SHT_DYNAMIC: 2884 if (dynsec_num == 0) { 2885 dynsec_ndx = cnt; 2886 2887 /* Does it have a valid string table? */ 2888 (void) stringtbl(cache, 0, cnt, shnum, file, 2889 0, 0, &sec.dynstr); 2890 } 2891 dynsec_num++; 2892 break; 2893 2894 2895 case SHT_PROGBITS: 2896 /* 2897 * We want to detect the .init and .fini sections, 2898 * if present. These are SHT_PROGBITS, so all we 2899 * have to go on is the section name. Normally comparing 2900 * names is a bad idea, but there are some special 2901 * names (i.e. .init/.fini/.interp) that are very 2902 * difficult to use in any other context, and for 2903 * these symbols, we do the heuristic match. 2904 */ 2905 if (strcmp(_cache->c_name, 2906 MSG_ORIG(MSG_ELF_INIT)) == 0) { 2907 if (sec.init == NULL) 2908 sec.init = _cache; 2909 } else if (strcmp(_cache->c_name, 2910 MSG_ORIG(MSG_ELF_FINI)) == 0) { 2911 if (sec.fini == NULL) 2912 sec.fini = _cache; 2913 } 2914 break; 2915 2916 case SHT_REL: 2917 /* 2918 * We want the SHT_REL section with the lowest 2919 * offset. The linker gathers them together, 2920 * and puts the address of the first one 2921 * into the DT_REL dynamic element. 2922 */ 2923 if ((sec.rel == NULL) || 2924 (_cache->c_shdr->sh_offset < 2925 sec.rel->c_shdr->sh_offset)) 2926 sec.rel = _cache; 2927 break; 2928 2929 case SHT_RELA: 2930 /* RELA is handled just like RELA above */ 2931 if ((sec.rela == NULL) || 2932 (_cache->c_shdr->sh_offset < 2933 sec.rela->c_shdr->sh_offset)) 2934 sec.rela = _cache; 2935 break; 2936 2937 /* 2938 * The GRAB macro is used for the simple case in which 2939 * we simply grab the first section of the desired type. 2940 */ 2941 #define GRAB(_sec_type, _sec_field) \ 2942 case _sec_type: \ 2943 if (sec._sec_field == NULL) \ 2944 sec._sec_field = _cache; \ 2945 break 2946 GRAB(SHT_SYMTAB, symtab); 2947 GRAB(SHT_DYNSYM, dynsym); 2948 GRAB(SHT_FINI_ARRAY, fini_array); 2949 GRAB(SHT_HASH, hash); 2950 GRAB(SHT_INIT_ARRAY, init_array); 2951 GRAB(SHT_SUNW_move, sunw_move); 2952 GRAB(SHT_PREINIT_ARRAY, preinit_array); 2953 GRAB(SHT_SUNW_cap, sunw_cap); 2954 GRAB(SHT_SUNW_capinfo, sunw_capinfo); 2955 GRAB(SHT_SUNW_capchain, sunw_capchain); 2956 GRAB(SHT_SUNW_LDYNSYM, sunw_ldynsym); 2957 GRAB(SHT_SUNW_syminfo, sunw_syminfo); 2958 GRAB(SHT_SUNW_symsort, sunw_symsort); 2959 GRAB(SHT_SUNW_tlssort, sunw_tlssort); 2960 GRAB(SHT_SUNW_verdef, sunw_verdef); 2961 GRAB(SHT_SUNW_verneed, sunw_verneed); 2962 GRAB(SHT_SUNW_versym, sunw_versym); 2963 #undef GRAB 2964 } 2965 } 2966 2967 /* 2968 * If no dynamic section, return immediately. If more than one 2969 * dynamic section, then something odd is going on and an error 2970 * is in order, but then continue on and display them all. 2971 */ 2972 if (dynsec_num == 0) 2973 return; 2974 if (dynsec_num > 1) 2975 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MULTDYN), 2976 file, EC_WORD(dynsec_num)); 2977 2978 2979 dynsec_cnt = 0; 2980 for (cnt = dynsec_ndx; (cnt < shnum) && (dynsec_cnt < dynsec_num); 2981 cnt++) { 2982 Dyn *dyn; 2983 ulong_t numdyn; 2984 int ndx, end_ndx; 2985 Cache *_cache = &cache[cnt], *strsec; 2986 Shdr *shdr = _cache->c_shdr; 2987 int dumped = 0; 2988 2989 if (shdr->sh_type != SHT_DYNAMIC) 2990 continue; 2991 dynsec_cnt++; 2992 2993 /* 2994 * Verify the associated string table section. 2995 */ 2996 if (stringtbl(cache, 0, cnt, shnum, file, 0, 0, &strsec) == 0) 2997 continue; 2998 2999 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 3000 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3001 file, _cache->c_name); 3002 continue; 3003 } 3004 if (_cache->c_data == NULL) 3005 continue; 3006 3007 numdyn = shdr->sh_size / shdr->sh_entsize; 3008 dyn = (Dyn *)_cache->c_data->d_buf; 3009 3010 /* 3011 * We expect the REL/RELA entries to reference the reloc 3012 * section with the lowest address. However, this is 3013 * not true for dumped objects. Detect if this object has 3014 * been dumped so that we can skip the reloc address test 3015 * in that case. 3016 */ 3017 for (ndx = 0; ndx < numdyn; dyn++, ndx++) { 3018 if (dyn->d_tag == DT_FLAGS_1) { 3019 dumped = (dyn->d_un.d_val & DF_1_CONFALT) != 0; 3020 break; 3021 } 3022 } 3023 dyn = (Dyn *)_cache->c_data->d_buf; 3024 3025 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3026 dbg_print(0, MSG_INTL(MSG_ELF_SCN_DYNAMIC), _cache->c_name); 3027 3028 Elf_dyn_title(0); 3029 3030 for (ndx = 0; ndx < numdyn; dyn++, ndx++) { 3031 union { 3032 Conv_inv_buf_t inv; 3033 Conv_dyn_flag_buf_t flag; 3034 Conv_dyn_flag1_buf_t flag1; 3035 Conv_dyn_posflag1_buf_t posflag1; 3036 Conv_dyn_feature1_buf_t feature1; 3037 } c_buf; 3038 const char *name = NULL; 3039 3040 /* 3041 * Print the information numerically, and if possible 3042 * as a string. If a string is available, name is 3043 * set to reference it. 3044 * 3045 * Also, take this opportunity to sanity check 3046 * the values of DT elements. In the code above, 3047 * we gathered information on sections that are 3048 * referenced by the dynamic section. Here, we 3049 * compare the attributes of those sections to 3050 * the DT_ items that reference them and report 3051 * on inconsistencies. 3052 * 3053 * Things not currently tested that could be improved 3054 * in later revisions include: 3055 * - We don't check PLT or GOT related items 3056 * - We don't handle computing the lengths of 3057 * relocation arrays. To handle this 3058 * requires examining data that spans 3059 * across sections, in a contiguous span 3060 * within a single segment. 3061 * - DT_VERDEFNUM and DT_VERNEEDNUM can't be 3062 * verified without parsing the sections. 3063 * - We don't handle DT_SUNW_SYMSZ, which would 3064 * be the sum of the lengths of .dynsym and 3065 * .SUNW_ldynsym 3066 * - DT_SUNW_STRPAD can't be verified other than 3067 * to check that it's not larger than 3068 * the string table. 3069 * - Some items come in "all or none" clusters 3070 * that give an address, element size, 3071 * and data length in bytes. We don't 3072 * verify that there are no missing items 3073 * in such groups. 3074 */ 3075 switch (dyn->d_tag) { 3076 case DT_NULL: 3077 /* 3078 * Special case: DT_NULLs can come in groups 3079 * that we prefer to reduce to a single line. 3080 */ 3081 end_ndx = ndx; 3082 while ((end_ndx < (numdyn - 1)) && 3083 ((dyn + 1)->d_tag == DT_NULL)) { 3084 dyn++; 3085 end_ndx++; 3086 } 3087 Elf_dyn_null_entry(0, dyn, ndx, end_ndx); 3088 ndx = end_ndx; 3089 continue; 3090 3091 /* 3092 * String items all reference the dynstr. The string() 3093 * function does the necessary sanity checking. 3094 */ 3095 case DT_NEEDED: 3096 case DT_SONAME: 3097 case DT_FILTER: 3098 case DT_AUXILIARY: 3099 case DT_CONFIG: 3100 case DT_RPATH: 3101 case DT_RUNPATH: 3102 case DT_USED: 3103 case DT_DEPAUDIT: 3104 case DT_AUDIT: 3105 name = string(_cache, ndx, strsec, 3106 file, dyn->d_un.d_ptr); 3107 break; 3108 3109 case DT_SUNW_AUXILIARY: 3110 case DT_SUNW_FILTER: 3111 if (osabi_solaris) 3112 name = string(_cache, ndx, strsec, 3113 file, dyn->d_un.d_ptr); 3114 break; 3115 3116 case DT_FLAGS: 3117 name = conv_dyn_flag(dyn->d_un.d_val, 3118 0, &c_buf.flag); 3119 break; 3120 case DT_FLAGS_1: 3121 name = conv_dyn_flag1(dyn->d_un.d_val, 0, 3122 &c_buf.flag1); 3123 break; 3124 case DT_POSFLAG_1: 3125 name = conv_dyn_posflag1(dyn->d_un.d_val, 0, 3126 &c_buf.posflag1); 3127 break; 3128 case DT_FEATURE_1: 3129 name = conv_dyn_feature1(dyn->d_un.d_val, 0, 3130 &c_buf.feature1); 3131 break; 3132 case DT_DEPRECATED_SPARC_REGISTER: 3133 name = MSG_INTL(MSG_STR_DEPRECATED); 3134 break; 3135 3136 case DT_SUNW_LDMACH: 3137 if (!osabi_solaris) 3138 break; 3139 name = conv_ehdr_mach((Half)dyn->d_un.d_val, 3140 0, &c_buf.inv); 3141 break; 3142 3143 /* 3144 * Cases below this point are strictly sanity checking, 3145 * and do not generate a name string. The TEST_ macros 3146 * are used to hide the boiler plate arguments neeeded 3147 * by dyn_test(). 3148 */ 3149 #define TEST_ADDR(_sh_type, _sec_field) \ 3150 dyn_test(DYN_TEST_ADDR, _sh_type, \ 3151 sec._sec_field, dyn, dynsec_cnt, ehdr, \ 3152 osabi, file) 3153 #define TEST_SIZE(_sh_type, _sec_field) \ 3154 dyn_test(DYN_TEST_SIZE, _sh_type, \ 3155 sec._sec_field, dyn, dynsec_cnt, ehdr, \ 3156 osabi, file) 3157 #define TEST_ENTSIZE(_sh_type, _sec_field) \ 3158 dyn_test(DYN_TEST_ENTSIZE, _sh_type, \ 3159 sec._sec_field, dyn, dynsec_cnt, ehdr, \ 3160 osabi, file) 3161 3162 case DT_FINI: 3163 dyn_symtest(dyn, MSG_ORIG(MSG_SYM_FINI), 3164 sec.symtab, sec.dynsym, sec.sunw_ldynsym, 3165 sec.fini, cache, shnum, ehdr, osabi, file); 3166 TEST_ADDR(SHT_PROGBITS, fini); 3167 break; 3168 3169 case DT_FINI_ARRAY: 3170 TEST_ADDR(SHT_FINI_ARRAY, fini_array); 3171 break; 3172 3173 case DT_FINI_ARRAYSZ: 3174 TEST_SIZE(SHT_FINI_ARRAY, fini_array); 3175 break; 3176 3177 case DT_HASH: 3178 TEST_ADDR(SHT_HASH, hash); 3179 break; 3180 3181 case DT_INIT: 3182 dyn_symtest(dyn, MSG_ORIG(MSG_SYM_INIT), 3183 sec.symtab, sec.dynsym, sec.sunw_ldynsym, 3184 sec.init, cache, shnum, ehdr, osabi, file); 3185 TEST_ADDR(SHT_PROGBITS, init); 3186 break; 3187 3188 case DT_INIT_ARRAY: 3189 TEST_ADDR(SHT_INIT_ARRAY, init_array); 3190 break; 3191 3192 case DT_INIT_ARRAYSZ: 3193 TEST_SIZE(SHT_INIT_ARRAY, init_array); 3194 break; 3195 3196 case DT_MOVEENT: 3197 TEST_ENTSIZE(SHT_SUNW_move, sunw_move); 3198 break; 3199 3200 case DT_MOVESZ: 3201 TEST_SIZE(SHT_SUNW_move, sunw_move); 3202 break; 3203 3204 case DT_MOVETAB: 3205 TEST_ADDR(SHT_SUNW_move, sunw_move); 3206 break; 3207 3208 case DT_PREINIT_ARRAY: 3209 TEST_ADDR(SHT_PREINIT_ARRAY, preinit_array); 3210 break; 3211 3212 case DT_PREINIT_ARRAYSZ: 3213 TEST_SIZE(SHT_PREINIT_ARRAY, preinit_array); 3214 break; 3215 3216 case DT_REL: 3217 if (!dumped) 3218 TEST_ADDR(SHT_REL, rel); 3219 break; 3220 3221 case DT_RELENT: 3222 TEST_ENTSIZE(SHT_REL, rel); 3223 break; 3224 3225 case DT_RELA: 3226 if (!dumped) 3227 TEST_ADDR(SHT_RELA, rela); 3228 break; 3229 3230 case DT_RELAENT: 3231 TEST_ENTSIZE(SHT_RELA, rela); 3232 break; 3233 3234 case DT_STRTAB: 3235 TEST_ADDR(SHT_STRTAB, dynstr); 3236 break; 3237 3238 case DT_STRSZ: 3239 TEST_SIZE(SHT_STRTAB, dynstr); 3240 break; 3241 3242 case DT_SUNW_CAP: 3243 if (osabi_solaris) 3244 TEST_ADDR(SHT_SUNW_cap, sunw_cap); 3245 break; 3246 3247 case DT_SUNW_CAPINFO: 3248 if (osabi_solaris) 3249 TEST_ADDR(SHT_SUNW_capinfo, 3250 sunw_capinfo); 3251 break; 3252 3253 case DT_SUNW_CAPCHAIN: 3254 if (osabi_solaris) 3255 TEST_ADDR(SHT_SUNW_capchain, 3256 sunw_capchain); 3257 break; 3258 3259 case DT_SUNW_SYMTAB: 3260 TEST_ADDR(SHT_SUNW_LDYNSYM, sunw_ldynsym); 3261 break; 3262 3263 case DT_SYMENT: 3264 TEST_ENTSIZE(SHT_DYNSYM, dynsym); 3265 break; 3266 3267 case DT_SYMINENT: 3268 TEST_ENTSIZE(SHT_SUNW_syminfo, sunw_syminfo); 3269 break; 3270 3271 case DT_SYMINFO: 3272 TEST_ADDR(SHT_SUNW_syminfo, sunw_syminfo); 3273 break; 3274 3275 case DT_SYMINSZ: 3276 TEST_SIZE(SHT_SUNW_syminfo, sunw_syminfo); 3277 break; 3278 3279 case DT_SYMTAB: 3280 TEST_ADDR(SHT_DYNSYM, dynsym); 3281 break; 3282 3283 case DT_SUNW_SORTENT: 3284 /* 3285 * This entry is related to both the symsort and 3286 * tlssort sections. 3287 */ 3288 if (osabi_solaris) { 3289 int test_tls = 3290 (sec.sunw_tlssort != NULL); 3291 int test_sym = 3292 (sec.sunw_symsort != NULL) || 3293 !test_tls; 3294 if (test_sym) 3295 TEST_ENTSIZE(SHT_SUNW_symsort, 3296 sunw_symsort); 3297 if (test_tls) 3298 TEST_ENTSIZE(SHT_SUNW_tlssort, 3299 sunw_tlssort); 3300 } 3301 break; 3302 3303 3304 case DT_SUNW_SYMSORT: 3305 if (osabi_solaris) 3306 TEST_ADDR(SHT_SUNW_symsort, 3307 sunw_symsort); 3308 break; 3309 3310 case DT_SUNW_SYMSORTSZ: 3311 if (osabi_solaris) 3312 TEST_SIZE(SHT_SUNW_symsort, 3313 sunw_symsort); 3314 break; 3315 3316 case DT_SUNW_TLSSORT: 3317 if (osabi_solaris) 3318 TEST_ADDR(SHT_SUNW_tlssort, 3319 sunw_tlssort); 3320 break; 3321 3322 case DT_SUNW_TLSSORTSZ: 3323 if (osabi_solaris) 3324 TEST_SIZE(SHT_SUNW_tlssort, 3325 sunw_tlssort); 3326 break; 3327 3328 case DT_VERDEF: 3329 TEST_ADDR(SHT_SUNW_verdef, sunw_verdef); 3330 break; 3331 3332 case DT_VERNEED: 3333 TEST_ADDR(SHT_SUNW_verneed, sunw_verneed); 3334 break; 3335 3336 case DT_VERSYM: 3337 TEST_ADDR(SHT_SUNW_versym, sunw_versym); 3338 break; 3339 #undef TEST_ADDR 3340 #undef TEST_SIZE 3341 #undef TEST_ENTSIZE 3342 } 3343 3344 if (name == NULL) 3345 name = MSG_ORIG(MSG_STR_EMPTY); 3346 Elf_dyn_entry(0, dyn, ndx, name, 3347 osabi, ehdr->e_machine); 3348 } 3349 } 3350 } 3351 3352 /* 3353 * Search for and process a MOVE section. 3354 */ 3355 static void 3356 move(Cache *cache, Word shnum, const char *file, uint_t flags) 3357 { 3358 Word cnt; 3359 const char *fmt = NULL; 3360 3361 for (cnt = 1; cnt < shnum; cnt++) { 3362 Word movenum, symnum, ndx; 3363 Sym *syms; 3364 Cache *_cache = &cache[cnt]; 3365 Shdr *shdr = _cache->c_shdr; 3366 Cache *symsec, *strsec; 3367 Move *move; 3368 3369 if (shdr->sh_type != SHT_SUNW_move) 3370 continue; 3371 if (!match(MATCH_F_ALL, _cache->c_name, cnt, shdr->sh_type)) 3372 continue; 3373 3374 /* 3375 * Determine the move data and number. 3376 */ 3377 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 3378 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3379 file, _cache->c_name); 3380 continue; 3381 } 3382 if (_cache->c_data == NULL) 3383 continue; 3384 3385 move = (Move *)_cache->c_data->d_buf; 3386 movenum = shdr->sh_size / shdr->sh_entsize; 3387 3388 /* 3389 * Get the data buffer for the associated symbol table and 3390 * string table. 3391 */ 3392 if (stringtbl(cache, 1, cnt, shnum, file, 3393 &symnum, &symsec, &strsec) == 0) 3394 return; 3395 3396 syms = (Sym *)symsec->c_data->d_buf; 3397 3398 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3399 dbg_print(0, MSG_INTL(MSG_ELF_SCN_MOVE), _cache->c_name); 3400 dbg_print(0, MSG_INTL(MSG_MOVE_TITLE)); 3401 3402 if (fmt == NULL) 3403 fmt = MSG_INTL(MSG_MOVE_ENTRY); 3404 3405 for (ndx = 0; ndx < movenum; move++, ndx++) { 3406 const char *symname; 3407 char index[MAXNDXSIZE], section[BUFSIZ]; 3408 Word symndx, shndx; 3409 Sym *sym; 3410 3411 /* 3412 * Check for null entries 3413 */ 3414 if ((move->m_info == 0) && (move->m_value == 0) && 3415 (move->m_poffset == 0) && (move->m_repeat == 0) && 3416 (move->m_stride == 0)) { 3417 dbg_print(0, fmt, MSG_ORIG(MSG_STR_EMPTY), 3418 EC_XWORD(move->m_poffset), 0, 0, 0, 3419 EC_LWORD(0), MSG_ORIG(MSG_STR_EMPTY)); 3420 continue; 3421 } 3422 if (((symndx = ELF_M_SYM(move->m_info)) == 0) || 3423 (symndx >= symnum)) { 3424 (void) fprintf(stderr, 3425 MSG_INTL(MSG_ERR_BADMINFO), file, 3426 _cache->c_name, EC_XWORD(move->m_info)); 3427 3428 (void) snprintf(index, MAXNDXSIZE, 3429 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(symndx)); 3430 dbg_print(0, fmt, index, 3431 EC_XWORD(move->m_poffset), 3432 ELF_M_SIZE(move->m_info), move->m_repeat, 3433 move->m_stride, move->m_value, 3434 MSG_INTL(MSG_STR_UNKNOWN)); 3435 continue; 3436 } 3437 3438 symname = relsymname(cache, _cache, strsec, 3439 symndx, symnum, ndx, syms, section, BUFSIZ, file); 3440 sym = (Sym *)(syms + symndx); 3441 3442 /* 3443 * Additional sanity check. 3444 */ 3445 shndx = sym->st_shndx; 3446 if (!((shndx == SHN_COMMON) || 3447 (((shndx >= 1) && (shndx <= shnum)) && 3448 (cache[shndx].c_shdr)->sh_type == SHT_NOBITS))) { 3449 (void) fprintf(stderr, 3450 MSG_INTL(MSG_ERR_BADSYM2), file, 3451 _cache->c_name, EC_WORD(symndx), 3452 demangle(symname, flags)); 3453 } 3454 3455 (void) snprintf(index, MAXNDXSIZE, 3456 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(symndx)); 3457 dbg_print(0, fmt, index, EC_XWORD(move->m_poffset), 3458 ELF_M_SIZE(move->m_info), move->m_repeat, 3459 move->m_stride, move->m_value, 3460 demangle(symname, flags)); 3461 } 3462 } 3463 } 3464 3465 /* 3466 * parse_note_t is used to track the state used by parse_note_entry() 3467 * between calls, and also to return the results of each call. 3468 */ 3469 typedef struct { 3470 /* pns_ fields track progress through the data */ 3471 const char *pns_file; /* File name */ 3472 Cache *pns_cache; /* Note section cache entry */ 3473 size_t pns_size; /* # unprocessed data bytes */ 3474 Word *pns_data; /* # to next unused data byte */ 3475 3476 /* pn_ fields return the results for a single call */ 3477 Word pn_namesz; /* Value of note namesz field */ 3478 Word pn_descsz; /* Value of note descsz field */ 3479 Word pn_type; /* Value of note type field */ 3480 const char *pn_name; /* if (namesz > 0) ptr to name bytes */ 3481 const char *pn_desc; /* if (descsx > 0) ptr to data bytes */ 3482 } parse_note_t; 3483 3484 /* 3485 * Extract the various sub-parts of a note entry, and advance the 3486 * data pointer past it. 3487 * 3488 * entry: 3489 * The state pns_ fields contain current values for the Note section 3490 * 3491 * exit: 3492 * On success, True (1) is returned, the state pns_ fields have been 3493 * advanced to point at the start of the next entry, and the information 3494 * for the recovered note entry is found in the state pn_ fields. 3495 * 3496 * On failure, False (0) is returned. The values contained in state 3497 * are undefined. 3498 */ 3499 static int 3500 parse_note_entry(parse_note_t *state) 3501 { 3502 size_t pad, noteoff; 3503 3504 noteoff = (Word)state->pns_cache->c_data->d_size - state->pns_size; 3505 /* 3506 * Make sure we can at least reference the 3 initial entries 3507 * (4-byte words) of the note information block. 3508 */ 3509 if (state->pns_size >= (sizeof (Word) * 3)) { 3510 state->pns_size -= (sizeof (Word) * 3); 3511 } else { 3512 (void) fprintf(stderr, MSG_INTL(MSG_NOTE_BADDATASZ), 3513 state->pns_file, state->pns_cache->c_name, 3514 EC_WORD(noteoff)); 3515 return (0); 3516 } 3517 3518 /* 3519 * Make sure any specified name string can be referenced. 3520 */ 3521 if ((state->pn_namesz = *state->pns_data++) != 0) { 3522 if (state->pns_size >= state->pn_namesz) { 3523 state->pns_size -= state->pn_namesz; 3524 } else { 3525 (void) fprintf(stderr, MSG_INTL(MSG_NOTE_BADNMSZ), 3526 state->pns_file, state->pns_cache->c_name, 3527 EC_WORD(noteoff), EC_WORD(state->pn_namesz)); 3528 return (0); 3529 } 3530 } 3531 3532 /* 3533 * Make sure any specified descriptor can be referenced. 3534 */ 3535 if ((state->pn_descsz = *state->pns_data++) != 0) { 3536 /* 3537 * If namesz isn't a 4-byte multiple, account for any 3538 * padding that must exist before the descriptor. 3539 */ 3540 if ((pad = (state->pn_namesz & (sizeof (Word) - 1))) != 0) { 3541 pad = sizeof (Word) - pad; 3542 state->pns_size -= pad; 3543 } 3544 if (state->pns_size >= state->pn_descsz) { 3545 state->pns_size -= state->pn_descsz; 3546 } else { 3547 (void) fprintf(stderr, MSG_INTL(MSG_NOTE_BADDESZ), 3548 state->pns_file, state->pns_cache->c_name, 3549 EC_WORD(noteoff), EC_WORD(state->pn_namesz)); 3550 return (0); 3551 } 3552 } 3553 3554 state->pn_type = *state->pns_data++; 3555 3556 /* Name */ 3557 if (state->pn_namesz) { 3558 state->pn_name = (char *)state->pns_data; 3559 pad = (state->pn_namesz + 3560 (sizeof (Word) - 1)) & ~(sizeof (Word) - 1); 3561 /* LINTED */ 3562 state->pns_data = (Word *)(state->pn_name + pad); 3563 } 3564 3565 /* 3566 * If multiple information blocks exist within a .note section 3567 * account for any padding that must exist before the next 3568 * information block. 3569 */ 3570 if ((pad = (state->pn_descsz & (sizeof (Word) - 1))) != 0) { 3571 pad = sizeof (Word) - pad; 3572 if (state->pns_size > pad) 3573 state->pns_size -= pad; 3574 } 3575 3576 /* Data */ 3577 if (state->pn_descsz) { 3578 state->pn_desc = (const char *)state->pns_data; 3579 /* LINTED */ 3580 state->pns_data = (Word *)(state->pn_desc + 3581 state->pn_descsz + pad); 3582 } 3583 3584 return (1); 3585 } 3586 3587 /* 3588 * Callback function for use with conv_str_to_c_literal() below. 3589 */ 3590 /*ARGSUSED2*/ 3591 static void 3592 c_literal_cb(const void *ptr, size_t size, void *uvalue) 3593 { 3594 (void) fwrite(ptr, size, 1, stdout); 3595 } 3596 3597 /* 3598 * Traverse a note section analyzing each note information block. 3599 * The data buffers size is used to validate references before they are made, 3600 * and is decremented as each element is processed. 3601 */ 3602 void 3603 note_entry(Cache *cache, Word *data, size_t size, Ehdr *ehdr, const char *file) 3604 { 3605 int cnt = 0; 3606 int is_corenote; 3607 int do_swap; 3608 Conv_inv_buf_t inv_buf; 3609 parse_note_t pnstate; 3610 3611 pnstate.pns_file = file; 3612 pnstate.pns_cache = cache; 3613 pnstate.pns_size = size; 3614 pnstate.pns_data = data; 3615 do_swap = _elf_sys_encoding() != ehdr->e_ident[EI_DATA]; 3616 3617 /* 3618 * Print out a single `note' information block. 3619 */ 3620 while (pnstate.pns_size > 0) { 3621 3622 if (parse_note_entry(&pnstate) == 0) 3623 return; 3624 3625 /* 3626 * Is this a Solaris core note? Such notes all have 3627 * the name "CORE". 3628 */ 3629 is_corenote = (ehdr->e_type == ET_CORE) && 3630 (pnstate.pn_namesz == (MSG_STR_CORE_SIZE + 1)) && 3631 (strncmp(MSG_ORIG(MSG_STR_CORE), pnstate.pn_name, 3632 MSG_STR_CORE_SIZE + 1) == 0); 3633 3634 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3635 dbg_print(0, MSG_INTL(MSG_FMT_NOTEENTNDX), EC_WORD(cnt)); 3636 cnt++; 3637 dbg_print(0, MSG_ORIG(MSG_NOTE_NAMESZ), 3638 EC_WORD(pnstate.pn_namesz)); 3639 dbg_print(0, MSG_ORIG(MSG_NOTE_DESCSZ), 3640 EC_WORD(pnstate.pn_descsz)); 3641 3642 if (is_corenote) 3643 dbg_print(0, MSG_ORIG(MSG_NOTE_TYPE_STR), 3644 conv_cnote_type(pnstate.pn_type, 0, &inv_buf)); 3645 else 3646 dbg_print(0, MSG_ORIG(MSG_NOTE_TYPE), 3647 EC_WORD(pnstate.pn_type)); 3648 if (pnstate.pn_namesz) { 3649 dbg_print(0, MSG_ORIG(MSG_NOTE_NAME)); 3650 /* 3651 * The name string can contain embedded 'null' 3652 * bytes and/or unprintable characters. Also, 3653 * the final NULL is documented in the ELF ABI 3654 * as being included in the namesz. So, display 3655 * the name using C literal string notation, and 3656 * include the terminating NULL in the output. 3657 * We don't show surrounding double quotes, as 3658 * that implies the termination that we are showing 3659 * explicitly. 3660 */ 3661 (void) fwrite(MSG_ORIG(MSG_STR_8SP), 3662 MSG_STR_8SP_SIZE, 1, stdout); 3663 conv_str_to_c_literal(pnstate.pn_name, 3664 pnstate.pn_namesz, c_literal_cb, NULL); 3665 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3666 } 3667 3668 if (pnstate.pn_descsz) { 3669 int hexdump = 1; 3670 3671 /* 3672 * If this is a core note, let the corenote() 3673 * function handle it. 3674 */ 3675 if (is_corenote) { 3676 /* We only issue the bad arch error once */ 3677 static int badnote_done = 0; 3678 corenote_ret_t corenote_ret; 3679 3680 corenote_ret = corenote(ehdr->e_machine, 3681 do_swap, pnstate.pn_type, pnstate.pn_desc, 3682 pnstate.pn_descsz); 3683 switch (corenote_ret) { 3684 case CORENOTE_R_OK: 3685 hexdump = 0; 3686 break; 3687 case CORENOTE_R_BADDATA: 3688 (void) fprintf(stderr, 3689 MSG_INTL(MSG_NOTE_BADCOREDATA), 3690 file); 3691 break; 3692 case CORENOTE_R_BADARCH: 3693 if (badnote_done) 3694 break; 3695 (void) fprintf(stderr, 3696 MSG_INTL(MSG_NOTE_BADCOREARCH), 3697 file, 3698 conv_ehdr_mach(ehdr->e_machine, 3699 0, &inv_buf)); 3700 break; 3701 } 3702 } 3703 3704 /* 3705 * The default thing when we don't understand 3706 * the note data is to display it as hex bytes. 3707 */ 3708 if (hexdump) { 3709 dbg_print(0, MSG_ORIG(MSG_NOTE_DESC)); 3710 dump_hex_bytes(pnstate.pn_desc, 3711 pnstate.pn_descsz, 8, 4, 4); 3712 } 3713 } 3714 } 3715 } 3716 3717 /* 3718 * Search for and process .note sections. 3719 * 3720 * Returns the number of note sections seen. 3721 */ 3722 static Word 3723 note(Cache *cache, Word shnum, Ehdr *ehdr, const char *file) 3724 { 3725 Word cnt, note_cnt = 0; 3726 3727 /* 3728 * Otherwise look for any .note sections. 3729 */ 3730 for (cnt = 1; cnt < shnum; cnt++) { 3731 Cache *_cache = &cache[cnt]; 3732 Shdr *shdr = _cache->c_shdr; 3733 3734 if (shdr->sh_type != SHT_NOTE) 3735 continue; 3736 note_cnt++; 3737 if (!match(MATCH_F_ALL, _cache->c_name, cnt, shdr->sh_type)) 3738 continue; 3739 3740 /* 3741 * As these sections are often hand rolled, make sure they're 3742 * properly aligned before proceeding, and issue an error 3743 * as necessary. 3744 * 3745 * Note that we will continue on to display the note even 3746 * if it has bad alignment. We can do this safely, because 3747 * libelf knows the alignment required for SHT_NOTE, and 3748 * takes steps to deliver a properly aligned buffer to us 3749 * even if the actual file is misaligned. 3750 */ 3751 if (shdr->sh_offset & (sizeof (Word) - 1)) 3752 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADALIGN), 3753 file, _cache->c_name); 3754 3755 if (_cache->c_data == NULL) 3756 continue; 3757 3758 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3759 dbg_print(0, MSG_INTL(MSG_ELF_SCN_NOTE), _cache->c_name); 3760 note_entry(_cache, (Word *)_cache->c_data->d_buf, 3761 /* LINTED */ 3762 (Word)_cache->c_data->d_size, ehdr, file); 3763 } 3764 3765 return (note_cnt); 3766 } 3767 3768 /* 3769 * The Linux Standard Base defines a special note named .note.ABI-tag 3770 * that is used to maintain Linux ABI information. Presence of this section 3771 * is a strong indication that the object should be considered to be 3772 * ELFOSABI_LINUX. 3773 * 3774 * This function returns True (1) if such a note is seen, and False (0) 3775 * otherwise. 3776 */ 3777 static int 3778 has_linux_abi_note(Cache *cache, Word shnum, const char *file) 3779 { 3780 Word cnt; 3781 3782 for (cnt = 1; cnt < shnum; cnt++) { 3783 parse_note_t pnstate; 3784 Cache *_cache = &cache[cnt]; 3785 Shdr *shdr = _cache->c_shdr; 3786 3787 /* 3788 * Section must be SHT_NOTE, must have the name 3789 * .note.ABI-tag, and must have data. 3790 */ 3791 if ((shdr->sh_type != SHT_NOTE) || 3792 (strcmp(MSG_ORIG(MSG_STR_NOTEABITAG), 3793 _cache->c_name) != 0) || (_cache->c_data == NULL)) 3794 continue; 3795 3796 pnstate.pns_file = file; 3797 pnstate.pns_cache = _cache; 3798 pnstate.pns_size = _cache->c_data->d_size; 3799 pnstate.pns_data = (Word *)_cache->c_data->d_buf; 3800 3801 while (pnstate.pns_size > 0) { 3802 Word *w; 3803 3804 if (parse_note_entry(&pnstate) == 0) 3805 break; 3806 3807 /* 3808 * The type must be 1, and the name must be "GNU". 3809 * The descsz must be at least 16 bytes. 3810 */ 3811 if ((pnstate.pn_type != 1) || 3812 (pnstate.pn_namesz != (MSG_STR_GNU_SIZE + 1)) || 3813 (strncmp(MSG_ORIG(MSG_STR_GNU), pnstate.pn_name, 3814 MSG_STR_CORE_SIZE + 1) != 0) || 3815 (pnstate.pn_descsz < 16)) 3816 continue; 3817 3818 /* 3819 * desc contains 4 32-bit fields. Field 0 must be 0, 3820 * indicating Linux. The second, third, and fourth 3821 * fields represent the earliest Linux kernel 3822 * version compatible with this object. 3823 */ 3824 /*LINTED*/ 3825 w = (Word *) pnstate.pn_desc; 3826 if (*w == 0) 3827 return (1); 3828 } 3829 } 3830 3831 return (0); 3832 } 3833 3834 /* 3835 * Determine an individual hash entry. This may be the initial hash entry, 3836 * or an associated chain entry. 3837 */ 3838 static void 3839 hash_entry(Cache *refsec, Cache *strsec, const char *hsecname, Word hashndx, 3840 Word symndx, Word symn, Sym *syms, const char *file, ulong_t bkts, 3841 uint_t flags, int chain) 3842 { 3843 Sym *sym; 3844 const char *symname, *str; 3845 char _bucket[MAXNDXSIZE], _symndx[MAXNDXSIZE]; 3846 ulong_t nbkt, nhash; 3847 3848 if (symndx > symn) { 3849 (void) fprintf(stderr, MSG_INTL(MSG_ERR_HSBADSYMNDX), file, 3850 EC_WORD(symndx), EC_WORD(hashndx)); 3851 symname = MSG_INTL(MSG_STR_UNKNOWN); 3852 } else { 3853 sym = (Sym *)(syms + symndx); 3854 symname = string(refsec, symndx, strsec, file, sym->st_name); 3855 } 3856 3857 if (chain == 0) { 3858 (void) snprintf(_bucket, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INTEGER), 3859 hashndx); 3860 str = (const char *)_bucket; 3861 } else 3862 str = MSG_ORIG(MSG_STR_EMPTY); 3863 3864 (void) snprintf(_symndx, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INDEX2), 3865 EC_WORD(symndx)); 3866 dbg_print(0, MSG_ORIG(MSG_FMT_HASH_INFO), str, _symndx, 3867 demangle(symname, flags)); 3868 3869 /* 3870 * Determine if this string is in the correct bucket. 3871 */ 3872 nhash = elf_hash(symname); 3873 nbkt = nhash % bkts; 3874 3875 if (nbkt != hashndx) { 3876 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADHASH), file, 3877 hsecname, symname, EC_WORD(hashndx), nbkt); 3878 } 3879 } 3880 3881 #define MAXCOUNT 500 3882 3883 static void 3884 hash(Cache *cache, Word shnum, const char *file, uint_t flags) 3885 { 3886 static int count[MAXCOUNT]; 3887 Word cnt; 3888 ulong_t ndx, bkts; 3889 char number[MAXNDXSIZE]; 3890 3891 for (cnt = 1; cnt < shnum; cnt++) { 3892 uint_t *hash, *chain; 3893 Cache *_cache = &cache[cnt]; 3894 Shdr *sshdr, *hshdr = _cache->c_shdr; 3895 char *ssecname, *hsecname = _cache->c_name; 3896 Sym *syms; 3897 Word symn; 3898 3899 if (hshdr->sh_type != SHT_HASH) 3900 continue; 3901 3902 /* 3903 * Determine the hash table data and size. 3904 */ 3905 if ((hshdr->sh_entsize == 0) || (hshdr->sh_size == 0)) { 3906 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3907 file, hsecname); 3908 continue; 3909 } 3910 if (_cache->c_data == NULL) 3911 continue; 3912 3913 hash = (uint_t *)_cache->c_data->d_buf; 3914 bkts = *hash; 3915 chain = hash + 2 + bkts; 3916 hash += 2; 3917 3918 /* 3919 * Get the data buffer for the associated symbol table. 3920 */ 3921 if ((hshdr->sh_link == 0) || (hshdr->sh_link >= shnum)) { 3922 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 3923 file, hsecname, EC_WORD(hshdr->sh_link)); 3924 continue; 3925 } 3926 3927 _cache = &cache[hshdr->sh_link]; 3928 ssecname = _cache->c_name; 3929 3930 if (_cache->c_data == NULL) 3931 continue; 3932 3933 if ((syms = (Sym *)_cache->c_data->d_buf) == NULL) { 3934 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3935 file, ssecname); 3936 continue; 3937 } 3938 3939 sshdr = _cache->c_shdr; 3940 /* LINTED */ 3941 symn = (Word)(sshdr->sh_size / sshdr->sh_entsize); 3942 3943 /* 3944 * Get the associated string table section. 3945 */ 3946 if ((sshdr->sh_link == 0) || (sshdr->sh_link >= shnum)) { 3947 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 3948 file, ssecname, EC_WORD(sshdr->sh_link)); 3949 continue; 3950 } 3951 3952 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3953 dbg_print(0, MSG_INTL(MSG_ELF_SCN_HASH), hsecname); 3954 dbg_print(0, MSG_INTL(MSG_ELF_HASH_INFO)); 3955 3956 /* 3957 * Loop through the hash buckets, printing the appropriate 3958 * symbols. 3959 */ 3960 for (ndx = 0; ndx < bkts; ndx++, hash++) { 3961 Word _ndx, _cnt; 3962 3963 if (*hash == 0) { 3964 count[0]++; 3965 continue; 3966 } 3967 3968 hash_entry(_cache, &cache[sshdr->sh_link], hsecname, 3969 ndx, *hash, symn, syms, file, bkts, flags, 0); 3970 3971 /* 3972 * Determine if any other symbols are chained to this 3973 * bucket. 3974 */ 3975 _ndx = chain[*hash]; 3976 _cnt = 1; 3977 while (_ndx) { 3978 hash_entry(_cache, &cache[sshdr->sh_link], 3979 hsecname, ndx, _ndx, symn, syms, file, 3980 bkts, flags, 1); 3981 _ndx = chain[_ndx]; 3982 _cnt++; 3983 } 3984 3985 if (_cnt >= MAXCOUNT) { 3986 (void) fprintf(stderr, 3987 MSG_INTL(MSG_HASH_OVERFLW), file, 3988 _cache->c_name, EC_WORD(ndx), 3989 EC_WORD(_cnt)); 3990 } else 3991 count[_cnt]++; 3992 } 3993 break; 3994 } 3995 3996 /* 3997 * Print out the count information. 3998 */ 3999 bkts = cnt = 0; 4000 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4001 4002 for (ndx = 0; ndx < MAXCOUNT; ndx++) { 4003 Word _cnt; 4004 4005 if ((_cnt = count[ndx]) == 0) 4006 continue; 4007 4008 (void) snprintf(number, MAXNDXSIZE, 4009 MSG_ORIG(MSG_FMT_INTEGER), _cnt); 4010 dbg_print(0, MSG_INTL(MSG_ELF_HASH_BKTS1), number, 4011 EC_WORD(ndx)); 4012 bkts += _cnt; 4013 cnt += (Word)(ndx * _cnt); 4014 } 4015 if (cnt) { 4016 (void) snprintf(number, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INTEGER), 4017 bkts); 4018 dbg_print(0, MSG_INTL(MSG_ELF_HASH_BKTS2), number, 4019 EC_WORD(cnt)); 4020 } 4021 } 4022 4023 static void 4024 group(Cache *cache, Word shnum, const char *file, uint_t flags) 4025 { 4026 Word scnt; 4027 4028 for (scnt = 1; scnt < shnum; scnt++) { 4029 Cache *_cache = &cache[scnt]; 4030 Shdr *shdr = _cache->c_shdr; 4031 Word *grpdata, gcnt, grpcnt, symnum, unknown; 4032 Cache *symsec, *strsec; 4033 Sym *syms, *sym; 4034 char flgstrbuf[MSG_GRP_COMDAT_SIZE + 10]; 4035 const char *grpnam; 4036 4037 if (shdr->sh_type != SHT_GROUP) 4038 continue; 4039 if (!match(MATCH_F_ALL, _cache->c_name, scnt, shdr->sh_type)) 4040 continue; 4041 if ((_cache->c_data == NULL) || 4042 ((grpdata = (Word *)_cache->c_data->d_buf) == NULL)) 4043 continue; 4044 grpcnt = shdr->sh_size / sizeof (Word); 4045 4046 /* 4047 * Get the data buffer for the associated symbol table and 4048 * string table. 4049 */ 4050 if (stringtbl(cache, 1, scnt, shnum, file, 4051 &symnum, &symsec, &strsec) == 0) 4052 return; 4053 4054 syms = symsec->c_data->d_buf; 4055 4056 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4057 dbg_print(0, MSG_INTL(MSG_ELF_SCN_GRP), _cache->c_name); 4058 dbg_print(0, MSG_INTL(MSG_GRP_TITLE)); 4059 4060 /* 4061 * The first element of the group defines the group. The 4062 * associated symbol is defined by the sh_link field. 4063 */ 4064 if ((shdr->sh_info == SHN_UNDEF) || (shdr->sh_info > symnum)) { 4065 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHINFO), 4066 file, _cache->c_name, EC_WORD(shdr->sh_info)); 4067 return; 4068 } 4069 4070 (void) strcpy(flgstrbuf, MSG_ORIG(MSG_STR_OSQBRKT)); 4071 if (grpdata[0] & GRP_COMDAT) { 4072 (void) strcat(flgstrbuf, MSG_ORIG(MSG_GRP_COMDAT)); 4073 } 4074 if ((unknown = (grpdata[0] & ~GRP_COMDAT)) != 0) { 4075 size_t len = strlen(flgstrbuf); 4076 4077 (void) snprintf(&flgstrbuf[len], 4078 (MSG_GRP_COMDAT_SIZE + 10 - len), 4079 MSG_ORIG(MSG_GRP_UNKNOWN), unknown); 4080 } 4081 (void) strcat(flgstrbuf, MSG_ORIG(MSG_STR_CSQBRKT)); 4082 sym = (Sym *)(syms + shdr->sh_info); 4083 4084 /* 4085 * The GNU assembler can use section symbols as the signature 4086 * symbol as described by this comment in the gold linker 4087 * (found via google): 4088 * 4089 * It seems that some versions of gas will create a 4090 * section group associated with a section symbol, and 4091 * then fail to give a name to the section symbol. In 4092 * such a case, use the name of the section. 4093 * 4094 * In order to support such objects, we do the same. 4095 */ 4096 grpnam = string(_cache, 0, strsec, file, sym->st_name); 4097 if (((sym->st_name == 0) || (*grpnam == '\0')) && 4098 (ELF_ST_TYPE(sym->st_info) == STT_SECTION)) 4099 grpnam = cache[sym->st_shndx].c_name; 4100 4101 dbg_print(0, MSG_INTL(MSG_GRP_SIGNATURE), flgstrbuf, 4102 demangle(grpnam, flags)); 4103 4104 for (gcnt = 1; gcnt < grpcnt; gcnt++) { 4105 char index[MAXNDXSIZE]; 4106 const char *name; 4107 4108 (void) snprintf(index, MAXNDXSIZE, 4109 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(gcnt)); 4110 4111 if (grpdata[gcnt] >= shnum) 4112 name = MSG_INTL(MSG_GRP_INVALSCN); 4113 else 4114 name = cache[grpdata[gcnt]].c_name; 4115 4116 (void) printf(MSG_ORIG(MSG_GRP_ENTRY), index, name, 4117 EC_XWORD(grpdata[gcnt])); 4118 } 4119 } 4120 } 4121 4122 static void 4123 got(Cache *cache, Word shnum, Ehdr *ehdr, const char *file) 4124 { 4125 Cache *gotcache = NULL, *symtab = NULL; 4126 Addr gotbgn, gotend; 4127 Shdr *gotshdr; 4128 Word cnt, gotents, gotndx; 4129 size_t gentsize; 4130 Got_info *gottable; 4131 char *gotdata; 4132 Sym *gotsym; 4133 Xword gotsymaddr; 4134 uint_t sys_encoding; 4135 4136 /* 4137 * First, find the got. 4138 */ 4139 for (cnt = 1; cnt < shnum; cnt++) { 4140 if (strncmp(cache[cnt].c_name, MSG_ORIG(MSG_ELF_GOT), 4141 MSG_ELF_GOT_SIZE) == 0) { 4142 gotcache = &cache[cnt]; 4143 break; 4144 } 4145 } 4146 if (gotcache == NULL) 4147 return; 4148 4149 /* 4150 * A got section within a relocatable object is suspicious. 4151 */ 4152 if (ehdr->e_type == ET_REL) { 4153 (void) fprintf(stderr, MSG_INTL(MSG_GOT_UNEXPECTED), file, 4154 gotcache->c_name); 4155 } 4156 4157 gotshdr = gotcache->c_shdr; 4158 if (gotshdr->sh_size == 0) { 4159 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 4160 file, gotcache->c_name); 4161 return; 4162 } 4163 4164 gotbgn = gotshdr->sh_addr; 4165 gotend = gotbgn + gotshdr->sh_size; 4166 4167 /* 4168 * Some architectures don't properly set the sh_entsize for the GOT 4169 * table. If it's not set, default to a size of a pointer. 4170 */ 4171 if ((gentsize = gotshdr->sh_entsize) == 0) 4172 gentsize = sizeof (Xword); 4173 4174 if (gotcache->c_data == NULL) 4175 return; 4176 4177 /* LINTED */ 4178 gotents = (Word)(gotshdr->sh_size / gentsize); 4179 gotdata = gotcache->c_data->d_buf; 4180 4181 if ((gottable = calloc(gotents, sizeof (Got_info))) == 0) { 4182 int err = errno; 4183 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), file, 4184 strerror(err)); 4185 return; 4186 } 4187 4188 /* 4189 * Now we scan through all the sections looking for any relocations 4190 * that may be against the GOT. Since these may not be isolated to a 4191 * .rel[a].got section we check them all. 4192 * While scanning sections save the symbol table entry (a symtab 4193 * overriding a dynsym) so that we can lookup _GLOBAL_OFFSET_TABLE_. 4194 */ 4195 for (cnt = 1; cnt < shnum; cnt++) { 4196 Word type, symnum; 4197 Xword relndx, relnum, relsize; 4198 void *rels; 4199 Sym *syms; 4200 Cache *symsec, *strsec; 4201 Cache *_cache = &cache[cnt]; 4202 Shdr *shdr; 4203 4204 shdr = _cache->c_shdr; 4205 type = shdr->sh_type; 4206 4207 if ((symtab == 0) && (type == SHT_DYNSYM)) { 4208 symtab = _cache; 4209 continue; 4210 } 4211 if (type == SHT_SYMTAB) { 4212 symtab = _cache; 4213 continue; 4214 } 4215 if ((type != SHT_RELA) && (type != SHT_REL)) 4216 continue; 4217 4218 /* 4219 * Decide entry size. 4220 */ 4221 if (((relsize = shdr->sh_entsize) == 0) || 4222 (relsize > shdr->sh_size)) { 4223 if (type == SHT_RELA) 4224 relsize = sizeof (Rela); 4225 else 4226 relsize = sizeof (Rel); 4227 } 4228 4229 /* 4230 * Determine the number of relocations available. 4231 */ 4232 if (shdr->sh_size == 0) { 4233 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 4234 file, _cache->c_name); 4235 continue; 4236 } 4237 if (_cache->c_data == NULL) 4238 continue; 4239 4240 rels = _cache->c_data->d_buf; 4241 relnum = shdr->sh_size / relsize; 4242 4243 /* 4244 * Get the data buffer for the associated symbol table and 4245 * string table. 4246 */ 4247 if (stringtbl(cache, 1, cnt, shnum, file, 4248 &symnum, &symsec, &strsec) == 0) 4249 continue; 4250 4251 syms = symsec->c_data->d_buf; 4252 4253 /* 4254 * Loop through the relocation entries. 4255 */ 4256 for (relndx = 0; relndx < relnum; relndx++, 4257 rels = (void *)((char *)rels + relsize)) { 4258 char section[BUFSIZ]; 4259 Addr offset; 4260 Got_info *gip; 4261 Word symndx, reltype; 4262 Rela *rela; 4263 Rel *rel; 4264 4265 /* 4266 * Unravel the relocation. 4267 */ 4268 if (type == SHT_RELA) { 4269 rela = (Rela *)rels; 4270 symndx = ELF_R_SYM(rela->r_info); 4271 reltype = ELF_R_TYPE(rela->r_info, 4272 ehdr->e_machine); 4273 offset = rela->r_offset; 4274 } else { 4275 rel = (Rel *)rels; 4276 symndx = ELF_R_SYM(rel->r_info); 4277 reltype = ELF_R_TYPE(rel->r_info, 4278 ehdr->e_machine); 4279 offset = rel->r_offset; 4280 } 4281 4282 /* 4283 * Only pay attention to relocations against the GOT. 4284 */ 4285 if ((offset < gotbgn) || (offset >= gotend)) 4286 continue; 4287 4288 /* LINTED */ 4289 gotndx = (Word)((offset - gotbgn) / 4290 gotshdr->sh_entsize); 4291 gip = &gottable[gotndx]; 4292 4293 if (gip->g_reltype != 0) { 4294 (void) fprintf(stderr, 4295 MSG_INTL(MSG_GOT_MULTIPLE), file, 4296 EC_WORD(gotndx), EC_ADDR(offset)); 4297 continue; 4298 } 4299 4300 if (symndx) 4301 gip->g_symname = relsymname(cache, _cache, 4302 strsec, symndx, symnum, relndx, syms, 4303 section, BUFSIZ, file); 4304 gip->g_reltype = reltype; 4305 gip->g_rel = rels; 4306 } 4307 } 4308 4309 if (symlookup(MSG_ORIG(MSG_SYM_GOT), cache, shnum, &gotsym, NULL, 4310 symtab, file)) 4311 gotsymaddr = gotsym->st_value; 4312 else 4313 gotsymaddr = gotbgn; 4314 4315 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4316 dbg_print(0, MSG_INTL(MSG_ELF_SCN_GOT), gotcache->c_name); 4317 Elf_got_title(0); 4318 4319 sys_encoding = _elf_sys_encoding(); 4320 for (gotndx = 0; gotndx < gotents; gotndx++) { 4321 Got_info *gip; 4322 Sword gindex; 4323 Addr gaddr; 4324 Xword gotentry; 4325 4326 gip = &gottable[gotndx]; 4327 4328 gaddr = gotbgn + (gotndx * gentsize); 4329 gindex = (Sword)(gaddr - gotsymaddr) / (Sword)gentsize; 4330 4331 if (gentsize == sizeof (Word)) 4332 /* LINTED */ 4333 gotentry = (Xword)(*((Word *)(gotdata) + gotndx)); 4334 else 4335 /* LINTED */ 4336 gotentry = *((Xword *)(gotdata) + gotndx); 4337 4338 Elf_got_entry(0, gindex, gaddr, gotentry, ehdr->e_machine, 4339 ehdr->e_ident[EI_DATA], sys_encoding, 4340 gip->g_reltype, gip->g_rel, gip->g_symname); 4341 } 4342 free(gottable); 4343 } 4344 4345 void 4346 checksum(Elf *elf) 4347 { 4348 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4349 dbg_print(0, MSG_INTL(MSG_STR_CHECKSUM), elf_checksum(elf)); 4350 } 4351 4352 /* 4353 * This variable is used by regular() to communicate the address of 4354 * the section header cache to sort_shdr_ndx_arr(). Unfortunately, 4355 * the qsort() interface does not include a userdata argument by which 4356 * such arbitrary data can be passed, so we are stuck using global data. 4357 */ 4358 static Cache *sort_shdr_ndx_arr_cache; 4359 4360 4361 /* 4362 * Used with qsort() to sort the section indices so that they can be 4363 * used to access the section headers in order of increasing data offset. 4364 * 4365 * entry: 4366 * sort_shdr_ndx_arr_cache - Contains address of 4367 * section header cache. 4368 * v1, v2 - Point at elements of sort_shdr_bits array to be compared. 4369 * 4370 * exit: 4371 * Returns -1 (less than), 0 (equal) or 1 (greater than). 4372 */ 4373 static int 4374 sort_shdr_ndx_arr(const void *v1, const void *v2) 4375 { 4376 Cache *cache1 = sort_shdr_ndx_arr_cache + *((size_t *)v1); 4377 Cache *cache2 = sort_shdr_ndx_arr_cache + *((size_t *)v2); 4378 4379 if (cache1->c_shdr->sh_offset < cache2->c_shdr->sh_offset) 4380 return (-1); 4381 4382 if (cache1->c_shdr->sh_offset > cache2->c_shdr->sh_offset) 4383 return (1); 4384 4385 return (0); 4386 } 4387 4388 4389 static int 4390 shdr_cache(const char *file, Elf *elf, Ehdr *ehdr, size_t shstrndx, 4391 size_t shnum, Cache **cache_ret, Word flags) 4392 { 4393 Elf_Scn *scn; 4394 Elf_Data *data; 4395 size_t ndx; 4396 Shdr *nameshdr; 4397 char *names = NULL; 4398 Cache *cache, *_cache; 4399 size_t *shdr_ndx_arr, shdr_ndx_arr_cnt; 4400 4401 4402 /* 4403 * Obtain the .shstrtab data buffer to provide the required section 4404 * name strings. 4405 */ 4406 if (shstrndx == SHN_UNDEF) { 4407 /* 4408 * It is rare, but legal, for an object to lack a 4409 * header string table section. 4410 */ 4411 names = NULL; 4412 (void) fprintf(stderr, MSG_INTL(MSG_ERR_NOSHSTRSEC), file); 4413 } else if ((scn = elf_getscn(elf, shstrndx)) == NULL) { 4414 failure(file, MSG_ORIG(MSG_ELF_GETSCN)); 4415 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SHDR), 4416 EC_XWORD(shstrndx)); 4417 4418 } else if ((data = elf_getdata(scn, NULL)) == NULL) { 4419 failure(file, MSG_ORIG(MSG_ELF_GETDATA)); 4420 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_DATA), 4421 EC_XWORD(shstrndx)); 4422 4423 } else if ((nameshdr = elf_getshdr(scn)) == NULL) { 4424 failure(file, MSG_ORIG(MSG_ELF_GETSHDR)); 4425 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCN), 4426 EC_WORD(elf_ndxscn(scn))); 4427 4428 } else if ((names = data->d_buf) == NULL) 4429 (void) fprintf(stderr, MSG_INTL(MSG_ERR_SHSTRNULL), file); 4430 4431 /* 4432 * Allocate a cache to maintain a descriptor for each section. 4433 */ 4434 if ((*cache_ret = cache = malloc(shnum * sizeof (Cache))) == NULL) { 4435 int err = errno; 4436 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 4437 file, strerror(err)); 4438 return (0); 4439 } 4440 4441 *cache = cache_init; 4442 _cache = cache; 4443 _cache++; 4444 4445 /* 4446 * Allocate an array that will hold the section index for 4447 * each section that has data in the ELF file: 4448 * 4449 * - Is not a NOBITS section 4450 * - Data has non-zero length 4451 * 4452 * Note that shnum is an upper bound on the size required. It 4453 * is likely that we won't use a few of these array elements. 4454 * Allocating a modest amount of extra memory in this case means 4455 * that we can avoid an extra loop to count the number of needed 4456 * items, and can fill this array immediately in the first loop 4457 * below. 4458 */ 4459 if ((shdr_ndx_arr = malloc(shnum * sizeof (*shdr_ndx_arr))) == NULL) { 4460 int err = errno; 4461 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 4462 file, strerror(err)); 4463 return (0); 4464 } 4465 shdr_ndx_arr_cnt = 0; 4466 4467 /* 4468 * Traverse the sections of the file. This gathering of data is 4469 * carried out in two passes. First, the section headers are captured 4470 * and the section header names are evaluated. A verification pass is 4471 * then carried out over the section information. Files have been 4472 * known to exhibit overlapping (and hence erroneous) section header 4473 * information. 4474 * 4475 * Finally, the data for each section is obtained. This processing is 4476 * carried out after section verification because should any section 4477 * header overlap occur, and a file needs translating (ie. xlate'ing 4478 * information from a non-native architecture file), then the process 4479 * of translation can corrupt the section header information. Of 4480 * course, if there is any section overlap, the data related to the 4481 * sections is going to be compromised. However, it is the translation 4482 * of this data that has caused problems with elfdump()'s ability to 4483 * extract the data. 4484 */ 4485 for (ndx = 1, scn = NULL; scn = elf_nextscn(elf, scn); 4486 ndx++, _cache++) { 4487 char scnndxnm[100]; 4488 4489 _cache->c_ndx = ndx; 4490 _cache->c_scn = scn; 4491 4492 if ((_cache->c_shdr = elf_getshdr(scn)) == NULL) { 4493 failure(file, MSG_ORIG(MSG_ELF_GETSHDR)); 4494 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCN), 4495 EC_WORD(elf_ndxscn(scn))); 4496 } 4497 4498 /* 4499 * If this section has data in the file, include it in 4500 * the array of sections to check for address overlap. 4501 */ 4502 if ((_cache->c_shdr->sh_size != 0) && 4503 (_cache->c_shdr->sh_type != SHT_NOBITS)) 4504 shdr_ndx_arr[shdr_ndx_arr_cnt++] = ndx; 4505 4506 /* 4507 * If a shstrtab exists, assign the section name. 4508 */ 4509 if (names && _cache->c_shdr) { 4510 if (_cache->c_shdr->sh_name && 4511 /* LINTED */ 4512 (nameshdr->sh_size > _cache->c_shdr->sh_name)) { 4513 const char *symname; 4514 char *secname; 4515 4516 secname = names + _cache->c_shdr->sh_name; 4517 4518 /* 4519 * A SUN naming convention employs a "%" within 4520 * a section name to indicate a section/symbol 4521 * name. This originated from the compilers 4522 * -xF option, that places functions into their 4523 * own sections. This convention (which has no 4524 * formal standard) has also been followed for 4525 * COMDAT sections. To demangle the symbol 4526 * name, the name must be separated from the 4527 * section name. 4528 */ 4529 if (((flags & FLG_CTL_DEMANGLE) == 0) || 4530 ((symname = strchr(secname, '%')) == NULL)) 4531 _cache->c_name = secname; 4532 else { 4533 size_t secsz = ++symname - secname; 4534 size_t strsz; 4535 4536 symname = demangle(symname, flags); 4537 strsz = secsz + strlen(symname) + 1; 4538 4539 if ((_cache->c_name = 4540 malloc(strsz)) == NULL) { 4541 int err = errno; 4542 (void) fprintf(stderr, 4543 MSG_INTL(MSG_ERR_MALLOC), 4544 file, strerror(err)); 4545 return (0); 4546 } 4547 (void) snprintf(_cache->c_name, strsz, 4548 MSG_ORIG(MSG_FMT_SECSYM), 4549 EC_WORD(secsz), secname, symname); 4550 } 4551 4552 continue; 4553 } 4554 4555 /* 4556 * Generate an error if the section name index is zero 4557 * or exceeds the shstrtab data. Fall through to 4558 * fabricate a section name. 4559 */ 4560 if ((_cache->c_shdr->sh_name == 0) || 4561 /* LINTED */ 4562 (nameshdr->sh_size <= _cache->c_shdr->sh_name)) { 4563 (void) fprintf(stderr, 4564 MSG_INTL(MSG_ERR_BADSHNAME), file, 4565 EC_WORD(ndx), 4566 EC_XWORD(_cache->c_shdr->sh_name)); 4567 } 4568 } 4569 4570 /* 4571 * If there exists no shstrtab data, or a section header has no 4572 * name (an invalid index of 0), then compose a name for the 4573 * section. 4574 */ 4575 (void) snprintf(scnndxnm, sizeof (scnndxnm), 4576 MSG_INTL(MSG_FMT_SCNNDX), ndx); 4577 4578 if ((_cache->c_name = malloc(strlen(scnndxnm) + 1)) == NULL) { 4579 int err = errno; 4580 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 4581 file, strerror(err)); 4582 return (0); 4583 } 4584 (void) strcpy(_cache->c_name, scnndxnm); 4585 } 4586 4587 /* 4588 * Having collected all the sections, validate their address range. 4589 * Cases have existed where the section information has been invalid. 4590 * This can lead to all sorts of other, hard to diagnose errors, as 4591 * each section is processed individually (ie. with elf_getdata()). 4592 * Here, we carry out some address comparisons to catch a family of 4593 * overlapping memory issues we have observed (likely, there are others 4594 * that we have yet to discover). 4595 * 4596 * Note, should any memory overlap occur, obtaining any additional 4597 * data from the file is questionable. However, it might still be 4598 * possible to inspect the ELF header, Programs headers, or individual 4599 * sections, so rather than bailing on an error condition, continue 4600 * processing to see if any data can be salvaged. 4601 */ 4602 if (shdr_ndx_arr_cnt > 1) { 4603 sort_shdr_ndx_arr_cache = cache; 4604 qsort(shdr_ndx_arr, shdr_ndx_arr_cnt, 4605 sizeof (*shdr_ndx_arr), sort_shdr_ndx_arr); 4606 } 4607 for (ndx = 0; ndx < shdr_ndx_arr_cnt; ndx++) { 4608 Cache *_cache = cache + shdr_ndx_arr[ndx]; 4609 Shdr *shdr = _cache->c_shdr; 4610 Off bgn1, bgn = shdr->sh_offset; 4611 Off end1, end = shdr->sh_offset + shdr->sh_size; 4612 size_t ndx1; 4613 4614 /* 4615 * Check the section against all following ones, reporting 4616 * any overlaps. Since we've sorted the sections by offset, 4617 * we can stop after the first comparison that fails. There 4618 * are no overlaps in a properly formed ELF file, in which 4619 * case this algorithm runs in O(n) time. This will degenerate 4620 * to O(n^2) for a completely broken file. Such a file is 4621 * (1) highly unlikely, and (2) unusable, so it is reasonable 4622 * for the analysis to take longer. 4623 */ 4624 for (ndx1 = ndx + 1; ndx1 < shdr_ndx_arr_cnt; ndx1++) { 4625 Cache *_cache1 = cache + shdr_ndx_arr[ndx1]; 4626 Shdr *shdr1 = _cache1->c_shdr; 4627 4628 bgn1 = shdr1->sh_offset; 4629 end1 = shdr1->sh_offset + shdr1->sh_size; 4630 4631 if (((bgn1 <= bgn) && (end1 > bgn)) || 4632 ((bgn1 < end) && (end1 >= end))) { 4633 (void) fprintf(stderr, 4634 MSG_INTL(MSG_ERR_SECMEMOVER), file, 4635 EC_WORD(elf_ndxscn(_cache->c_scn)), 4636 _cache->c_name, EC_OFF(bgn), EC_OFF(end), 4637 EC_WORD(elf_ndxscn(_cache1->c_scn)), 4638 _cache1->c_name, EC_OFF(bgn1), 4639 EC_OFF(end1)); 4640 } else { /* No overlap, so can stop */ 4641 break; 4642 } 4643 } 4644 4645 /* 4646 * In addition to checking for sections overlapping 4647 * each other (done above), we should also make sure 4648 * the section doesn't overlap the section header array. 4649 */ 4650 bgn1 = ehdr->e_shoff; 4651 end1 = ehdr->e_shoff + (ehdr->e_shentsize * ehdr->e_shnum); 4652 4653 if (((bgn1 <= bgn) && (end1 > bgn)) || 4654 ((bgn1 < end) && (end1 >= end))) { 4655 (void) fprintf(stderr, 4656 MSG_INTL(MSG_ERR_SHDRMEMOVER), file, EC_OFF(bgn1), 4657 EC_OFF(end1), 4658 EC_WORD(elf_ndxscn(_cache->c_scn)), 4659 _cache->c_name, EC_OFF(bgn), EC_OFF(end)); 4660 } 4661 } 4662 4663 /* 4664 * Obtain the data for each section. 4665 */ 4666 for (ndx = 1; ndx < shnum; ndx++) { 4667 Cache *_cache = &cache[ndx]; 4668 Elf_Scn *scn = _cache->c_scn; 4669 4670 if ((_cache->c_data = elf_getdata(scn, NULL)) == NULL) { 4671 failure(file, MSG_ORIG(MSG_ELF_GETDATA)); 4672 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCNDATA), 4673 EC_WORD(elf_ndxscn(scn))); 4674 } 4675 4676 /* 4677 * If a string table, verify that it has NULL first and 4678 * final bytes. 4679 */ 4680 if ((_cache->c_shdr->sh_type == SHT_STRTAB) && 4681 (_cache->c_data->d_buf != NULL) && 4682 (_cache->c_data->d_size > 0)) { 4683 const char *s = _cache->c_data->d_buf; 4684 4685 if ((*s != '\0') || 4686 (*(s + _cache->c_data->d_size - 1) != '\0')) 4687 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALSTR), 4688 file, _cache->c_name); 4689 } 4690 } 4691 4692 return (1); 4693 } 4694 4695 4696 4697 /* 4698 * Generate a cache of section headers and related information 4699 * for use by the rest of elfdump. If requested (or the file 4700 * contains no section headers), we generate a fake set of 4701 * headers from the information accessible from the program headers. 4702 * Otherwise, we use the real section headers contained in the file. 4703 */ 4704 static int 4705 create_cache(const char *file, int fd, Elf *elf, Ehdr *ehdr, Cache **cache, 4706 size_t shstrndx, size_t *shnum, uint_t *flags) 4707 { 4708 /* 4709 * If there are no section headers, then resort to synthesizing 4710 * section headers from the program headers. This is normally 4711 * only done by explicit request, but in this case there's no 4712 * reason not to go ahead, since the alternative is simply to quit. 4713 */ 4714 if ((*shnum <= 1) && ((*flags & FLG_CTL_FAKESHDR) == 0)) { 4715 (void) fprintf(stderr, MSG_INTL(MSG_ERR_NOSHDR), file); 4716 *flags |= FLG_CTL_FAKESHDR; 4717 } 4718 4719 if (*flags & FLG_CTL_FAKESHDR) { 4720 if (fake_shdr_cache(file, fd, elf, ehdr, cache, shnum) == 0) 4721 return (0); 4722 } else { 4723 if (shdr_cache(file, elf, ehdr, shstrndx, *shnum, 4724 cache, *flags) == 0) 4725 return (0); 4726 } 4727 4728 return (1); 4729 } 4730 4731 int 4732 regular(const char *file, int fd, Elf *elf, uint_t flags, 4733 const char *wname, int wfd, uchar_t osabi) 4734 { 4735 enum { CACHE_NEEDED, CACHE_OK, CACHE_FAIL} cache_state = CACHE_NEEDED; 4736 Elf_Scn *scn; 4737 Ehdr *ehdr; 4738 size_t ndx, shstrndx, shnum, phnum; 4739 Shdr *shdr; 4740 Cache *cache; 4741 VERSYM_STATE versym = { 0 }; 4742 int ret = 0; 4743 int addr_align; 4744 4745 if ((ehdr = elf_getehdr(elf)) == NULL) { 4746 failure(file, MSG_ORIG(MSG_ELF_GETEHDR)); 4747 return (ret); 4748 } 4749 4750 if (elf_getshdrnum(elf, &shnum) == -1) { 4751 failure(file, MSG_ORIG(MSG_ELF_GETSHDRNUM)); 4752 return (ret); 4753 } 4754 4755 if (elf_getshdrstrndx(elf, &shstrndx) == -1) { 4756 failure(file, MSG_ORIG(MSG_ELF_GETSHDRSTRNDX)); 4757 return (ret); 4758 } 4759 4760 if (elf_getphdrnum(elf, &phnum) == -1) { 4761 failure(file, MSG_ORIG(MSG_ELF_GETPHDRNUM)); 4762 return (ret); 4763 } 4764 /* 4765 * If the user requested section headers derived from the 4766 * program headers (-P option) and this file doesn't have 4767 * any program headers (i.e. ET_REL), then we can't do it. 4768 */ 4769 if ((phnum == 0) && (flags & FLG_CTL_FAKESHDR)) { 4770 (void) fprintf(stderr, MSG_INTL(MSG_ERR_PNEEDSPH), file); 4771 return (ret); 4772 } 4773 4774 4775 if ((scn = elf_getscn(elf, 0)) != NULL) { 4776 if ((shdr = elf_getshdr(scn)) == NULL) { 4777 failure(file, MSG_ORIG(MSG_ELF_GETSHDR)); 4778 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCN), 0); 4779 return (ret); 4780 } 4781 } else 4782 shdr = NULL; 4783 4784 /* 4785 * Print the elf header. 4786 */ 4787 if (flags & FLG_SHOW_EHDR) 4788 Elf_ehdr(0, ehdr, shdr); 4789 4790 /* 4791 * If the section headers or program headers have inadequate 4792 * alignment for the class of object, print a warning. libelf 4793 * can handle such files, but programs that use them can crash 4794 * when they dereference unaligned items. 4795 * 4796 * Note that the AMD64 ABI, although it is a 64-bit architecture, 4797 * allows access to data types smaller than 128-bits to be on 4798 * word alignment. 4799 */ 4800 if (ehdr->e_machine == EM_AMD64) 4801 addr_align = sizeof (Word); 4802 else 4803 addr_align = sizeof (Addr); 4804 4805 if (ehdr->e_phoff & (addr_align - 1)) 4806 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADPHDRALIGN), file); 4807 if (ehdr->e_shoff & (addr_align - 1)) 4808 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHDRALIGN), file); 4809 4810 4811 /* 4812 * Determine the Operating System ABI (osabi) we will use to 4813 * interpret the object. 4814 */ 4815 if (flags & FLG_CTL_OSABI) { 4816 /* 4817 * If the user explicitly specifies '-O none', we need 4818 * to display a completely generic view of the file. 4819 * However, libconv is written to assume that ELFOSABI_NONE 4820 * is equivalent to ELFOSABI_SOLARIS. To get the desired 4821 * effect, we use an osabi that libconv has no knowledge of. 4822 */ 4823 if (osabi == ELFOSABI_NONE) 4824 osabi = ELFOSABI_UNKNOWN4; 4825 } else { 4826 /* Determine osabi from file */ 4827 osabi = ehdr->e_ident[EI_OSABI]; 4828 if (osabi == ELFOSABI_NONE) { 4829 /* 4830 * Chicken/Egg scenario: 4831 * 4832 * Ideally, we wait to create the section header cache 4833 * until after the program headers are printed. If we 4834 * only output program headers, we can skip building 4835 * the cache entirely. 4836 * 4837 * Proper interpretation of program headers requires 4838 * the osabi, which is supposed to be in the ELF header. 4839 * However, many systems (Solaris and Linux included) 4840 * have a history of setting the osabi to the generic 4841 * SysV ABI (ELFOSABI_NONE). We assume ELFOSABI_SOLARIS 4842 * in such cases, but would like to check the object 4843 * to see if it has a Linux .note.ABI-tag section, 4844 * which implies ELFOSABI_LINUX. This requires a 4845 * section header cache. 4846 * 4847 * To break the cycle, we create section headers now 4848 * if osabi is ELFOSABI_NONE, and later otherwise. 4849 * If it succeeds, we use them, if not, we defer 4850 * exiting until after the program headers are out. 4851 */ 4852 if (create_cache(file, fd, elf, ehdr, &cache, 4853 shstrndx, &shnum, &flags) == 0) { 4854 cache_state = CACHE_FAIL; 4855 } else { 4856 cache_state = CACHE_OK; 4857 if (has_linux_abi_note(cache, shnum, file)) { 4858 Conv_inv_buf_t ibuf1, ibuf2; 4859 4860 (void) fprintf(stderr, 4861 MSG_INTL(MSG_INFO_LINUXOSABI), file, 4862 conv_ehdr_osabi(osabi, 0, &ibuf1), 4863 conv_ehdr_osabi(ELFOSABI_LINUX, 4864 0, &ibuf2)); 4865 osabi = ELFOSABI_LINUX; 4866 } 4867 } 4868 } 4869 /* 4870 * We treat ELFOSABI_NONE identically to ELFOSABI_SOLARIS. 4871 * Mapping NONE to SOLARIS simplifies the required test. 4872 */ 4873 if (osabi == ELFOSABI_NONE) 4874 osabi = ELFOSABI_SOLARIS; 4875 } 4876 4877 /* 4878 * Print the program headers. 4879 */ 4880 if ((flags & FLG_SHOW_PHDR) && (phnum != 0)) { 4881 Phdr *phdr; 4882 4883 if ((phdr = elf_getphdr(elf)) == NULL) { 4884 failure(file, MSG_ORIG(MSG_ELF_GETPHDR)); 4885 return (ret); 4886 } 4887 4888 for (ndx = 0; ndx < phnum; phdr++, ndx++) { 4889 if (!match(MATCH_F_PHDR| MATCH_F_NDX | MATCH_F_TYPE, 4890 NULL, ndx, phdr->p_type)) 4891 continue; 4892 4893 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4894 dbg_print(0, MSG_INTL(MSG_ELF_PHDR), EC_WORD(ndx)); 4895 Elf_phdr(0, osabi, ehdr->e_machine, phdr); 4896 } 4897 } 4898 4899 /* 4900 * If we have flag bits set that explicitly require a show or calc 4901 * operation, but none of them require the section headers, then 4902 * we are done and can return now. 4903 */ 4904 if (((flags & (FLG_MASK_SHOW | FLG_MASK_CALC)) != 0) && 4905 ((flags & (FLG_MASK_SHOW_SHDR | FLG_MASK_CALC_SHDR)) == 0)) 4906 return (ret); 4907 4908 /* 4909 * Everything from this point on requires section headers. 4910 * If we have no section headers, there is no reason to continue. 4911 * 4912 * If we tried above to create the section header cache and failed, 4913 * it is time to exit. Otherwise, create it if needed. 4914 */ 4915 switch (cache_state) { 4916 case CACHE_NEEDED: 4917 if (create_cache(file, fd, elf, ehdr, &cache, shstrndx, 4918 &shnum, &flags) == 0) 4919 return (ret); 4920 break; 4921 case CACHE_FAIL: 4922 return (ret); 4923 } 4924 if (shnum <= 1) 4925 goto done; 4926 4927 /* 4928 * If -w was specified, find and write out the section(s) data. 4929 */ 4930 if (wfd) { 4931 for (ndx = 1; ndx < shnum; ndx++) { 4932 Cache *_cache = &cache[ndx]; 4933 4934 if (match(MATCH_F_STRICT | MATCH_F_ALL, _cache->c_name, 4935 ndx, _cache->c_shdr->sh_type) && 4936 _cache->c_data && _cache->c_data->d_buf) { 4937 if (write(wfd, _cache->c_data->d_buf, 4938 _cache->c_data->d_size) != 4939 _cache->c_data->d_size) { 4940 int err = errno; 4941 (void) fprintf(stderr, 4942 MSG_INTL(MSG_ERR_WRITE), wname, 4943 strerror(err)); 4944 /* 4945 * Return an exit status of 1, because 4946 * the failure is not related to the 4947 * ELF file, but by system resources. 4948 */ 4949 ret = 1; 4950 goto done; 4951 } 4952 } 4953 } 4954 } 4955 4956 /* 4957 * If we have no flag bits set that explicitly require a show or calc 4958 * operation, but match options (-I, -N, -T) were used, then run 4959 * through the section headers and see if we can't deduce show flags 4960 * from the match options given. 4961 * 4962 * We don't do this if -w was specified, because (-I, -N, -T) used 4963 * with -w in lieu of some other option is supposed to be quiet. 4964 */ 4965 if ((wfd == 0) && (flags & FLG_CTL_MATCH) && 4966 ((flags & (FLG_MASK_SHOW | FLG_MASK_CALC)) == 0)) { 4967 for (ndx = 1; ndx < shnum; ndx++) { 4968 Cache *_cache = &cache[ndx]; 4969 4970 if (!match(MATCH_F_STRICT | MATCH_F_ALL, _cache->c_name, 4971 ndx, _cache->c_shdr->sh_type)) 4972 continue; 4973 4974 switch (_cache->c_shdr->sh_type) { 4975 case SHT_PROGBITS: 4976 /* 4977 * Heuristic time: It is usually bad form 4978 * to assume the meaning/format of a PROGBITS 4979 * section based on its name. However, there 4980 * are ABI mandated exceptions. Check for 4981 * these special names. 4982 */ 4983 4984 /* The ELF ABI specifies .interp and .got */ 4985 if (strcmp(_cache->c_name, 4986 MSG_ORIG(MSG_ELF_INTERP)) == 0) { 4987 flags |= FLG_SHOW_INTERP; 4988 break; 4989 } 4990 if (strcmp(_cache->c_name, 4991 MSG_ORIG(MSG_ELF_GOT)) == 0) { 4992 flags |= FLG_SHOW_GOT; 4993 break; 4994 } 4995 /* 4996 * The GNU compilers, and amd64 ABI, define 4997 * .eh_frame and .eh_frame_hdr. The Sun 4998 * C++ ABI defines .exception_ranges. 4999 */ 5000 if ((strncmp(_cache->c_name, 5001 MSG_ORIG(MSG_SCN_FRM), 5002 MSG_SCN_FRM_SIZE) == 0) || 5003 (strncmp(_cache->c_name, 5004 MSG_ORIG(MSG_SCN_EXRANGE), 5005 MSG_SCN_EXRANGE_SIZE) == 0)) { 5006 flags |= FLG_SHOW_UNWIND; 5007 break; 5008 } 5009 break; 5010 5011 case SHT_SYMTAB: 5012 case SHT_DYNSYM: 5013 case SHT_SUNW_LDYNSYM: 5014 case SHT_SUNW_versym: 5015 case SHT_SYMTAB_SHNDX: 5016 flags |= FLG_SHOW_SYMBOLS; 5017 break; 5018 5019 case SHT_RELA: 5020 case SHT_REL: 5021 flags |= FLG_SHOW_RELOC; 5022 break; 5023 5024 case SHT_HASH: 5025 flags |= FLG_SHOW_HASH; 5026 break; 5027 5028 case SHT_DYNAMIC: 5029 flags |= FLG_SHOW_DYNAMIC; 5030 break; 5031 5032 case SHT_NOTE: 5033 flags |= FLG_SHOW_NOTE; 5034 break; 5035 5036 case SHT_GROUP: 5037 flags |= FLG_SHOW_GROUP; 5038 break; 5039 5040 case SHT_SUNW_symsort: 5041 case SHT_SUNW_tlssort: 5042 flags |= FLG_SHOW_SORT; 5043 break; 5044 5045 case SHT_SUNW_cap: 5046 flags |= FLG_SHOW_CAP; 5047 break; 5048 5049 case SHT_SUNW_move: 5050 flags |= FLG_SHOW_MOVE; 5051 break; 5052 5053 case SHT_SUNW_syminfo: 5054 flags |= FLG_SHOW_SYMINFO; 5055 break; 5056 5057 case SHT_SUNW_verdef: 5058 case SHT_SUNW_verneed: 5059 flags |= FLG_SHOW_VERSIONS; 5060 break; 5061 5062 case SHT_AMD64_UNWIND: 5063 flags |= FLG_SHOW_UNWIND; 5064 break; 5065 } 5066 } 5067 } 5068 5069 5070 if (flags & FLG_SHOW_SHDR) 5071 sections(file, cache, shnum, ehdr, osabi); 5072 5073 if (flags & FLG_SHOW_INTERP) 5074 interp(file, cache, shnum, phnum, elf); 5075 5076 if ((osabi == ELFOSABI_SOLARIS) || (osabi == ELFOSABI_LINUX)) 5077 versions(cache, shnum, file, flags, &versym); 5078 5079 if (flags & FLG_SHOW_SYMBOLS) 5080 symbols(cache, shnum, ehdr, osabi, &versym, file, flags); 5081 5082 if ((flags & FLG_SHOW_SORT) && (osabi == ELFOSABI_SOLARIS)) 5083 sunw_sort(cache, shnum, ehdr, osabi, &versym, file, flags); 5084 5085 if (flags & FLG_SHOW_HASH) 5086 hash(cache, shnum, file, flags); 5087 5088 if (flags & FLG_SHOW_GOT) 5089 got(cache, shnum, ehdr, file); 5090 5091 if (flags & FLG_SHOW_GROUP) 5092 group(cache, shnum, file, flags); 5093 5094 if (flags & FLG_SHOW_SYMINFO) 5095 syminfo(cache, shnum, ehdr, osabi, file); 5096 5097 if (flags & FLG_SHOW_RELOC) 5098 reloc(cache, shnum, ehdr, file); 5099 5100 if (flags & FLG_SHOW_DYNAMIC) 5101 dynamic(cache, shnum, ehdr, osabi, file); 5102 5103 if (flags & FLG_SHOW_NOTE) { 5104 Word note_cnt; 5105 size_t note_shnum; 5106 Cache *note_cache; 5107 5108 note_cnt = note(cache, shnum, ehdr, file); 5109 5110 /* 5111 * Solaris core files have section headers, but these 5112 * headers do not include SHT_NOTE sections that reference 5113 * the core note sections. This means that note() won't 5114 * find the core notes. Fake section headers (-P option) 5115 * recover these sections, but it is inconvenient to require 5116 * users to specify -P in this situation. If the following 5117 * are all true: 5118 * 5119 * - No note sections were found 5120 * - This is a core file 5121 * - We are not already using fake section headers 5122 * 5123 * then we will automatically generate fake section headers 5124 * and then process them in a second call to note(). 5125 */ 5126 if ((note_cnt == 0) && (ehdr->e_type == ET_CORE) && 5127 !(flags & FLG_CTL_FAKESHDR) && 5128 (fake_shdr_cache(file, fd, elf, ehdr, 5129 ¬e_cache, ¬e_shnum) != 0)) { 5130 (void) note(note_cache, note_shnum, ehdr, file); 5131 fake_shdr_cache_free(note_cache, note_shnum); 5132 } 5133 } 5134 5135 if ((flags & FLG_SHOW_MOVE) && (osabi == ELFOSABI_SOLARIS)) 5136 move(cache, shnum, file, flags); 5137 5138 if (flags & FLG_CALC_CHECKSUM) 5139 checksum(elf); 5140 5141 if ((flags & FLG_SHOW_CAP) && (osabi == ELFOSABI_SOLARIS)) 5142 cap(file, cache, shnum, phnum, ehdr, osabi, elf, flags); 5143 5144 if ((flags & FLG_SHOW_UNWIND) && 5145 ((osabi == ELFOSABI_SOLARIS) || (osabi == ELFOSABI_LINUX))) 5146 unwind(cache, shnum, phnum, ehdr, osabi, file, elf, flags); 5147 5148 5149 /* Release the memory used to cache section headers */ 5150 done: 5151 if (flags & FLG_CTL_FAKESHDR) 5152 fake_shdr_cache_free(cache, shnum); 5153 else 5154 free(cache); 5155 5156 return (ret); 5157 } 5158