1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 /* 28 * Dump an elf file. 29 */ 30 #include <sys/elf_386.h> 31 #include <sys/elf_amd64.h> 32 #include <sys/elf_SPARC.h> 33 #include <_libelf.h> 34 #include <dwarf.h> 35 #include <stdio.h> 36 #include <unistd.h> 37 #include <errno.h> 38 #include <strings.h> 39 #include <debug.h> 40 #include <conv.h> 41 #include <msg.h> 42 #include <_elfdump.h> 43 44 45 /* 46 * VERSYM_STATE is used to maintain information about the VERSYM section 47 * in the object being analyzed. It is filled in by versions(), and used 48 * by init_symtbl_state() when displaying symbol information. 49 * 50 * There are three forms of symbol versioning known to us: 51 * 52 * 1) The original form, introduced with Solaris 2.5, in which 53 * the Versym contains indexes to Verdef records, and the 54 * Versym values for UNDEF symbols resolved by other objects 55 * are all set to 0. 56 * 2) The GNU form, which is backward compatible with the original 57 * Solaris form, but which adds several extensions: 58 * - The Versym also contains indexes to Verneed records, recording 59 * which object/version contributed the external symbol at 60 * link time. These indexes start with the next value following 61 * the final Verdef index. The index is written to the previously 62 * reserved vna_other field of the ELF Vernaux structure. 63 * - The top bit of the Versym value is no longer part of the index, 64 * but is used as a "hidden bit" to prevent binding to the symbol. 65 * - Multiple implementations of a given symbol, contained in varying 66 * versions are allowed, using special assembler pseudo ops, 67 * and encoded in the symbol name using '@' characters. 68 * 3) Modified Solaris form, in which we adopt the first GNU extension 69 * (Versym indexes to Verneed records), but not the others. 70 * 71 * elfdump can handle any of these cases. The presence of a DT_VERSYM 72 * dynamic element indicates a full GNU object. An object that lacks 73 * a DT_VERSYM entry, but which has non-zero vna_other fields in the Vernaux 74 * structures is a modified Solaris object. An object that has neither of 75 * these uses the original form. 76 * 77 * max_verndx contains the largest version index that can appear 78 * in a Versym entry. This can never be less than 1: In the case where 79 * there is no verdef/verneed sections, the [0] index is reserved 80 * for local symbols, and the [1] index for globals. If the original 81 * Solaris versioning rules are in effect and there is a verdef section, 82 * then max_verndex is the number of defined versions. If one of the 83 * other versioning forms is in effect, then: 84 * 1) If there is no verneed section, it is the same as for 85 * original Solaris versioning. 86 * 2) If there is a verneed section, the vna_other field of the 87 * Vernaux structs contain versions, and max_verndx is the 88 * largest such index. 89 * 90 * If gnu_full is True, the object uses the full GNU form of versioning. 91 * The value of the gnu_full field is based on the presence of 92 * a DT_VERSYM entry in the dynamic section: GNU ld produces these, and 93 * Solaris ld does not. 94 * 95 * The gnu_needed field is True if the Versym contains indexes to 96 * Verneed records, as indicated by non-zero vna_other fields in the Verneed 97 * section. If gnu_full is True, then gnu_needed will always be true. 98 * However, gnu_needed can be true without gnu_full. This is the modified 99 * Solaris form. 100 */ 101 typedef struct { 102 Cache *cache; /* Pointer to cache entry for VERSYM */ 103 Versym *data; /* Pointer to versym array */ 104 int gnu_full; /* True if object uses GNU versioning rules */ 105 int gnu_needed; /* True if object uses VERSYM indexes for */ 106 /* VERNEED (subset of gnu_full) */ 107 int max_verndx; /* largest versym index value */ 108 } VERSYM_STATE; 109 110 /* 111 * SYMTBL_STATE is used to maintain information about a single symbol 112 * table section, for use by the routines that display symbol information. 113 */ 114 typedef struct { 115 const char *file; /* Name of file */ 116 Ehdr *ehdr; /* ELF header for file */ 117 Cache *cache; /* Cache of all section headers */ 118 Word shnum; /* # of sections in cache */ 119 Cache *seccache; /* Cache of symbol table section hdr */ 120 Word secndx; /* Index of symbol table section hdr */ 121 const char *secname; /* Name of section */ 122 uint_t flags; /* Command line option flags */ 123 struct { /* Extended section index data */ 124 int checked; /* TRUE if already checked for shxndx */ 125 Word *data; /* NULL, or extended section index */ 126 /* used for symbol table entries */ 127 uint_t n; /* # items in shxndx.data */ 128 } shxndx; 129 VERSYM_STATE *versym; /* NULL, or associated VERSYM section */ 130 Sym *sym; /* Array of symbols */ 131 Word symn; /* # of symbols */ 132 } SYMTBL_STATE; 133 134 135 136 /* 137 * Focal point for verifying symbol names. 138 */ 139 static const char * 140 string(Cache *refsec, Word ndx, Cache *strsec, const char *file, Word name) 141 { 142 /* 143 * If an error in this routine is due to a property of the string 144 * section, as opposed to a bad offset into the section (a property of 145 * the referencing section), then we will detect the same error on 146 * every call involving those sections. We use these static variables 147 * to retain the information needed to only issue each such error once. 148 */ 149 static Cache *last_refsec; /* Last referencing section seen */ 150 static int strsec_err; /* True if error issued */ 151 152 const char *strs; 153 Word strn; 154 155 if (strsec->c_data == NULL) 156 return (NULL); 157 158 strs = (char *)strsec->c_data->d_buf; 159 strn = strsec->c_data->d_size; 160 161 /* 162 * We only print a diagnostic regarding a bad string table once per 163 * input section being processed. If the refsec has changed, reset 164 * our retained error state. 165 */ 166 if (last_refsec != refsec) { 167 last_refsec = refsec; 168 strsec_err = 0; 169 } 170 171 /* Verify that strsec really is a string table */ 172 if (strsec->c_shdr->sh_type != SHT_STRTAB) { 173 if (!strsec_err) { 174 (void) fprintf(stderr, MSG_INTL(MSG_ERR_NOTSTRTAB), 175 file, strsec->c_ndx, refsec->c_ndx); 176 strsec_err = 1; 177 } 178 return (MSG_INTL(MSG_STR_UNKNOWN)); 179 } 180 181 /* 182 * Is the string table offset within range of the available strings? 183 */ 184 if (name >= strn) { 185 /* 186 * Do we have a empty string table? 187 */ 188 if (strs == NULL) { 189 if (!strsec_err) { 190 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 191 file, strsec->c_name); 192 strsec_err = 1; 193 } 194 } else { 195 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSTOFF), 196 file, refsec->c_name, EC_WORD(ndx), strsec->c_name, 197 EC_WORD(name), EC_WORD(strn - 1)); 198 } 199 200 /* 201 * Return the empty string so that the calling function can 202 * continue it's output diagnostics. 203 */ 204 return (MSG_INTL(MSG_STR_UNKNOWN)); 205 } 206 return (strs + name); 207 } 208 209 /* 210 * Relocations can reference section symbols and standard symbols. If the 211 * former, establish the section name. 212 */ 213 static const char * 214 relsymname(Cache *cache, Cache *csec, Cache *strsec, Word symndx, Word symnum, 215 Word relndx, Sym *syms, char *secstr, size_t secsz, const char *file) 216 { 217 Sym *sym; 218 const char *name; 219 220 if (symndx >= symnum) { 221 (void) fprintf(stderr, MSG_INTL(MSG_ERR_RELBADSYMNDX), 222 file, EC_WORD(symndx), EC_WORD(relndx)); 223 return (MSG_INTL(MSG_STR_UNKNOWN)); 224 } 225 226 sym = (Sym *)(syms + symndx); 227 name = string(csec, symndx, strsec, file, sym->st_name); 228 229 /* 230 * If the symbol represents a section offset construct an appropriate 231 * string. Note, although section symbol table entries typically have 232 * a NULL name pointer, entries do exist that point into the string 233 * table to their own NULL strings. 234 */ 235 if ((ELF_ST_TYPE(sym->st_info) == STT_SECTION) && 236 ((sym->st_name == 0) || (*name == '\0'))) { 237 (void) snprintf(secstr, secsz, MSG_INTL(MSG_STR_SECTION), 238 cache[sym->st_shndx].c_name); 239 return ((const char *)secstr); 240 } 241 242 return (name); 243 } 244 245 /* 246 * Focal point for establishing a string table section. Data such as the 247 * dynamic information simply points to a string table. Data such as 248 * relocations, reference a symbol table, which in turn is associated with a 249 * string table. 250 */ 251 static int 252 stringtbl(Cache *cache, int symtab, Word ndx, Word shnum, const char *file, 253 Word *symnum, Cache **symsec, Cache **strsec) 254 { 255 Shdr *shdr = cache[ndx].c_shdr; 256 257 if (symtab) { 258 /* 259 * Validate the symbol table section. 260 */ 261 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 262 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 263 file, cache[ndx].c_name, EC_WORD(shdr->sh_link)); 264 return (0); 265 } 266 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 267 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 268 file, cache[ndx].c_name); 269 return (0); 270 } 271 272 /* 273 * Obtain, and verify the symbol table data. 274 */ 275 if ((cache[ndx].c_data == NULL) || 276 (cache[ndx].c_data->d_buf == NULL)) { 277 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 278 file, cache[ndx].c_name); 279 return (0); 280 } 281 282 /* 283 * Establish the string table index. 284 */ 285 ndx = shdr->sh_link; 286 shdr = cache[ndx].c_shdr; 287 288 /* 289 * Return symbol table information. 290 */ 291 if (symnum) 292 *symnum = (shdr->sh_size / shdr->sh_entsize); 293 if (symsec) 294 *symsec = &cache[ndx]; 295 } 296 297 /* 298 * Validate the associated string table section. 299 */ 300 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 301 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 302 file, cache[ndx].c_name, EC_WORD(shdr->sh_link)); 303 return (0); 304 } 305 306 if (strsec) 307 *strsec = &cache[shdr->sh_link]; 308 309 return (1); 310 } 311 312 /* 313 * Lookup a symbol and set Sym accordingly. 314 */ 315 static int 316 symlookup(const char *name, Cache *cache, Word shnum, Sym **sym, 317 Cache *symtab, const char *file) 318 { 319 Shdr *shdr; 320 Word symn, cnt; 321 Sym *syms; 322 323 if (symtab == 0) 324 return (0); 325 326 shdr = symtab->c_shdr; 327 328 /* 329 * Determine the symbol data and number. 330 */ 331 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 332 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 333 file, symtab->c_name); 334 return (0); 335 } 336 if (symtab->c_data == NULL) 337 return (0); 338 339 /* LINTED */ 340 symn = (Word)(shdr->sh_size / shdr->sh_entsize); 341 syms = (Sym *)symtab->c_data->d_buf; 342 343 /* 344 * Get the associated string table section. 345 */ 346 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 347 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 348 file, symtab->c_name, EC_WORD(shdr->sh_link)); 349 return (0); 350 } 351 352 /* 353 * Loop through the symbol table to find a match. 354 */ 355 for (cnt = 0; cnt < symn; syms++, cnt++) { 356 const char *symname; 357 358 symname = string(symtab, cnt, &cache[shdr->sh_link], file, 359 syms->st_name); 360 361 if (symname && (strcmp(name, symname) == 0)) { 362 *sym = syms; 363 return (1); 364 } 365 } 366 return (0); 367 } 368 369 /* 370 * Print section headers. 371 */ 372 static void 373 sections(const char *file, Cache *cache, Word shnum, Ehdr *ehdr) 374 { 375 size_t seccnt; 376 377 for (seccnt = 1; seccnt < shnum; seccnt++) { 378 Cache *_cache = &cache[seccnt]; 379 Shdr *shdr = _cache->c_shdr; 380 const char *secname = _cache->c_name; 381 382 /* 383 * Although numerous section header entries can be zero, it's 384 * usually a sign of trouble if the type is zero. 385 */ 386 if (shdr->sh_type == 0) { 387 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHTYPE), 388 file, secname, EC_WORD(shdr->sh_type)); 389 } 390 391 if (!match(MATCH_F_ALL, secname, seccnt, shdr->sh_type)) 392 continue; 393 394 /* 395 * Identify any sections that are suspicious. A .got section 396 * shouldn't exist in a relocatable object. 397 */ 398 if (ehdr->e_type == ET_REL) { 399 if (strncmp(secname, MSG_ORIG(MSG_ELF_GOT), 400 MSG_ELF_GOT_SIZE) == 0) { 401 (void) fprintf(stderr, 402 MSG_INTL(MSG_GOT_UNEXPECTED), file, 403 secname); 404 } 405 } 406 407 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 408 dbg_print(0, MSG_INTL(MSG_ELF_SHDR), EC_WORD(seccnt), secname); 409 Elf_shdr(0, ehdr->e_machine, shdr); 410 } 411 } 412 413 /* 414 * Obtain a specified Phdr entry. 415 */ 416 static Phdr * 417 getphdr(Word phnum, Word *type_arr, Word type_cnt, const char *file, Elf *elf) 418 { 419 Word cnt, tcnt; 420 Phdr *phdr; 421 422 if ((phdr = elf_getphdr(elf)) == NULL) { 423 failure(file, MSG_ORIG(MSG_ELF_GETPHDR)); 424 return (NULL); 425 } 426 427 for (cnt = 0; cnt < phnum; phdr++, cnt++) { 428 for (tcnt = 0; tcnt < type_cnt; tcnt++) { 429 if (phdr->p_type == type_arr[tcnt]) 430 return (phdr); 431 } 432 } 433 return (NULL); 434 } 435 436 static void 437 unwind(Cache *cache, Word shnum, Word phnum, Ehdr *ehdr, const char *file, 438 Elf *elf, uint_t flags) 439 { 440 #if defined(_ELF64) 441 #define MSG_UNW_BINSRTAB2 MSG_UNW_BINSRTAB2_64 442 #define MSG_UNW_BINSRTABENT MSG_UNW_BINSRTABENT_64 443 #else 444 #define MSG_UNW_BINSRTAB2 MSG_UNW_BINSRTAB2_32 445 #define MSG_UNW_BINSRTABENT MSG_UNW_BINSRTABENT_32 446 #endif 447 448 static Word phdr_types[] = { PT_SUNW_UNWIND, PT_SUNW_EH_FRAME }; 449 450 int frame_cnt = 0, hdr_cnt = 0, frame_ndx, hdr_ndx; 451 uint64_t save_frame_ptr, save_frame_base; 452 Conv_dwarf_ehe_buf_t dwarf_ehe_buf; 453 Word cnt; 454 Phdr *uphdr = NULL; 455 456 /* 457 * Historical background: .eh_frame and .eh_frame_hdr sections 458 * come from the GNU compilers (particularly C++), and are used 459 * under all architectures. Their format is based on DWARF. When 460 * the amd64 ABI was defined, these sections were adopted wholesale 461 * from the existing practice. 462 * 463 * When amd64 support was added to Solaris, support for these 464 * sections was added, using the SHT_AMD64_UNWIND section type 465 * to identify them. At first, we ignored them in objects for 466 * non-amd64 targets, but later broadened our support to include 467 * other architectures in order to better support gcc-generated 468 * objects. 469 * 470 * We match these sections by name, rather than section type, 471 * because they can come in as either SHT_AMD64_UNWIND, or as 472 * SHT_PROGBITS, and because we need to distinquish between 473 * the two types (.eh_frame and .eh_frame_hdr). 474 */ 475 476 if (phnum) 477 uphdr = getphdr(phnum, phdr_types, 478 sizeof (phdr_types) / sizeof (*phdr_types), file, elf); 479 480 for (cnt = 1; cnt < shnum; cnt++) { 481 Cache *_cache = &cache[cnt]; 482 Shdr *shdr = _cache->c_shdr; 483 uchar_t *data; 484 size_t datasize; 485 uint64_t ndx, frame_ptr, fde_cnt, tabndx; 486 uint_t vers, frame_ptr_enc, fde_cnt_enc, table_enc; 487 488 /* 489 * Skip sections of the wrong type. On amd64, Solaris tags 490 * these as SHT_AMD64_UNWIND, while gcc started out issuing 491 * them as SHT_PROGBITS and switched over when the amd64 ABI 492 * was finalized. On non-amd64, they're all SHT_PROGBITS. 493 */ 494 switch (shdr->sh_type) { 495 case SHT_PROGBITS: 496 if (ehdr->e_machine == EM_AMD64) 497 continue; 498 break; 499 case SHT_AMD64_UNWIND: 500 if (ehdr->e_machine != EM_AMD64) 501 continue; 502 break; 503 default: 504 continue; 505 } 506 507 /* 508 * Only sections with names starting with .eh_frame or 509 * .eh_frame_hdr are of interest. We do a prefix comparison, 510 * allowing for naming conventions like .eh_frame.foo, hence 511 * the use of strncmp() rather than strcmp(). This means that 512 * we only really need to test for .eh_frame, as it's a 513 * prefix of .eh_frame_hdr. 514 */ 515 if (strncmp(_cache->c_name, MSG_ORIG(MSG_SCN_FRM), 516 MSG_SCN_FRM_SIZE) != 0) 517 continue; 518 519 if (!match(MATCH_F_ALL, _cache->c_name, cnt, shdr->sh_type)) 520 continue; 521 522 if (_cache->c_data == NULL) 523 continue; 524 525 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 526 dbg_print(0, MSG_INTL(MSG_ELF_SCN_UNWIND), _cache->c_name); 527 528 data = (uchar_t *)(_cache->c_data->d_buf); 529 datasize = _cache->c_data->d_size; 530 531 /* 532 * Is this a .eh_frame_hdr 533 */ 534 if ((uphdr && (shdr->sh_addr == uphdr->p_vaddr)) || 535 (strncmp(_cache->c_name, MSG_ORIG(MSG_SCN_FRMHDR), 536 MSG_SCN_FRMHDR_SIZE) == 0)) { 537 /* 538 * There can only be a single .eh_frame_hdr. 539 * Flag duplicates. 540 */ 541 if (++hdr_cnt > 1) 542 (void) fprintf(stderr, 543 MSG_INTL(MSG_ERR_MULTEHFRMHDR), file, 544 EC_WORD(cnt), _cache->c_name); 545 546 dbg_print(0, MSG_ORIG(MSG_UNW_FRMHDR)); 547 ndx = 0; 548 549 vers = data[ndx++]; 550 frame_ptr_enc = data[ndx++]; 551 fde_cnt_enc = data[ndx++]; 552 table_enc = data[ndx++]; 553 554 dbg_print(0, MSG_ORIG(MSG_UNW_FRMVERS), vers); 555 556 frame_ptr = dwarf_ehe_extract(data, &ndx, frame_ptr_enc, 557 ehdr->e_ident, shdr->sh_addr, ndx); 558 if (hdr_cnt == 1) { 559 hdr_ndx = cnt; 560 save_frame_ptr = frame_ptr; 561 } 562 563 dbg_print(0, MSG_ORIG(MSG_UNW_FRPTRENC), 564 conv_dwarf_ehe(frame_ptr_enc, &dwarf_ehe_buf), 565 EC_XWORD(frame_ptr)); 566 567 fde_cnt = dwarf_ehe_extract(data, &ndx, fde_cnt_enc, 568 ehdr->e_ident, shdr->sh_addr, ndx); 569 570 dbg_print(0, MSG_ORIG(MSG_UNW_FDCNENC), 571 conv_dwarf_ehe(fde_cnt_enc, &dwarf_ehe_buf), 572 EC_XWORD(fde_cnt)); 573 dbg_print(0, MSG_ORIG(MSG_UNW_TABENC), 574 conv_dwarf_ehe(table_enc, &dwarf_ehe_buf)); 575 dbg_print(0, MSG_ORIG(MSG_UNW_BINSRTAB1)); 576 dbg_print(0, MSG_ORIG(MSG_UNW_BINSRTAB2)); 577 578 for (tabndx = 0; tabndx < fde_cnt; tabndx++) { 579 dbg_print(0, MSG_ORIG(MSG_UNW_BINSRTABENT), 580 EC_XWORD(dwarf_ehe_extract(data, &ndx, 581 table_enc, ehdr->e_ident, shdr->sh_addr, 582 ndx)), 583 EC_XWORD(dwarf_ehe_extract(data, &ndx, 584 table_enc, ehdr->e_ident, shdr->sh_addr, 585 ndx))); 586 } 587 } else { /* Display the .eh_frame section */ 588 frame_cnt++; 589 if (frame_cnt == 1) { 590 frame_ndx = cnt; 591 save_frame_base = shdr->sh_addr; 592 } else if ((frame_cnt > 1) && 593 (ehdr->e_type != ET_REL)) { 594 Conv_inv_buf_t inv_buf; 595 596 (void) fprintf(stderr, 597 MSG_INTL(MSG_WARN_MULTEHFRM), file, 598 EC_WORD(cnt), _cache->c_name, 599 conv_ehdr_type(ehdr->e_type, 0, &inv_buf)); 600 } 601 dump_eh_frame(data, datasize, shdr->sh_addr, 602 ehdr->e_machine, ehdr->e_ident); 603 } 604 605 /* 606 * If we've seen the .eh_frame_hdr and the first .eh_frame 607 * section, compare the header frame_ptr to the address of the 608 * actual frame section to ensure the link-editor got this 609 * right. Note, this diagnostic is only produced when unwind 610 * information is explicitly asked for, as shared objects built 611 * with an older ld(1) may reveal this inconsistency. Although 612 * an inconsistency, it doesn't seem to have any adverse effect 613 * on existing tools. 614 */ 615 if (((flags & FLG_MASK_SHOW) != FLG_MASK_SHOW) && 616 (hdr_cnt > 0) && (frame_cnt > 0) && 617 (save_frame_ptr != save_frame_base)) 618 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADEHFRMPTR), 619 file, EC_WORD(hdr_ndx), cache[hdr_ndx].c_name, 620 EC_XWORD(save_frame_ptr), EC_WORD(frame_ndx), 621 cache[frame_ndx].c_name, EC_XWORD(save_frame_base)); 622 } 623 624 #undef MSG_UNW_BINSRTAB2 625 #undef MSG_UNW_BINSRTABENT 626 } 627 628 /* 629 * Print the hardware/software capabilities. For executables and shared objects 630 * this should be accompanied with a program header. 631 */ 632 static void 633 cap(const char *file, Cache *cache, Word shnum, Word phnum, Ehdr *ehdr, 634 Elf *elf) 635 { 636 Word cnt; 637 Shdr *cshdr = NULL; 638 Cache *ccache; 639 Off cphdr_off = 0; 640 Xword cphdr_sz; 641 642 /* 643 * Determine if a hardware/software capabilities header exists. 644 */ 645 if (phnum) { 646 Phdr *phdr; 647 648 if ((phdr = elf_getphdr(elf)) == NULL) { 649 failure(file, MSG_ORIG(MSG_ELF_GETPHDR)); 650 return; 651 } 652 653 for (cnt = 0; cnt < phnum; phdr++, cnt++) { 654 if (phdr->p_type == PT_SUNWCAP) { 655 cphdr_off = phdr->p_offset; 656 cphdr_sz = phdr->p_filesz; 657 break; 658 } 659 } 660 } 661 662 /* 663 * Determine if a hardware/software capabilities section exists. 664 */ 665 for (cnt = 1; cnt < shnum; cnt++) { 666 Cache *_cache = &cache[cnt]; 667 Shdr *shdr = _cache->c_shdr; 668 669 if (shdr->sh_type != SHT_SUNW_cap) 670 continue; 671 672 if (cphdr_off && ((cphdr_off < shdr->sh_offset) || 673 (cphdr_off + cphdr_sz) > (shdr->sh_offset + shdr->sh_size))) 674 continue; 675 676 if (_cache->c_data == NULL) 677 continue; 678 679 ccache = _cache; 680 cshdr = shdr; 681 break; 682 } 683 684 if ((cshdr == NULL) && (cphdr_off == 0)) 685 return; 686 687 /* 688 * Print the hardware/software capabilities section. 689 */ 690 if (cshdr) { 691 Word ndx, capn; 692 Cap *cap = (Cap *)ccache->c_data->d_buf; 693 694 if ((cshdr->sh_entsize == 0) || (cshdr->sh_size == 0)) { 695 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 696 file, ccache->c_name); 697 return; 698 } 699 700 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 701 dbg_print(0, MSG_INTL(MSG_ELF_SCN_CAP), ccache->c_name); 702 703 Elf_cap_title(0); 704 705 capn = (Word)(cshdr->sh_size / cshdr->sh_entsize); 706 707 for (ndx = 0; ndx < capn; cap++, ndx++) { 708 if (cap->c_tag == CA_SUNW_NULL) 709 continue; 710 711 Elf_cap_entry(0, cap, ndx, ehdr->e_machine); 712 713 /* 714 * An SF1_SUNW_ADDR32 software capability in a 32-bit 715 * object is suspicious as it has no effect. 716 */ 717 if ((cap->c_tag == CA_SUNW_SF_1) && 718 (ehdr->e_ident[EI_CLASS] == ELFCLASS32) && 719 (cap->c_un.c_val & SF1_SUNW_ADDR32)) { 720 (void) fprintf(stderr, 721 MSG_INTL(MSG_WARN_INADDR32SF1), 722 file, ccache->c_name); 723 } 724 } 725 } else 726 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVCAP1), file); 727 728 /* 729 * If this object is an executable or shared object, then the 730 * hardware/software capabilities section should have an accompanying 731 * program header. 732 */ 733 if (cshdr && ((ehdr->e_type == ET_EXEC) || (ehdr->e_type == ET_DYN))) { 734 if (cphdr_off == 0) 735 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVCAP2), 736 file, ccache->c_name); 737 else if ((cphdr_off != cshdr->sh_offset) || 738 (cphdr_sz != cshdr->sh_size)) 739 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVCAP3), 740 file, ccache->c_name); 741 } 742 } 743 744 /* 745 * Print the interpretor. 746 */ 747 static void 748 interp(const char *file, Cache *cache, Word shnum, Word phnum, Elf *elf) 749 { 750 static Word phdr_types[] = { PT_INTERP }; 751 752 753 Word cnt; 754 Shdr *ishdr = NULL; 755 Cache *icache; 756 Off iphdr_off = 0; 757 Xword iphdr_fsz; 758 759 /* 760 * Determine if an interp header exists. 761 */ 762 if (phnum) { 763 Phdr *phdr; 764 765 phdr = getphdr(phnum, phdr_types, 766 sizeof (phdr_types) / sizeof (*phdr_types), file, elf); 767 if (phdr != NULL) { 768 iphdr_off = phdr->p_offset; 769 iphdr_fsz = phdr->p_filesz; 770 } 771 } 772 773 if (iphdr_off == 0) 774 return; 775 776 /* 777 * Determine if an interp section exists. 778 */ 779 for (cnt = 1; cnt < shnum; cnt++) { 780 Cache *_cache = &cache[cnt]; 781 Shdr *shdr = _cache->c_shdr; 782 783 /* 784 * Scan sections to find a section which contains the PT_INTERP 785 * string. The target section can't be in a NOBITS section. 786 */ 787 if ((shdr->sh_type == SHT_NOBITS) || 788 (iphdr_off < shdr->sh_offset) || 789 (iphdr_off + iphdr_fsz) > (shdr->sh_offset + shdr->sh_size)) 790 continue; 791 792 icache = _cache; 793 ishdr = shdr; 794 break; 795 } 796 797 /* 798 * Print the interpreter string based on the offset defined in the 799 * program header, as this is the offset used by the kernel. 800 */ 801 if (ishdr && icache->c_data) { 802 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 803 dbg_print(0, MSG_INTL(MSG_ELF_SCN_INTERP), icache->c_name); 804 dbg_print(0, MSG_ORIG(MSG_FMT_INDENT), 805 (char *)icache->c_data->d_buf + 806 (iphdr_off - ishdr->sh_offset)); 807 } else 808 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVINTERP1), file); 809 810 /* 811 * If there are any inconsistences between the program header and 812 * section information, flag them. 813 */ 814 if (ishdr && ((iphdr_off != ishdr->sh_offset) || 815 (iphdr_fsz != ishdr->sh_size))) { 816 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVINTERP2), file, 817 icache->c_name); 818 } 819 } 820 821 /* 822 * Print the syminfo section. 823 */ 824 static void 825 syminfo(Cache *cache, Word shnum, const char *file) 826 { 827 Shdr *infoshdr; 828 Syminfo *info; 829 Sym *syms; 830 Dyn *dyns; 831 Word infonum, cnt, ndx, symnum; 832 Cache *infocache = NULL, *symsec, *strsec; 833 834 for (cnt = 1; cnt < shnum; cnt++) { 835 if (cache[cnt].c_shdr->sh_type == SHT_SUNW_syminfo) { 836 infocache = &cache[cnt]; 837 break; 838 } 839 } 840 if (infocache == NULL) 841 return; 842 843 infoshdr = infocache->c_shdr; 844 if ((infoshdr->sh_entsize == 0) || (infoshdr->sh_size == 0)) { 845 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 846 file, infocache->c_name); 847 return; 848 } 849 if (infocache->c_data == NULL) 850 return; 851 852 infonum = (Word)(infoshdr->sh_size / infoshdr->sh_entsize); 853 info = (Syminfo *)infocache->c_data->d_buf; 854 855 /* 856 * Get the data buffer of the associated dynamic section. 857 */ 858 if ((infoshdr->sh_info == 0) || (infoshdr->sh_info >= shnum)) { 859 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHINFO), 860 file, infocache->c_name, EC_WORD(infoshdr->sh_info)); 861 return; 862 } 863 if (cache[infoshdr->sh_info].c_data == NULL) 864 return; 865 866 dyns = cache[infoshdr->sh_info].c_data->d_buf; 867 if (dyns == NULL) { 868 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 869 file, cache[infoshdr->sh_info].c_name); 870 return; 871 } 872 873 /* 874 * Get the data buffer for the associated symbol table and string table. 875 */ 876 if (stringtbl(cache, 1, cnt, shnum, file, 877 &symnum, &symsec, &strsec) == 0) 878 return; 879 880 syms = symsec->c_data->d_buf; 881 882 /* 883 * Loop through the syminfo entries. 884 */ 885 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 886 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMINFO), infocache->c_name); 887 Elf_syminfo_title(0); 888 889 for (ndx = 1, info++; ndx < infonum; ndx++, info++) { 890 Sym *sym; 891 const char *needed = NULL, *name; 892 893 if ((info->si_flags == 0) && (info->si_boundto == 0)) 894 continue; 895 896 sym = &syms[ndx]; 897 name = string(infocache, ndx, strsec, file, sym->st_name); 898 899 if (info->si_boundto < SYMINFO_BT_LOWRESERVE) { 900 Dyn *dyn = &dyns[info->si_boundto]; 901 902 needed = string(infocache, info->si_boundto, 903 strsec, file, dyn->d_un.d_val); 904 } 905 Elf_syminfo_entry(0, ndx, info, name, needed); 906 } 907 } 908 909 /* 910 * Print version definition section entries. 911 */ 912 static void 913 version_def(Verdef *vdf, Word vdf_num, Cache *vcache, Cache *scache, 914 const char *file) 915 { 916 Word cnt; 917 char index[MAXNDXSIZE]; 918 919 Elf_ver_def_title(0); 920 921 for (cnt = 1; cnt <= vdf_num; cnt++, 922 vdf = (Verdef *)((uintptr_t)vdf + vdf->vd_next)) { 923 Conv_ver_flags_buf_t ver_flags_buf; 924 const char *name, *dep; 925 Half vcnt = vdf->vd_cnt - 1; 926 Half ndx = vdf->vd_ndx; 927 Verdaux *vdap = (Verdaux *)((uintptr_t)vdf + vdf->vd_aux); 928 929 /* 930 * Obtain the name and first dependency (if any). 931 */ 932 name = string(vcache, cnt, scache, file, vdap->vda_name); 933 vdap = (Verdaux *)((uintptr_t)vdap + vdap->vda_next); 934 if (vcnt) 935 dep = string(vcache, cnt, scache, file, vdap->vda_name); 936 else 937 dep = MSG_ORIG(MSG_STR_EMPTY); 938 939 (void) snprintf(index, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INDEX), 940 EC_XWORD(ndx)); 941 Elf_ver_line_1(0, index, name, dep, 942 conv_ver_flags(vdf->vd_flags, 0, &ver_flags_buf)); 943 944 /* 945 * Print any additional dependencies. 946 */ 947 if (vcnt) { 948 vdap = (Verdaux *)((uintptr_t)vdap + vdap->vda_next); 949 for (vcnt--; vcnt; vcnt--, 950 vdap = (Verdaux *)((uintptr_t)vdap + 951 vdap->vda_next)) { 952 dep = string(vcache, cnt, scache, file, 953 vdap->vda_name); 954 Elf_ver_line_2(0, MSG_ORIG(MSG_STR_EMPTY), dep); 955 } 956 } 957 } 958 } 959 960 /* 961 * Print version needed section entries. 962 * 963 * entry: 964 * vnd - Address of verneed data 965 * vnd_num - # of Verneed entries 966 * vcache - Cache of verneed section being processed 967 * scache - Cache of associated string table section 968 * file - Name of object being processed. 969 * versym - Information about versym section 970 * 971 * exit: 972 * The versions have been printed. If GNU style versioning 973 * is in effect, versym->max_verndx has been updated to 974 * contain the largest version index seen. 975 * 976 * note: 977 * The versym section of an object that follows the original 978 * Solaris versioning rules only contains indexes into the verdef 979 * section. Symbols defined in other objects (UNDEF) are given 980 * a version of 0, indicating that they are not defined by 981 * this file, and the Verneed entries do not have associated version 982 * indexes. For these reasons, we do not display a version index 983 * for original-style Verneed sections. 984 * 985 * The GNU versioning extensions alter this: Symbols defined in other 986 * objects receive a version index in the range above those defined 987 * by the Verdef section, and the vna_other field of the Vernaux 988 * structs inside the Verneed section contain the version index for 989 * that item. We therefore display the index when showing the 990 * contents of a GNU style Verneed section. You should not 991 * necessarily expect these indexes to appear in sorted 992 * order --- it seems that the GNU ld assigns the versions as 993 * symbols are encountered during linking, and then the results 994 * are assembled into the Verneed section afterwards. 995 */ 996 static void 997 version_need(Verneed *vnd, Word vnd_num, Cache *vcache, Cache *scache, 998 const char *file, VERSYM_STATE *versym) 999 { 1000 Word cnt; 1001 char index[MAXNDXSIZE]; 1002 const char *index_str; 1003 1004 Elf_ver_need_title(0, versym->gnu_needed); 1005 1006 for (cnt = 1; cnt <= vnd_num; cnt++, 1007 vnd = (Verneed *)((uintptr_t)vnd + vnd->vn_next)) { 1008 Conv_ver_flags_buf_t ver_flags_buf; 1009 const char *name, *dep; 1010 Half vcnt = vnd->vn_cnt; 1011 Vernaux *vnap = (Vernaux *)((uintptr_t)vnd + vnd->vn_aux); 1012 1013 /* 1014 * Obtain the name of the needed file and the version name 1015 * within it that we're dependent on. Note that the count 1016 * should be at least one, otherwise this is a pretty bogus 1017 * entry. 1018 */ 1019 name = string(vcache, cnt, scache, file, vnd->vn_file); 1020 if (vcnt) 1021 dep = string(vcache, cnt, scache, file, vnap->vna_name); 1022 else 1023 dep = MSG_INTL(MSG_STR_NULL); 1024 1025 if (vnap->vna_other == 0) { /* Traditional form */ 1026 index_str = MSG_ORIG(MSG_STR_EMPTY); 1027 } else { /* GNU form */ 1028 index_str = index; 1029 /* Format the version index value */ 1030 (void) snprintf(index, MAXNDXSIZE, 1031 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(vnap->vna_other)); 1032 if (vnap->vna_other > versym->max_verndx) 1033 versym->max_verndx = vnap->vna_other; 1034 } 1035 Elf_ver_line_1(0, index_str, name, dep, 1036 conv_ver_flags(vnap->vna_flags, 0, &ver_flags_buf)); 1037 1038 /* 1039 * Print any additional version dependencies. 1040 */ 1041 if (vcnt) { 1042 vnap = (Vernaux *)((uintptr_t)vnap + vnap->vna_next); 1043 for (vcnt--; vcnt; vcnt--, 1044 vnap = (Vernaux *)((uintptr_t)vnap + 1045 vnap->vna_next)) { 1046 dep = string(vcache, cnt, scache, file, 1047 vnap->vna_name); 1048 if (vnap->vna_other > 0) { 1049 /* Format the next index value */ 1050 (void) snprintf(index, MAXNDXSIZE, 1051 MSG_ORIG(MSG_FMT_INDEX), 1052 EC_XWORD(vnap->vna_other)); 1053 Elf_ver_line_1(0, index, 1054 MSG_ORIG(MSG_STR_EMPTY), dep, 1055 conv_ver_flags(vnap->vna_flags, 1056 0, &ver_flags_buf)); 1057 if (vnap->vna_other > 1058 versym->max_verndx) 1059 versym->max_verndx = 1060 vnap->vna_other; 1061 } else { 1062 Elf_ver_line_3(0, 1063 MSG_ORIG(MSG_STR_EMPTY), dep, 1064 conv_ver_flags(vnap->vna_flags, 1065 0, &ver_flags_buf)); 1066 } 1067 } 1068 } 1069 } 1070 } 1071 1072 /* 1073 * Examine the Verneed section for information related to GNU 1074 * style Versym indexing: 1075 * - A non-zero vna_other field indicates that Versym indexes can 1076 * reference Verneed records. 1077 * - If the object uses GNU style Versym indexing, the 1078 * maximum index value is needed to detect bad Versym entries. 1079 * 1080 * entry: 1081 * vnd - Address of verneed data 1082 * vnd_num - # of Verneed entries 1083 * versym - Information about versym section 1084 * 1085 * exit: 1086 * If a non-zero vna_other field is seen, versym->gnu_needed is set. 1087 * 1088 * versym->max_verndx has been updated to contain the largest 1089 * version index seen. 1090 */ 1091 static void 1092 update_gnu_verndx(Verneed *vnd, Word vnd_num, VERSYM_STATE *versym) 1093 { 1094 Word cnt; 1095 1096 for (cnt = 1; cnt <= vnd_num; cnt++, 1097 vnd = (Verneed *)((uintptr_t)vnd + vnd->vn_next)) { 1098 Half vcnt = vnd->vn_cnt; 1099 Vernaux *vnap = (Vernaux *)((uintptr_t)vnd + vnd->vn_aux); 1100 1101 /* 1102 * A non-zero value of vna_other indicates that this 1103 * object references VERNEED items from the VERSYM 1104 * array. 1105 */ 1106 if (vnap->vna_other != 0) { 1107 versym->gnu_needed = 1; 1108 if (vnap->vna_other > versym->max_verndx) 1109 versym->max_verndx = vnap->vna_other; 1110 } 1111 1112 /* 1113 * Check any additional version dependencies. 1114 */ 1115 if (vcnt) { 1116 vnap = (Vernaux *)((uintptr_t)vnap + vnap->vna_next); 1117 for (vcnt--; vcnt; vcnt--, 1118 vnap = (Vernaux *)((uintptr_t)vnap + 1119 vnap->vna_next)) { 1120 if (vnap->vna_other == 0) 1121 continue; 1122 1123 versym->gnu_needed = 1; 1124 if (vnap->vna_other > versym->max_verndx) 1125 versym->max_verndx = vnap->vna_other; 1126 } 1127 } 1128 } 1129 } 1130 1131 /* 1132 * Display version section information if the flags require it. 1133 * Return version information needed by other output. 1134 * 1135 * entry: 1136 * cache - Cache of all section headers 1137 * shnum - # of sections in cache 1138 * file - Name of file 1139 * flags - Command line option flags 1140 * versym - VERSYM_STATE block to be filled in. 1141 */ 1142 static void 1143 versions(Cache *cache, Word shnum, const char *file, uint_t flags, 1144 VERSYM_STATE *versym) 1145 { 1146 GElf_Word cnt; 1147 Cache *verdef_cache = NULL, *verneed_cache = NULL; 1148 1149 1150 /* Gather information about the version sections */ 1151 bzero(versym, sizeof (*versym)); 1152 versym->max_verndx = 1; 1153 for (cnt = 1; cnt < shnum; cnt++) { 1154 Cache *_cache = &cache[cnt]; 1155 Shdr *shdr = _cache->c_shdr; 1156 Dyn *dyn; 1157 ulong_t numdyn; 1158 1159 switch (shdr->sh_type) { 1160 case SHT_DYNAMIC: 1161 /* 1162 * The GNU ld puts a DT_VERSYM entry in the dynamic 1163 * section so that the runtime linker can use it to 1164 * implement their versioning rules. They allow multiple 1165 * incompatible functions with the same name to exist 1166 * in different versions. The Solaris ld does not 1167 * support this mechanism, and as such, does not 1168 * produce DT_VERSYM. We use this fact to determine 1169 * which ld produced this object, and how to interpret 1170 * the version values. 1171 */ 1172 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0) || 1173 (_cache->c_data == NULL)) 1174 continue; 1175 numdyn = shdr->sh_size / shdr->sh_entsize; 1176 dyn = (Dyn *)_cache->c_data->d_buf; 1177 for (; numdyn-- > 0; dyn++) 1178 if (dyn->d_tag == DT_VERSYM) { 1179 versym->gnu_full = 1180 versym->gnu_needed = 1; 1181 break; 1182 } 1183 break; 1184 1185 case SHT_SUNW_versym: 1186 /* Record data address for later symbol processing */ 1187 if (_cache->c_data != NULL) { 1188 versym->cache = _cache; 1189 versym->data = _cache->c_data->d_buf; 1190 continue; 1191 } 1192 break; 1193 1194 case SHT_SUNW_verdef: 1195 case SHT_SUNW_verneed: 1196 /* 1197 * Ensure the data is non-NULL and the number 1198 * of items is non-zero. Otherwise, we don't 1199 * understand the section, and will not use it. 1200 */ 1201 if ((_cache->c_data == NULL) || 1202 (_cache->c_data->d_buf == NULL)) { 1203 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 1204 file, _cache->c_name); 1205 continue; 1206 } 1207 if (shdr->sh_info == 0) { 1208 (void) fprintf(stderr, 1209 MSG_INTL(MSG_ERR_BADSHINFO), 1210 file, _cache->c_name, 1211 EC_WORD(shdr->sh_info)); 1212 continue; 1213 } 1214 1215 /* Make sure the string table index is in range */ 1216 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 1217 (void) fprintf(stderr, 1218 MSG_INTL(MSG_ERR_BADSHLINK), file, 1219 _cache->c_name, EC_WORD(shdr->sh_link)); 1220 continue; 1221 } 1222 1223 /* 1224 * The section is usable. Save the cache entry. 1225 */ 1226 if (shdr->sh_type == SHT_SUNW_verdef) { 1227 verdef_cache = _cache; 1228 /* 1229 * Under Solaris rules, if there is a verdef 1230 * section, the max versym index is number 1231 * of version definitions it supplies. 1232 */ 1233 versym->max_verndx = shdr->sh_info; 1234 } else { 1235 verneed_cache = _cache; 1236 } 1237 break; 1238 } 1239 } 1240 1241 /* 1242 * If there is a Verneed section, examine it for information 1243 * related to GNU style versioning. 1244 */ 1245 if (verneed_cache != NULL) 1246 update_gnu_verndx((Verneed *)verneed_cache->c_data->d_buf, 1247 verneed_cache->c_shdr->sh_info, versym); 1248 1249 /* 1250 * Now that all the information is available, display the 1251 * Verdef and Verneed section contents, if requested. 1252 */ 1253 if ((flags & FLG_SHOW_VERSIONS) == 0) 1254 return; 1255 if (verdef_cache != NULL) { 1256 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1257 dbg_print(0, MSG_INTL(MSG_ELF_SCN_VERDEF), 1258 verdef_cache->c_name); 1259 version_def((Verdef *)verdef_cache->c_data->d_buf, 1260 verdef_cache->c_shdr->sh_info, verdef_cache, 1261 &cache[verdef_cache->c_shdr->sh_link], file); 1262 } 1263 if (verneed_cache != NULL) { 1264 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1265 dbg_print(0, MSG_INTL(MSG_ELF_SCN_VERNEED), 1266 verneed_cache->c_name); 1267 /* 1268 * If GNU versioning applies to this object, version_need() 1269 * will update versym->max_verndx, and it is not 1270 * necessary to call update_gnu_verndx(). 1271 */ 1272 version_need((Verneed *)verneed_cache->c_data->d_buf, 1273 verneed_cache->c_shdr->sh_info, verneed_cache, 1274 &cache[verneed_cache->c_shdr->sh_link], file, versym); 1275 } 1276 } 1277 1278 /* 1279 * Initialize a symbol table state structure 1280 * 1281 * entry: 1282 * state - State structure to be initialized 1283 * cache - Cache of all section headers 1284 * shnum - # of sections in cache 1285 * secndx - Index of symbol table section 1286 * ehdr - ELF header for file 1287 * versym - Information about versym section 1288 * file - Name of file 1289 * flags - Command line option flags 1290 */ 1291 static int 1292 init_symtbl_state(SYMTBL_STATE *state, Cache *cache, Word shnum, Word secndx, 1293 Ehdr *ehdr, VERSYM_STATE *versym, const char *file, uint_t flags) 1294 { 1295 Shdr *shdr; 1296 1297 state->file = file; 1298 state->ehdr = ehdr; 1299 state->cache = cache; 1300 state->shnum = shnum; 1301 state->seccache = &cache[secndx]; 1302 state->secndx = secndx; 1303 state->secname = state->seccache->c_name; 1304 state->flags = flags; 1305 state->shxndx.checked = 0; 1306 state->shxndx.data = NULL; 1307 state->shxndx.n = 0; 1308 1309 shdr = state->seccache->c_shdr; 1310 1311 /* 1312 * Check the symbol data and per-item size. 1313 */ 1314 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 1315 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 1316 file, state->secname); 1317 return (0); 1318 } 1319 if (state->seccache->c_data == NULL) 1320 return (0); 1321 1322 /* LINTED */ 1323 state->symn = (Word)(shdr->sh_size / shdr->sh_entsize); 1324 state->sym = (Sym *)state->seccache->c_data->d_buf; 1325 1326 /* 1327 * Check associated string table section. 1328 */ 1329 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 1330 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1331 file, state->secname, EC_WORD(shdr->sh_link)); 1332 return (0); 1333 } 1334 1335 /* 1336 * Determine if there is a associated Versym section 1337 * with this Symbol Table. 1338 */ 1339 if (versym->cache && 1340 (versym->cache->c_shdr->sh_link == state->secndx)) 1341 state->versym = versym; 1342 else 1343 state->versym = NULL; 1344 1345 1346 return (1); 1347 } 1348 1349 /* 1350 * Determine the extended section index used for symbol tables entries. 1351 */ 1352 static void 1353 symbols_getxindex(SYMTBL_STATE *state) 1354 { 1355 uint_t symn; 1356 Word symcnt; 1357 1358 state->shxndx.checked = 1; /* Note that we've been called */ 1359 for (symcnt = 1; symcnt < state->shnum; symcnt++) { 1360 Cache *_cache = &state->cache[symcnt]; 1361 Shdr *shdr = _cache->c_shdr; 1362 1363 if ((shdr->sh_type != SHT_SYMTAB_SHNDX) || 1364 (shdr->sh_link != state->secndx)) 1365 continue; 1366 1367 if ((shdr->sh_entsize) && 1368 /* LINTED */ 1369 ((symn = (uint_t)(shdr->sh_size / shdr->sh_entsize)) == 0)) 1370 continue; 1371 1372 if (_cache->c_data == NULL) 1373 continue; 1374 1375 state->shxndx.data = _cache->c_data->d_buf; 1376 state->shxndx.n = symn; 1377 return; 1378 } 1379 } 1380 1381 /* 1382 * Produce a line of output for the given symbol 1383 * 1384 * entry: 1385 * state - Symbol table state 1386 * symndx - Index of symbol within the table 1387 * info - Value of st_info (indicates local/global range) 1388 * symndx_disp - Index to display. This may not be the same 1389 * as symndx if the display is relative to the logical 1390 * combination of the SUNW_ldynsym/dynsym tables. 1391 * sym - Symbol to display 1392 */ 1393 static void 1394 output_symbol(SYMTBL_STATE *state, Word symndx, Word info, Word disp_symndx, 1395 Sym *sym) 1396 { 1397 /* 1398 * Symbol types for which we check that the specified 1399 * address/size land inside the target section. 1400 */ 1401 static const int addr_symtype[] = { 1402 0, /* STT_NOTYPE */ 1403 1, /* STT_OBJECT */ 1404 1, /* STT_FUNC */ 1405 0, /* STT_SECTION */ 1406 0, /* STT_FILE */ 1407 1, /* STT_COMMON */ 1408 0, /* STT_TLS */ 1409 0, /* STT_IFUNC */ 1410 0, /* 8 */ 1411 0, /* 9 */ 1412 0, /* 10 */ 1413 0, /* 11 */ 1414 0, /* 12 */ 1415 0, /* STT_SPARC_REGISTER */ 1416 0, /* 14 */ 1417 0, /* 15 */ 1418 }; 1419 #if STT_NUM != (STT_IFUNC + 1) 1420 #error "STT_NUM has grown. Update addr_symtype[]" 1421 #endif 1422 1423 char index[MAXNDXSIZE]; 1424 const char *symname, *sec; 1425 Versym verndx; 1426 int gnuver; 1427 uchar_t type; 1428 Shdr *tshdr; 1429 Word shndx; 1430 Conv_inv_buf_t inv_buf; 1431 1432 /* Ensure symbol index is in range */ 1433 if (symndx >= state->symn) { 1434 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSORTNDX), 1435 state->file, state->secname, EC_WORD(symndx)); 1436 return; 1437 } 1438 1439 /* 1440 * If we are using extended symbol indexes, find the 1441 * corresponding SHN_SYMTAB_SHNDX table. 1442 */ 1443 if ((sym->st_shndx == SHN_XINDEX) && (state->shxndx.checked == 0)) 1444 symbols_getxindex(state); 1445 1446 /* LINTED */ 1447 symname = string(state->seccache, symndx, 1448 &state->cache[state->seccache->c_shdr->sh_link], state->file, 1449 sym->st_name); 1450 1451 tshdr = NULL; 1452 sec = NULL; 1453 1454 if (state->ehdr->e_type == ET_CORE) { 1455 sec = (char *)MSG_INTL(MSG_STR_UNKNOWN); 1456 } else if (state->flags & FLG_CTL_FAKESHDR) { 1457 /* 1458 * If we are using fake section headers derived from 1459 * the program headers, then the section indexes 1460 * in the symbols do not correspond to these headers. 1461 * The section names are not available, so all we can 1462 * do is to display them in numeric form. 1463 */ 1464 sec = conv_sym_shndx(sym->st_shndx, &inv_buf); 1465 } else if ((sym->st_shndx < SHN_LORESERVE) && 1466 (sym->st_shndx < state->shnum)) { 1467 shndx = sym->st_shndx; 1468 tshdr = state->cache[shndx].c_shdr; 1469 sec = state->cache[shndx].c_name; 1470 } else if (sym->st_shndx == SHN_XINDEX) { 1471 if (state->shxndx.data) { 1472 Word _shxndx; 1473 1474 if (symndx > state->shxndx.n) { 1475 (void) fprintf(stderr, 1476 MSG_INTL(MSG_ERR_BADSYMXINDEX1), 1477 state->file, state->secname, 1478 EC_WORD(symndx)); 1479 } else if ((_shxndx = 1480 state->shxndx.data[symndx]) > state->shnum) { 1481 (void) fprintf(stderr, 1482 MSG_INTL(MSG_ERR_BADSYMXINDEX2), 1483 state->file, state->secname, 1484 EC_WORD(symndx), EC_WORD(_shxndx)); 1485 } else { 1486 shndx = _shxndx; 1487 tshdr = state->cache[shndx].c_shdr; 1488 sec = state->cache[shndx].c_name; 1489 } 1490 } else { 1491 (void) fprintf(stderr, 1492 MSG_INTL(MSG_ERR_BADSYMXINDEX3), 1493 state->file, state->secname, EC_WORD(symndx)); 1494 } 1495 } else if ((sym->st_shndx < SHN_LORESERVE) && 1496 (sym->st_shndx >= state->shnum)) { 1497 (void) fprintf(stderr, 1498 MSG_INTL(MSG_ERR_BADSYM5), state->file, 1499 state->secname, EC_WORD(symndx), 1500 demangle(symname, state->flags), sym->st_shndx); 1501 } 1502 1503 /* 1504 * If versioning is available display the 1505 * version index. If not, then use 0. 1506 */ 1507 if (state->versym) { 1508 Versym test_verndx; 1509 1510 verndx = test_verndx = state->versym->data[symndx]; 1511 gnuver = state->versym->gnu_full; 1512 1513 /* 1514 * Check to see if this is a defined symbol with a 1515 * version index that is outside the valid range for 1516 * the file. The interpretation of this depends on 1517 * the style of versioning used by the object. 1518 * 1519 * Versions >= VER_NDX_LORESERVE have special meanings, 1520 * and are exempt from this checking. 1521 * 1522 * GNU style version indexes use the top bit of the 1523 * 16-bit index value (0x8000) as the "hidden bit". 1524 * We must mask off this bit in order to compare 1525 * the version against the maximum value. 1526 */ 1527 if (gnuver) 1528 test_verndx &= ~0x8000; 1529 1530 if ((test_verndx > state->versym->max_verndx) && 1531 (verndx < VER_NDX_LORESERVE)) 1532 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADVER), 1533 state->file, state->secname, EC_WORD(symndx), 1534 EC_HALF(test_verndx), state->versym->max_verndx); 1535 } else { 1536 verndx = 0; 1537 gnuver = 0; 1538 } 1539 1540 /* 1541 * Error checking for TLS. 1542 */ 1543 type = ELF_ST_TYPE(sym->st_info); 1544 if (type == STT_TLS) { 1545 if (tshdr && 1546 (sym->st_shndx != SHN_UNDEF) && 1547 ((tshdr->sh_flags & SHF_TLS) == 0)) { 1548 (void) fprintf(stderr, 1549 MSG_INTL(MSG_ERR_BADSYM3), state->file, 1550 state->secname, EC_WORD(symndx), 1551 demangle(symname, state->flags)); 1552 } 1553 } else if ((type != STT_SECTION) && sym->st_size && 1554 tshdr && (tshdr->sh_flags & SHF_TLS)) { 1555 (void) fprintf(stderr, 1556 MSG_INTL(MSG_ERR_BADSYM4), state->file, 1557 state->secname, EC_WORD(symndx), 1558 demangle(symname, state->flags)); 1559 } 1560 1561 /* 1562 * If a symbol with non-zero size has a type that 1563 * specifies an address, then make sure the location 1564 * it references is actually contained within the 1565 * section. UNDEF symbols don't count in this case, 1566 * so we ignore them. 1567 * 1568 * The meaning of the st_value field in a symbol 1569 * depends on the type of object. For a relocatable 1570 * object, it is the offset within the section. 1571 * For sharable objects, it is the offset relative to 1572 * the base of the object, and for other types, it is 1573 * the virtual address. To get an offset within the 1574 * section for non-ET_REL files, we subtract the 1575 * base address of the section. 1576 */ 1577 if (addr_symtype[type] && (sym->st_size > 0) && 1578 (sym->st_shndx != SHN_UNDEF) && ((sym->st_shndx < SHN_LORESERVE) || 1579 (sym->st_shndx == SHN_XINDEX)) && (tshdr != NULL)) { 1580 Word v = sym->st_value; 1581 if (state->ehdr->e_type != ET_REL) 1582 v -= tshdr->sh_addr; 1583 if (((v + sym->st_size) > tshdr->sh_size)) { 1584 (void) fprintf(stderr, 1585 MSG_INTL(MSG_ERR_BADSYM6), state->file, 1586 state->secname, EC_WORD(symndx), 1587 demangle(symname, state->flags), 1588 EC_WORD(shndx), EC_XWORD(tshdr->sh_size), 1589 EC_XWORD(sym->st_value), EC_XWORD(sym->st_size)); 1590 } 1591 } 1592 1593 /* 1594 * A typical symbol table uses the sh_info field to indicate one greater 1595 * than the symbol table index of the last local symbol, STB_LOCAL. 1596 * Therefore, symbol indexes less than sh_info should have local 1597 * binding. Symbol indexes greater than, or equal to sh_info, should 1598 * have global binding. Note, we exclude UNDEF/NOTY symbols with zero 1599 * value and size, as these symbols may be the result of an mcs(1) 1600 * section deletion. 1601 */ 1602 if (info) { 1603 uchar_t bind = ELF_ST_BIND(sym->st_info); 1604 1605 if ((symndx < info) && (bind != STB_LOCAL)) { 1606 (void) fprintf(stderr, 1607 MSG_INTL(MSG_ERR_BADSYM7), state->file, 1608 state->secname, EC_WORD(symndx), 1609 demangle(symname, state->flags), EC_XWORD(info)); 1610 1611 } else if ((symndx >= info) && (bind == STB_LOCAL) && 1612 ((sym->st_shndx != SHN_UNDEF) || 1613 (ELF_ST_TYPE(sym->st_info) != STT_NOTYPE) || 1614 (sym->st_size != 0) || (sym->st_value != 0))) { 1615 (void) fprintf(stderr, 1616 MSG_INTL(MSG_ERR_BADSYM8), state->file, 1617 state->secname, EC_WORD(symndx), 1618 demangle(symname, state->flags), EC_XWORD(info)); 1619 } 1620 } 1621 1622 (void) snprintf(index, MAXNDXSIZE, 1623 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(disp_symndx)); 1624 Elf_syms_table_entry(0, ELF_DBG_ELFDUMP, index, 1625 state->ehdr->e_machine, sym, verndx, gnuver, sec, symname); 1626 } 1627 1628 /* 1629 * Search for and process any symbol tables. 1630 */ 1631 void 1632 symbols(Cache *cache, Word shnum, Ehdr *ehdr, VERSYM_STATE *versym, 1633 const char *file, uint_t flags) 1634 { 1635 SYMTBL_STATE state; 1636 Cache *_cache; 1637 Word secndx; 1638 1639 for (secndx = 1; secndx < shnum; secndx++) { 1640 Word symcnt; 1641 Shdr *shdr; 1642 1643 _cache = &cache[secndx]; 1644 shdr = _cache->c_shdr; 1645 1646 if ((shdr->sh_type != SHT_SYMTAB) && 1647 (shdr->sh_type != SHT_DYNSYM) && 1648 (shdr->sh_type != SHT_SUNW_LDYNSYM)) 1649 continue; 1650 if (!match(MATCH_F_ALL, _cache->c_name, secndx, shdr->sh_type)) 1651 continue; 1652 1653 if (!init_symtbl_state(&state, cache, shnum, secndx, ehdr, 1654 versym, file, flags)) 1655 continue; 1656 /* 1657 * Loop through the symbol tables entries. 1658 */ 1659 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1660 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMTAB), state.secname); 1661 Elf_syms_table_title(0, ELF_DBG_ELFDUMP); 1662 1663 for (symcnt = 0; symcnt < state.symn; symcnt++) 1664 output_symbol(&state, symcnt, shdr->sh_info, symcnt, 1665 state.sym + symcnt); 1666 } 1667 } 1668 1669 /* 1670 * Search for and process any SHT_SUNW_symsort or SHT_SUNW_tlssort sections. 1671 * These sections are always associated with the .SUNW_ldynsym./.dynsym pair. 1672 */ 1673 static void 1674 sunw_sort(Cache *cache, Word shnum, Ehdr *ehdr, VERSYM_STATE *versym, 1675 const char *file, uint_t flags) 1676 { 1677 SYMTBL_STATE ldynsym_state, dynsym_state; 1678 Cache *sortcache, *symcache; 1679 Shdr *sortshdr, *symshdr; 1680 Word sortsecndx, symsecndx; 1681 Word ldynsym_cnt; 1682 Word *ndx; 1683 Word ndxn; 1684 int output_cnt = 0; 1685 Conv_inv_buf_t inv_buf; 1686 1687 for (sortsecndx = 1; sortsecndx < shnum; sortsecndx++) { 1688 1689 sortcache = &cache[sortsecndx]; 1690 sortshdr = sortcache->c_shdr; 1691 1692 if ((sortshdr->sh_type != SHT_SUNW_symsort) && 1693 (sortshdr->sh_type != SHT_SUNW_tlssort)) 1694 continue; 1695 if (!match(MATCH_F_ALL, sortcache->c_name, sortsecndx, 1696 sortshdr->sh_type)) 1697 continue; 1698 1699 /* 1700 * If the section references a SUNW_ldynsym, then we 1701 * expect to see the associated .dynsym immediately 1702 * following. If it references a .dynsym, there is no 1703 * SUNW_ldynsym. If it is any other type, then we don't 1704 * know what to do with it. 1705 */ 1706 if ((sortshdr->sh_link == 0) || (sortshdr->sh_link >= shnum)) { 1707 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1708 file, sortcache->c_name, 1709 EC_WORD(sortshdr->sh_link)); 1710 continue; 1711 } 1712 symcache = &cache[sortshdr->sh_link]; 1713 symshdr = symcache->c_shdr; 1714 symsecndx = sortshdr->sh_link; 1715 ldynsym_cnt = 0; 1716 switch (symshdr->sh_type) { 1717 case SHT_SUNW_LDYNSYM: 1718 if (!init_symtbl_state(&ldynsym_state, cache, shnum, 1719 symsecndx, ehdr, versym, file, flags)) 1720 continue; 1721 ldynsym_cnt = ldynsym_state.symn; 1722 /* 1723 * We know that the dynsym follows immediately 1724 * after the SUNW_ldynsym, and so, should be at 1725 * (sortshdr->sh_link + 1). However, elfdump is a 1726 * diagnostic tool, so we do the full paranoid 1727 * search instead. 1728 */ 1729 for (symsecndx = 1; symsecndx < shnum; symsecndx++) { 1730 symcache = &cache[symsecndx]; 1731 symshdr = symcache->c_shdr; 1732 if (symshdr->sh_type == SHT_DYNSYM) 1733 break; 1734 } 1735 if (symsecndx >= shnum) { /* Dynsym not found! */ 1736 (void) fprintf(stderr, 1737 MSG_INTL(MSG_ERR_NODYNSYM), 1738 file, sortcache->c_name); 1739 continue; 1740 } 1741 /* Fallthrough to process associated dynsym */ 1742 /* FALLTHROUGH */ 1743 case SHT_DYNSYM: 1744 if (!init_symtbl_state(&dynsym_state, cache, shnum, 1745 symsecndx, ehdr, versym, file, flags)) 1746 continue; 1747 break; 1748 default: 1749 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADNDXSEC), 1750 file, sortcache->c_name, conv_sec_type( 1751 ehdr->e_machine, symshdr->sh_type, 0, &inv_buf)); 1752 continue; 1753 } 1754 1755 /* 1756 * Output header 1757 */ 1758 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1759 if (ldynsym_cnt > 0) { 1760 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMSORT2), 1761 sortcache->c_name, ldynsym_state.secname, 1762 dynsym_state.secname); 1763 /* 1764 * The data for .SUNW_ldynsym and dynsym sections 1765 * is supposed to be adjacent with SUNW_ldynsym coming 1766 * first. Check, and issue a warning if it isn't so. 1767 */ 1768 if (((ldynsym_state.sym + ldynsym_state.symn) 1769 != dynsym_state.sym) && 1770 ((flags & FLG_CTL_FAKESHDR) == 0)) 1771 (void) fprintf(stderr, 1772 MSG_INTL(MSG_ERR_LDYNNOTADJ), file, 1773 ldynsym_state.secname, 1774 dynsym_state.secname); 1775 } else { 1776 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMSORT1), 1777 sortcache->c_name, dynsym_state.secname); 1778 } 1779 Elf_syms_table_title(0, ELF_DBG_ELFDUMP); 1780 1781 /* If not first one, insert a line of whitespace */ 1782 if (output_cnt++ > 0) 1783 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1784 1785 /* 1786 * SUNW_dynsymsort and SUNW_dyntlssort are arrays of 1787 * symbol indices. Iterate over the array entries, 1788 * dispaying the referenced symbols. 1789 */ 1790 ndxn = sortshdr->sh_size / sortshdr->sh_entsize; 1791 ndx = (Word *)sortcache->c_data->d_buf; 1792 for (; ndxn-- > 0; ndx++) { 1793 if (*ndx >= ldynsym_cnt) { 1794 Word sec_ndx = *ndx - ldynsym_cnt; 1795 1796 output_symbol(&dynsym_state, sec_ndx, 0, 1797 *ndx, dynsym_state.sym + sec_ndx); 1798 } else { 1799 output_symbol(&ldynsym_state, *ndx, 0, 1800 *ndx, ldynsym_state.sym + *ndx); 1801 } 1802 } 1803 } 1804 } 1805 1806 /* 1807 * Search for and process any relocation sections. 1808 */ 1809 static void 1810 reloc(Cache *cache, Word shnum, Ehdr *ehdr, const char *file) 1811 { 1812 Word cnt; 1813 1814 for (cnt = 1; cnt < shnum; cnt++) { 1815 Word type, symnum; 1816 Xword relndx, relnum, relsize; 1817 void *rels; 1818 Sym *syms; 1819 Cache *symsec, *strsec; 1820 Cache *_cache = &cache[cnt]; 1821 Shdr *shdr = _cache->c_shdr; 1822 char *relname = _cache->c_name; 1823 Conv_inv_buf_t inv_buf; 1824 1825 if (((type = shdr->sh_type) != SHT_RELA) && 1826 (type != SHT_REL)) 1827 continue; 1828 if (!match(MATCH_F_ALL, relname, cnt, type)) 1829 continue; 1830 1831 /* 1832 * Decide entry size. 1833 */ 1834 if (((relsize = shdr->sh_entsize) == 0) || 1835 (relsize > shdr->sh_size)) { 1836 if (type == SHT_RELA) 1837 relsize = sizeof (Rela); 1838 else 1839 relsize = sizeof (Rel); 1840 } 1841 1842 /* 1843 * Determine the number of relocations available. 1844 */ 1845 if (shdr->sh_size == 0) { 1846 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 1847 file, relname); 1848 continue; 1849 } 1850 if (_cache->c_data == NULL) 1851 continue; 1852 1853 rels = _cache->c_data->d_buf; 1854 relnum = shdr->sh_size / relsize; 1855 1856 /* 1857 * Get the data buffer for the associated symbol table and 1858 * string table. 1859 */ 1860 if (stringtbl(cache, 1, cnt, shnum, file, 1861 &symnum, &symsec, &strsec) == 0) 1862 continue; 1863 1864 syms = symsec->c_data->d_buf; 1865 1866 /* 1867 * Loop through the relocation entries. 1868 */ 1869 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1870 dbg_print(0, MSG_INTL(MSG_ELF_SCN_RELOC), _cache->c_name); 1871 Elf_reloc_title(0, ELF_DBG_ELFDUMP, type); 1872 1873 for (relndx = 0; relndx < relnum; relndx++, 1874 rels = (void *)((char *)rels + relsize)) { 1875 Half mach = ehdr->e_machine; 1876 char section[BUFSIZ]; 1877 const char *symname; 1878 Word symndx, reltype; 1879 Rela *rela; 1880 Rel *rel; 1881 1882 /* 1883 * Unravel the relocation and determine the symbol with 1884 * which this relocation is associated. 1885 */ 1886 if (type == SHT_RELA) { 1887 rela = (Rela *)rels; 1888 symndx = ELF_R_SYM(rela->r_info); 1889 reltype = ELF_R_TYPE(rela->r_info, mach); 1890 } else { 1891 rel = (Rel *)rels; 1892 symndx = ELF_R_SYM(rel->r_info); 1893 reltype = ELF_R_TYPE(rel->r_info, mach); 1894 } 1895 1896 symname = relsymname(cache, _cache, strsec, symndx, 1897 symnum, relndx, syms, section, BUFSIZ, file); 1898 1899 /* 1900 * A zero symbol index is only valid for a few 1901 * relocations. 1902 */ 1903 if (symndx == 0) { 1904 int badrel = 0; 1905 1906 if ((mach == EM_SPARC) || 1907 (mach == EM_SPARC32PLUS) || 1908 (mach == EM_SPARCV9)) { 1909 if ((reltype != R_SPARC_NONE) && 1910 (reltype != R_SPARC_REGISTER) && 1911 (reltype != R_SPARC_RELATIVE)) 1912 badrel++; 1913 } else if (mach == EM_386) { 1914 if ((reltype != R_386_NONE) && 1915 (reltype != R_386_RELATIVE)) 1916 badrel++; 1917 } else if (mach == EM_AMD64) { 1918 if ((reltype != R_AMD64_NONE) && 1919 (reltype != R_AMD64_RELATIVE)) 1920 badrel++; 1921 } 1922 1923 if (badrel) { 1924 (void) fprintf(stderr, 1925 MSG_INTL(MSG_ERR_BADREL1), file, 1926 conv_reloc_type(mach, reltype, 1927 0, &inv_buf)); 1928 } 1929 } 1930 1931 Elf_reloc_entry_1(0, ELF_DBG_ELFDUMP, 1932 MSG_ORIG(MSG_STR_EMPTY), ehdr->e_machine, type, 1933 rels, relname, symname, 0); 1934 } 1935 } 1936 } 1937 1938 1939 /* 1940 * This value controls which test dyn_test() performs. 1941 */ 1942 typedef enum { DYN_TEST_ADDR, DYN_TEST_SIZE, DYN_TEST_ENTSIZE } dyn_test_t; 1943 1944 /* 1945 * Used by dynamic() to compare the value of a dynamic element against 1946 * the starting address of the section it references. 1947 * 1948 * entry: 1949 * test_type - Specify which dyn item is being tested. 1950 * sh_type - SHT_* type value for required section. 1951 * sec_cache - Cache entry for section, or NULL if the object lacks 1952 * a section of this type. 1953 * dyn - Dyn entry to be tested 1954 * dynsec_cnt - # of dynamic section being examined. The first 1955 * dynamic section is 1, the next is 2, and so on... 1956 * ehdr - ELF header for file 1957 * file - Name of file 1958 */ 1959 static void 1960 dyn_test(dyn_test_t test_type, Word sh_type, Cache *sec_cache, Dyn *dyn, 1961 Word dynsec_cnt, Ehdr *ehdr, const char *file) 1962 { 1963 Conv_inv_buf_t buf1, buf2; 1964 1965 /* 1966 * These tests are based around the implicit assumption that 1967 * there is only one dynamic section in an object, and also only 1968 * one of the sections it references. We have therefore gathered 1969 * all of the necessary information to test this in a single pass 1970 * over the section headers, which is very efficient. We are not 1971 * aware of any case where more than one dynamic section would 1972 * be meaningful in an ELF object, so this is a reasonable solution. 1973 * 1974 * To test multiple dynamic sections correctly would be more 1975 * expensive in code and time. We would have to build a data structure 1976 * containing all the dynamic elements. Then, we would use the address 1977 * to locate the section it references and ensure the section is of 1978 * the right type and that the address in the dynamic element is 1979 * to the start of the section. Then, we could check the size and 1980 * entsize values against those same sections. This is O(n^2), and 1981 * also complicated. 1982 * 1983 * In the highly unlikely case that there is more than one dynamic 1984 * section, we only test the first one, and simply allow the values 1985 * of the subsequent one to be displayed unchallenged. 1986 */ 1987 if (dynsec_cnt != 1) 1988 return; 1989 1990 /* 1991 * A DT_ item that references a section address should always find 1992 * the section in the file. 1993 */ 1994 if (sec_cache == NULL) { 1995 const char *name; 1996 1997 /* 1998 * Supply section names instead of section types for 1999 * things that reference progbits so that the error 2000 * message will make more sense. 2001 */ 2002 switch (dyn->d_tag) { 2003 case DT_INIT: 2004 name = MSG_ORIG(MSG_ELF_INIT); 2005 break; 2006 case DT_FINI: 2007 name = MSG_ORIG(MSG_ELF_FINI); 2008 break; 2009 default: 2010 name = conv_sec_type(ehdr->e_machine, sh_type, 2011 0, &buf1); 2012 break; 2013 } 2014 (void) fprintf(stderr, MSG_INTL(MSG_ERR_DYNNOBCKSEC), file, 2015 name, conv_dyn_tag(dyn->d_tag, ehdr->e_machine, 0, &buf2)); 2016 return; 2017 } 2018 2019 2020 switch (test_type) { 2021 case DYN_TEST_ADDR: 2022 /* The section address should match the DT_ item value */ 2023 if (dyn->d_un.d_val != sec_cache->c_shdr->sh_addr) 2024 (void) fprintf(stderr, 2025 MSG_INTL(MSG_ERR_DYNBADADDR), file, 2026 conv_dyn_tag(dyn->d_tag, ehdr->e_machine, 0, &buf1), 2027 EC_ADDR(dyn->d_un.d_val), sec_cache->c_ndx, 2028 sec_cache->c_name, 2029 EC_ADDR(sec_cache->c_shdr->sh_addr)); 2030 break; 2031 2032 case DYN_TEST_SIZE: 2033 /* The section size should match the DT_ item value */ 2034 if (dyn->d_un.d_val != sec_cache->c_shdr->sh_size) 2035 (void) fprintf(stderr, 2036 MSG_INTL(MSG_ERR_DYNBADSIZE), file, 2037 conv_dyn_tag(dyn->d_tag, ehdr->e_machine, 0, &buf1), 2038 EC_XWORD(dyn->d_un.d_val), 2039 sec_cache->c_ndx, sec_cache->c_name, 2040 EC_XWORD(sec_cache->c_shdr->sh_size)); 2041 break; 2042 2043 case DYN_TEST_ENTSIZE: 2044 /* The sh_entsize value should match the DT_ item value */ 2045 if (dyn->d_un.d_val != sec_cache->c_shdr->sh_entsize) 2046 (void) fprintf(stderr, 2047 MSG_INTL(MSG_ERR_DYNBADENTSIZE), file, 2048 conv_dyn_tag(dyn->d_tag, ehdr->e_machine, 0, &buf1), 2049 EC_XWORD(dyn->d_un.d_val), 2050 sec_cache->c_ndx, sec_cache->c_name, 2051 EC_XWORD(sec_cache->c_shdr->sh_entsize)); 2052 break; 2053 } 2054 } 2055 2056 2057 /* 2058 * There are some DT_ entries that have corresponding symbols 2059 * (e.g. DT_INIT and _init). It is expected that these items will 2060 * both have the same value if both are present. This routine 2061 * examines the well known symbol tables for such symbols and 2062 * issues warnings for any that don't match. 2063 * 2064 * entry: 2065 * dyn - Dyn entry to be tested 2066 * symname - Name of symbol that corresponds to dyn 2067 * symtab_cache, dynsym_cache, ldynsym_cache - Symbol tables to check 2068 * cache - Cache of all section headers 2069 * shnum - # of sections in cache 2070 * ehdr - ELF header for file 2071 * file - Name of file 2072 */ 2073 static void 2074 dyn_symtest(Dyn *dyn, const char *symname, Cache *symtab_cache, 2075 Cache *dynsym_cache, Cache *ldynsym_cache, Cache *cache, 2076 Word shnum, Ehdr *ehdr, const char *file) 2077 { 2078 Conv_inv_buf_t buf; 2079 int i; 2080 Sym *sym; 2081 Cache *_cache; 2082 2083 for (i = 0; i < 3; i++) { 2084 switch (i) { 2085 case 0: 2086 _cache = symtab_cache; 2087 break; 2088 case 1: 2089 _cache = dynsym_cache; 2090 break; 2091 case 2: 2092 _cache = ldynsym_cache; 2093 break; 2094 } 2095 2096 if ((_cache != NULL) && 2097 symlookup(symname, cache, shnum, &sym, _cache, file) && 2098 (sym->st_value != dyn->d_un.d_val)) 2099 (void) fprintf(stderr, MSG_INTL(MSG_ERR_DYNSYMVAL), 2100 file, _cache->c_name, 2101 conv_dyn_tag(dyn->d_tag, ehdr->e_machine, 0, &buf), 2102 symname, EC_ADDR(sym->st_value)); 2103 } 2104 } 2105 2106 2107 /* 2108 * Search for and process a .dynamic section. 2109 */ 2110 static void 2111 dynamic(Cache *cache, Word shnum, Ehdr *ehdr, const char *file) 2112 { 2113 struct { 2114 Cache *symtab; 2115 Cache *dynstr; 2116 Cache *dynsym; 2117 Cache *hash; 2118 Cache *fini; 2119 Cache *fini_array; 2120 Cache *init; 2121 Cache *init_array; 2122 Cache *preinit_array; 2123 Cache *rel; 2124 Cache *rela; 2125 Cache *sunw_cap; 2126 Cache *sunw_ldynsym; 2127 Cache *sunw_move; 2128 Cache *sunw_syminfo; 2129 Cache *sunw_symsort; 2130 Cache *sunw_tlssort; 2131 Cache *sunw_verdef; 2132 Cache *sunw_verneed; 2133 Cache *sunw_versym; 2134 } sec; 2135 Word dynsec_ndx; 2136 Word dynsec_num; 2137 int dynsec_cnt; 2138 Word cnt; 2139 2140 /* 2141 * Make a pass over all the sections, gathering section information 2142 * we'll need below. 2143 */ 2144 dynsec_num = 0; 2145 bzero(&sec, sizeof (sec)); 2146 for (cnt = 1; cnt < shnum; cnt++) { 2147 Cache *_cache = &cache[cnt]; 2148 2149 switch (_cache->c_shdr->sh_type) { 2150 case SHT_DYNAMIC: 2151 if (dynsec_num == 0) { 2152 dynsec_ndx = cnt; 2153 2154 /* Does it have a valid string table? */ 2155 (void) stringtbl(cache, 0, cnt, shnum, file, 2156 0, 0, &sec.dynstr); 2157 } 2158 dynsec_num++; 2159 break; 2160 2161 2162 case SHT_PROGBITS: 2163 /* 2164 * We want to detect the .init and .fini sections, 2165 * if present. These are SHT_PROGBITS, so all we 2166 * have to go on is the section name. Normally comparing 2167 * names is a bad idea, but there are some special 2168 * names (i.e. .init/.fini/.interp) that are very 2169 * difficult to use in any other context, and for 2170 * these symbols, we do the heuristic match. 2171 */ 2172 if (strcmp(_cache->c_name, 2173 MSG_ORIG(MSG_ELF_INIT)) == 0) { 2174 if (sec.init == NULL) 2175 sec.init = _cache; 2176 } else if (strcmp(_cache->c_name, 2177 MSG_ORIG(MSG_ELF_FINI)) == 0) { 2178 if (sec.fini == NULL) 2179 sec.fini = _cache; 2180 } 2181 break; 2182 2183 case SHT_REL: 2184 /* 2185 * We want the SHT_REL section with the lowest 2186 * offset. The linker gathers them together, 2187 * and puts the address of the first one 2188 * into the DT_REL dynamic element. 2189 */ 2190 if ((sec.rel == NULL) || 2191 (_cache->c_shdr->sh_offset < 2192 sec.rel->c_shdr->sh_offset)) 2193 sec.rel = _cache; 2194 break; 2195 2196 case SHT_RELA: 2197 /* RELA is handled just like RELA above */ 2198 if ((sec.rela == NULL) || 2199 (_cache->c_shdr->sh_offset < 2200 sec.rela->c_shdr->sh_offset)) 2201 sec.rela = _cache; 2202 break; 2203 2204 /* 2205 * The GRAB macro is used for the simple case in which 2206 * we simply grab the first section of the desired type. 2207 */ 2208 #define GRAB(_sec_type, _sec_field) \ 2209 case _sec_type: \ 2210 if (sec._sec_field == NULL) \ 2211 sec._sec_field = _cache; \ 2212 break 2213 GRAB(SHT_SYMTAB, symtab); 2214 GRAB(SHT_DYNSYM, dynsym); 2215 GRAB(SHT_FINI_ARRAY, fini_array); 2216 GRAB(SHT_HASH, hash); 2217 GRAB(SHT_INIT_ARRAY, init_array); 2218 GRAB(SHT_SUNW_move, sunw_move); 2219 GRAB(SHT_PREINIT_ARRAY, preinit_array); 2220 GRAB(SHT_SUNW_cap, sunw_cap); 2221 GRAB(SHT_SUNW_LDYNSYM, sunw_ldynsym); 2222 GRAB(SHT_SUNW_syminfo, sunw_syminfo); 2223 GRAB(SHT_SUNW_symsort, sunw_symsort); 2224 GRAB(SHT_SUNW_tlssort, sunw_tlssort); 2225 GRAB(SHT_SUNW_verdef, sunw_verdef); 2226 GRAB(SHT_SUNW_verneed, sunw_verneed); 2227 GRAB(SHT_SUNW_versym, sunw_versym); 2228 #undef GRAB 2229 } 2230 } 2231 2232 /* 2233 * If no dynamic section, return immediately. If more than one 2234 * dynamic section, then something odd is going on and an error 2235 * is in order, but then continue on and display them all. 2236 */ 2237 if (dynsec_num == 0) 2238 return; 2239 if (dynsec_num > 1) 2240 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MULTDYN), 2241 file, EC_WORD(dynsec_num)); 2242 2243 2244 dynsec_cnt = 0; 2245 for (cnt = dynsec_ndx; (cnt < shnum) && (dynsec_cnt < dynsec_num); 2246 cnt++) { 2247 Dyn *dyn; 2248 ulong_t numdyn; 2249 int ndx, end_ndx; 2250 Cache *_cache = &cache[cnt], *strsec; 2251 Shdr *shdr = _cache->c_shdr; 2252 int dumped = 0; 2253 2254 if (shdr->sh_type != SHT_DYNAMIC) 2255 continue; 2256 dynsec_cnt++; 2257 2258 /* 2259 * Verify the associated string table section. 2260 */ 2261 if (stringtbl(cache, 0, cnt, shnum, file, 0, 0, &strsec) == 0) 2262 continue; 2263 2264 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 2265 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 2266 file, _cache->c_name); 2267 continue; 2268 } 2269 if (_cache->c_data == NULL) 2270 continue; 2271 2272 numdyn = shdr->sh_size / shdr->sh_entsize; 2273 dyn = (Dyn *)_cache->c_data->d_buf; 2274 2275 /* 2276 * We expect the REL/RELA entries to reference the reloc 2277 * section with the lowest address. However, this is 2278 * not true for dumped objects. Detect if this object has 2279 * been dumped so that we can skip the reloc address test 2280 * in that case. 2281 */ 2282 for (ndx = 0; ndx < numdyn; dyn++, ndx++) { 2283 if (dyn->d_tag == DT_FLAGS_1) { 2284 dumped = (dyn->d_un.d_val & DF_1_CONFALT) != 0; 2285 break; 2286 } 2287 } 2288 dyn = (Dyn *)_cache->c_data->d_buf; 2289 2290 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2291 dbg_print(0, MSG_INTL(MSG_ELF_SCN_DYNAMIC), _cache->c_name); 2292 2293 Elf_dyn_title(0); 2294 2295 for (ndx = 0; ndx < numdyn; dyn++, ndx++) { 2296 union { 2297 Conv_inv_buf_t inv; 2298 Conv_dyn_flag_buf_t flag; 2299 Conv_dyn_flag1_buf_t flag1; 2300 Conv_dyn_posflag1_buf_t posflag1; 2301 Conv_dyn_feature1_buf_t feature1; 2302 } c_buf; 2303 const char *name = NULL; 2304 2305 /* 2306 * Print the information numerically, and if possible 2307 * as a string. If a string is available, name is 2308 * set to reference it. 2309 * 2310 * Also, take this opportunity to sanity check 2311 * the values of DT elements. In the code above, 2312 * we gathered information on sections that are 2313 * referenced by the dynamic section. Here, we 2314 * compare the attributes of those sections to 2315 * the DT_ items that reference them and report 2316 * on inconsistencies. 2317 * 2318 * Things not currently tested that could be improved 2319 * in later revisions include: 2320 * - We don't check PLT or GOT related items 2321 * - We don't handle computing the lengths of 2322 * relocation arrays. To handle this 2323 * requires examining data that spans 2324 * across sections, in a contiguous span 2325 * within a single segment. 2326 * - DT_VERDEFNUM and DT_VERNEEDNUM can't be 2327 * verified without parsing the sections. 2328 * - We don't handle DT_SUNW_SYMSZ, which would 2329 * be the sum of the lengths of .dynsym and 2330 * .SUNW_ldynsym 2331 * - DT_SUNW_STRPAD can't be verified other than 2332 * to check that it's not larger than 2333 * the string table. 2334 * - Some items come in "all or none" clusters 2335 * that give an address, element size, 2336 * and data length in bytes. We don't 2337 * verify that there are no missing items 2338 * in such groups. 2339 */ 2340 switch (dyn->d_tag) { 2341 case DT_NULL: 2342 /* 2343 * Special case: DT_NULLs can come in groups 2344 * that we prefer to reduce to a single line. 2345 */ 2346 end_ndx = ndx; 2347 while ((end_ndx < (numdyn - 1)) && 2348 ((dyn + 1)->d_tag == DT_NULL)) { 2349 dyn++; 2350 end_ndx++; 2351 } 2352 Elf_dyn_null_entry(0, dyn, ndx, end_ndx); 2353 ndx = end_ndx; 2354 continue; 2355 2356 /* 2357 * String items all reference the dynstr. The string() 2358 * function does the necessary sanity checking. 2359 */ 2360 case DT_NEEDED: 2361 case DT_SONAME: 2362 case DT_FILTER: 2363 case DT_AUXILIARY: 2364 case DT_CONFIG: 2365 case DT_RPATH: 2366 case DT_RUNPATH: 2367 case DT_USED: 2368 case DT_DEPAUDIT: 2369 case DT_AUDIT: 2370 case DT_SUNW_AUXILIARY: 2371 case DT_SUNW_FILTER: 2372 name = string(_cache, ndx, strsec, 2373 file, dyn->d_un.d_ptr); 2374 break; 2375 2376 case DT_FLAGS: 2377 name = conv_dyn_flag(dyn->d_un.d_val, 2378 0, &c_buf.flag); 2379 break; 2380 case DT_FLAGS_1: 2381 name = conv_dyn_flag1(dyn->d_un.d_val, 0, 2382 &c_buf.flag1); 2383 break; 2384 case DT_POSFLAG_1: 2385 name = conv_dyn_posflag1(dyn->d_un.d_val, 0, 2386 &c_buf.posflag1); 2387 break; 2388 case DT_FEATURE_1: 2389 name = conv_dyn_feature1(dyn->d_un.d_val, 0, 2390 &c_buf.feature1); 2391 break; 2392 case DT_DEPRECATED_SPARC_REGISTER: 2393 name = MSG_INTL(MSG_STR_DEPRECATED); 2394 break; 2395 2396 case DT_SUNW_LDMACH: 2397 name = conv_ehdr_mach((Half)dyn->d_un.d_val, 0, 2398 &c_buf.inv); 2399 break; 2400 2401 /* 2402 * Cases below this point are strictly sanity checking, 2403 * and do not generate a name string. The TEST_ macros 2404 * are used to hide the boilerplate arguments neeeded 2405 * by dyn_test(). 2406 */ 2407 #define TEST_ADDR(_sh_type, _sec_field) \ 2408 dyn_test(DYN_TEST_ADDR, _sh_type, \ 2409 sec._sec_field, dyn, dynsec_cnt, ehdr, file) 2410 #define TEST_SIZE(_sh_type, _sec_field) \ 2411 dyn_test(DYN_TEST_SIZE, _sh_type, \ 2412 sec._sec_field, dyn, dynsec_cnt, ehdr, file) 2413 #define TEST_ENTSIZE(_sh_type, _sec_field) \ 2414 dyn_test(DYN_TEST_ENTSIZE, _sh_type, \ 2415 sec._sec_field, dyn, dynsec_cnt, ehdr, file) 2416 2417 case DT_FINI: 2418 dyn_symtest(dyn, MSG_ORIG(MSG_SYM_FINI), 2419 sec.symtab, sec.dynsym, sec.sunw_ldynsym, 2420 cache, shnum, ehdr, file); 2421 TEST_ADDR(SHT_PROGBITS, fini); 2422 break; 2423 2424 case DT_FINI_ARRAY: 2425 TEST_ADDR(SHT_FINI_ARRAY, fini_array); 2426 break; 2427 2428 case DT_FINI_ARRAYSZ: 2429 TEST_SIZE(SHT_FINI_ARRAY, fini_array); 2430 break; 2431 2432 case DT_HASH: 2433 TEST_ADDR(SHT_HASH, hash); 2434 break; 2435 2436 case DT_INIT: 2437 dyn_symtest(dyn, MSG_ORIG(MSG_SYM_INIT), 2438 sec.symtab, sec.dynsym, sec.sunw_ldynsym, 2439 cache, shnum, ehdr, file); 2440 TEST_ADDR(SHT_PROGBITS, init); 2441 break; 2442 2443 case DT_INIT_ARRAY: 2444 TEST_ADDR(SHT_INIT_ARRAY, init_array); 2445 break; 2446 2447 case DT_INIT_ARRAYSZ: 2448 TEST_SIZE(SHT_INIT_ARRAY, init_array); 2449 break; 2450 2451 case DT_MOVEENT: 2452 TEST_ENTSIZE(SHT_SUNW_move, sunw_move); 2453 break; 2454 2455 case DT_MOVESZ: 2456 TEST_SIZE(SHT_SUNW_move, sunw_move); 2457 break; 2458 2459 case DT_MOVETAB: 2460 TEST_ADDR(SHT_SUNW_move, sunw_move); 2461 break; 2462 2463 case DT_PREINIT_ARRAY: 2464 TEST_ADDR(SHT_PREINIT_ARRAY, preinit_array); 2465 break; 2466 2467 case DT_PREINIT_ARRAYSZ: 2468 TEST_SIZE(SHT_PREINIT_ARRAY, preinit_array); 2469 break; 2470 2471 case DT_REL: 2472 if (!dumped) 2473 TEST_ADDR(SHT_REL, rel); 2474 break; 2475 2476 case DT_RELENT: 2477 TEST_ENTSIZE(SHT_REL, rel); 2478 break; 2479 2480 case DT_RELA: 2481 if (!dumped) 2482 TEST_ADDR(SHT_RELA, rela); 2483 break; 2484 2485 case DT_RELAENT: 2486 TEST_ENTSIZE(SHT_RELA, rela); 2487 break; 2488 2489 case DT_STRTAB: 2490 TEST_ADDR(SHT_STRTAB, dynstr); 2491 break; 2492 2493 case DT_STRSZ: 2494 TEST_SIZE(SHT_STRTAB, dynstr); 2495 break; 2496 2497 case DT_SUNW_CAP: 2498 TEST_ADDR(SHT_SUNW_cap, sunw_cap); 2499 break; 2500 2501 case DT_SUNW_SYMTAB: 2502 TEST_ADDR(SHT_SUNW_LDYNSYM, sunw_ldynsym); 2503 break; 2504 2505 case DT_SYMENT: 2506 TEST_ENTSIZE(SHT_DYNSYM, dynsym); 2507 break; 2508 2509 case DT_SYMINENT: 2510 TEST_ENTSIZE(SHT_SUNW_syminfo, sunw_syminfo); 2511 break; 2512 2513 case DT_SYMINFO: 2514 TEST_ADDR(SHT_SUNW_syminfo, sunw_syminfo); 2515 break; 2516 2517 case DT_SYMINSZ: 2518 TEST_SIZE(SHT_SUNW_syminfo, sunw_syminfo); 2519 break; 2520 2521 case DT_SYMTAB: 2522 TEST_ADDR(SHT_DYNSYM, dynsym); 2523 break; 2524 2525 case DT_SUNW_SORTENT: 2526 /* 2527 * This entry is related to both the symsort and 2528 * tlssort sections. 2529 */ 2530 { 2531 int test_tls = 2532 (sec.sunw_tlssort != NULL); 2533 int test_sym = 2534 (sec.sunw_symsort != NULL) || 2535 !test_tls; 2536 if (test_sym) 2537 TEST_ENTSIZE(SHT_SUNW_symsort, 2538 sunw_symsort); 2539 if (test_tls) 2540 TEST_ENTSIZE(SHT_SUNW_tlssort, 2541 sunw_tlssort); 2542 } 2543 break; 2544 2545 2546 case DT_SUNW_SYMSORT: 2547 TEST_ADDR(SHT_SUNW_symsort, sunw_symsort); 2548 break; 2549 2550 case DT_SUNW_SYMSORTSZ: 2551 TEST_SIZE(SHT_SUNW_symsort, sunw_symsort); 2552 break; 2553 2554 case DT_SUNW_TLSSORT: 2555 TEST_ADDR(SHT_SUNW_tlssort, sunw_tlssort); 2556 break; 2557 2558 case DT_SUNW_TLSSORTSZ: 2559 TEST_SIZE(SHT_SUNW_tlssort, sunw_tlssort); 2560 break; 2561 2562 case DT_VERDEF: 2563 TEST_ADDR(SHT_SUNW_verdef, sunw_verdef); 2564 break; 2565 2566 case DT_VERNEED: 2567 TEST_ADDR(SHT_SUNW_verneed, sunw_verneed); 2568 break; 2569 2570 case DT_VERSYM: 2571 TEST_ADDR(SHT_SUNW_versym, sunw_versym); 2572 break; 2573 #undef TEST_ADDR 2574 #undef TEST_SIZE 2575 #undef TEST_ENTSIZE 2576 } 2577 2578 if (name == NULL) 2579 name = MSG_ORIG(MSG_STR_EMPTY); 2580 Elf_dyn_entry(0, dyn, ndx, name, ehdr->e_machine); 2581 } 2582 } 2583 } 2584 2585 /* 2586 * Search for and process a MOVE section. 2587 */ 2588 static void 2589 move(Cache *cache, Word shnum, const char *file, uint_t flags) 2590 { 2591 Word cnt; 2592 const char *fmt = NULL; 2593 2594 for (cnt = 1; cnt < shnum; cnt++) { 2595 Word movenum, symnum, ndx; 2596 Sym *syms; 2597 Cache *_cache = &cache[cnt]; 2598 Shdr *shdr = _cache->c_shdr; 2599 Cache *symsec, *strsec; 2600 Move *move; 2601 2602 if (shdr->sh_type != SHT_SUNW_move) 2603 continue; 2604 if (!match(MATCH_F_ALL, _cache->c_name, cnt, shdr->sh_type)) 2605 continue; 2606 2607 /* 2608 * Determine the move data and number. 2609 */ 2610 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 2611 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 2612 file, _cache->c_name); 2613 continue; 2614 } 2615 if (_cache->c_data == NULL) 2616 continue; 2617 2618 move = (Move *)_cache->c_data->d_buf; 2619 movenum = shdr->sh_size / shdr->sh_entsize; 2620 2621 /* 2622 * Get the data buffer for the associated symbol table and 2623 * string table. 2624 */ 2625 if (stringtbl(cache, 1, cnt, shnum, file, 2626 &symnum, &symsec, &strsec) == 0) 2627 return; 2628 2629 syms = (Sym *)symsec->c_data->d_buf; 2630 2631 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2632 dbg_print(0, MSG_INTL(MSG_ELF_SCN_MOVE), _cache->c_name); 2633 dbg_print(0, MSG_INTL(MSG_MOVE_TITLE)); 2634 2635 if (fmt == NULL) 2636 fmt = MSG_INTL(MSG_MOVE_ENTRY); 2637 2638 for (ndx = 0; ndx < movenum; move++, ndx++) { 2639 const char *symname; 2640 char index[MAXNDXSIZE], section[BUFSIZ]; 2641 Word symndx, shndx; 2642 Sym *sym; 2643 2644 /* 2645 * Check for null entries 2646 */ 2647 if ((move->m_info == 0) && (move->m_value == 0) && 2648 (move->m_poffset == 0) && (move->m_repeat == 0) && 2649 (move->m_stride == 0)) { 2650 dbg_print(0, fmt, MSG_ORIG(MSG_STR_EMPTY), 2651 EC_XWORD(move->m_poffset), 0, 0, 0, 2652 EC_LWORD(0), MSG_ORIG(MSG_STR_EMPTY)); 2653 continue; 2654 } 2655 if (((symndx = ELF_M_SYM(move->m_info)) == 0) || 2656 (symndx >= symnum)) { 2657 (void) fprintf(stderr, 2658 MSG_INTL(MSG_ERR_BADMINFO), file, 2659 _cache->c_name, EC_XWORD(move->m_info)); 2660 2661 (void) snprintf(index, MAXNDXSIZE, 2662 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(symndx)); 2663 dbg_print(0, fmt, index, 2664 EC_XWORD(move->m_poffset), 2665 ELF_M_SIZE(move->m_info), move->m_repeat, 2666 move->m_stride, move->m_value, 2667 MSG_INTL(MSG_STR_UNKNOWN)); 2668 continue; 2669 } 2670 2671 symname = relsymname(cache, _cache, strsec, 2672 symndx, symnum, ndx, syms, section, BUFSIZ, file); 2673 sym = (Sym *)(syms + symndx); 2674 2675 /* 2676 * Additional sanity check. 2677 */ 2678 shndx = sym->st_shndx; 2679 if (!((shndx == SHN_COMMON) || 2680 (((shndx >= 1) && (shndx <= shnum)) && 2681 (cache[shndx].c_shdr)->sh_type == SHT_NOBITS))) { 2682 (void) fprintf(stderr, 2683 MSG_INTL(MSG_ERR_BADSYM2), file, 2684 _cache->c_name, EC_WORD(symndx), 2685 demangle(symname, flags)); 2686 } 2687 2688 (void) snprintf(index, MAXNDXSIZE, 2689 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(symndx)); 2690 dbg_print(0, fmt, index, EC_XWORD(move->m_poffset), 2691 ELF_M_SIZE(move->m_info), move->m_repeat, 2692 move->m_stride, move->m_value, 2693 demangle(symname, flags)); 2694 } 2695 } 2696 } 2697 2698 /* 2699 * Callback function for use with conv_str_to_c_literal() below. 2700 */ 2701 /*ARGSUSED2*/ 2702 static void 2703 c_literal_cb(const void *ptr, size_t size, void *uvalue) 2704 { 2705 (void) fwrite(ptr, size, 1, stdout); 2706 } 2707 2708 /* 2709 * Traverse a note section analyzing each note information block. 2710 * The data buffers size is used to validate references before they are made, 2711 * and is decremented as each element is processed. 2712 */ 2713 void 2714 note_entry(Cache *cache, Word *data, size_t size, Ehdr *ehdr, const char *file) 2715 { 2716 size_t bsize = size; 2717 int cnt = 0; 2718 int is_corenote; 2719 int do_swap; 2720 Conv_inv_buf_t inv_buf; 2721 2722 do_swap = _elf_sys_encoding() != ehdr->e_ident[EI_DATA]; 2723 2724 /* 2725 * Print out a single `note' information block. 2726 */ 2727 while (size > 0) { 2728 size_t namesz, descsz, type, pad, noteoff; 2729 2730 noteoff = bsize - size; 2731 /* 2732 * Make sure we can at least reference the 3 initial entries 2733 * (4-byte words) of the note information block. 2734 */ 2735 if (size >= (sizeof (Word) * 3)) 2736 size -= (sizeof (Word) * 3); 2737 else { 2738 (void) fprintf(stderr, MSG_INTL(MSG_NOTE_BADDATASZ), 2739 file, cache->c_name, EC_WORD(noteoff)); 2740 return; 2741 } 2742 2743 /* 2744 * Make sure any specified name string can be referenced. 2745 */ 2746 if ((namesz = *data++) != 0) { 2747 if (size >= namesz) 2748 size -= namesz; 2749 else { 2750 (void) fprintf(stderr, 2751 MSG_INTL(MSG_NOTE_BADNMSZ), file, 2752 cache->c_name, EC_WORD(noteoff), 2753 EC_WORD(namesz)); 2754 return; 2755 } 2756 } 2757 2758 /* 2759 * Make sure any specified descriptor can be referenced. 2760 */ 2761 if ((descsz = *data++) != 0) { 2762 /* 2763 * If namesz isn't a 4-byte multiple, account for any 2764 * padding that must exist before the descriptor. 2765 */ 2766 if ((pad = (namesz & (sizeof (Word) - 1))) != 0) { 2767 pad = sizeof (Word) - pad; 2768 size -= pad; 2769 } 2770 if (size >= descsz) 2771 size -= descsz; 2772 else { 2773 (void) fprintf(stderr, 2774 MSG_INTL(MSG_NOTE_BADDESZ), file, 2775 cache->c_name, EC_WORD(noteoff), 2776 EC_WORD(namesz)); 2777 return; 2778 } 2779 } 2780 2781 type = *data++; 2782 2783 /* 2784 * Is this a Solaris core note? Such notes all have 2785 * the name "CORE". 2786 */ 2787 is_corenote = (ehdr->e_type == ET_CORE) && 2788 (namesz == (MSG_STR_CORE_SIZE + 1)) && 2789 (strncmp(MSG_ORIG(MSG_STR_CORE), (char *)data, 2790 MSG_STR_CORE_SIZE + 1) == 0); 2791 2792 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2793 dbg_print(0, MSG_INTL(MSG_FMT_NOTEENTNDX), EC_WORD(cnt)); 2794 cnt++; 2795 dbg_print(0, MSG_ORIG(MSG_NOTE_NAMESZ), EC_WORD(namesz)); 2796 dbg_print(0, MSG_ORIG(MSG_NOTE_DESCSZ), EC_WORD(descsz)); 2797 2798 if (is_corenote) 2799 dbg_print(0, MSG_ORIG(MSG_NOTE_TYPE_STR), 2800 conv_cnote_type(type, 0, &inv_buf)); 2801 else 2802 dbg_print(0, MSG_ORIG(MSG_NOTE_TYPE), EC_WORD(type)); 2803 if (namesz) { 2804 char *name = (char *)data; 2805 2806 2807 dbg_print(0, MSG_ORIG(MSG_NOTE_NAME)); 2808 /* 2809 * The name string can contain embedded 'null' 2810 * bytes and/or unprintable characters. Also, 2811 * the final NULL is documented in the ELF ABI 2812 * as being included in the namesz. So, display 2813 * the name using C literal string notation, and 2814 * include the terminating NULL in the output. 2815 * We don't show surrounding double quotes, as 2816 * that implies the termination that we are showing 2817 * explicitly. 2818 */ 2819 (void) fwrite(MSG_ORIG(MSG_STR_8SP), 2820 MSG_STR_8SP_SIZE, 1, stdout); 2821 conv_str_to_c_literal(name, namesz, c_literal_cb, NULL); 2822 name = name + ((namesz + (sizeof (Word) - 1)) & 2823 ~(sizeof (Word) - 1)); 2824 /* LINTED */ 2825 data = (Word *)name; 2826 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2827 } 2828 2829 /* 2830 * If multiple information blocks exist within a .note section 2831 * account for any padding that must exist before the next 2832 * information block. 2833 */ 2834 if ((pad = (descsz & (sizeof (Word) - 1))) != 0) { 2835 pad = sizeof (Word) - pad; 2836 if (size > pad) 2837 size -= pad; 2838 } 2839 2840 if (descsz) { 2841 int hexdump = 1; 2842 const char *desc = (const char *)data; 2843 2844 /* 2845 * If this is a core note, let the corenote() 2846 * function handle it. 2847 */ 2848 if (is_corenote) { 2849 /* We only issue the bad arch error once */ 2850 static int badnote_done = 0; 2851 corenote_ret_t corenote_ret; 2852 2853 corenote_ret = corenote(ehdr->e_machine, 2854 do_swap, type, desc, descsz); 2855 switch (corenote_ret) { 2856 case CORENOTE_R_OK: 2857 hexdump = 0; 2858 break; 2859 case CORENOTE_R_BADDATA: 2860 (void) fprintf(stderr, 2861 MSG_INTL(MSG_NOTE_BADCOREDATA), 2862 file); 2863 break; 2864 case CORENOTE_R_BADARCH: 2865 if (badnote_done) 2866 break; 2867 (void) fprintf(stderr, 2868 MSG_INTL(MSG_NOTE_BADCOREARCH), 2869 file, 2870 conv_ehdr_mach(ehdr->e_machine, 2871 0, &inv_buf)); 2872 break; 2873 } 2874 } 2875 2876 /* 2877 * The default thing when we don't understand 2878 * the note data is to display it as hex bytes. 2879 */ 2880 if (hexdump) { 2881 dbg_print(0, MSG_ORIG(MSG_NOTE_DESC)); 2882 dump_hex_bytes(desc, descsz, 8, 4, 4); 2883 } 2884 desc += descsz + pad; 2885 2886 /* LINTED */ 2887 data = (Word *)desc; 2888 } 2889 } 2890 } 2891 2892 /* 2893 * Search for and process .note sections. 2894 * 2895 * Returns the number of note sections seen. 2896 */ 2897 static Word 2898 note(Cache *cache, Word shnum, Ehdr *ehdr, const char *file) 2899 { 2900 Word cnt, note_cnt = 0; 2901 2902 /* 2903 * Otherwise look for any .note sections. 2904 */ 2905 for (cnt = 1; cnt < shnum; cnt++) { 2906 Cache *_cache = &cache[cnt]; 2907 Shdr *shdr = _cache->c_shdr; 2908 2909 if (shdr->sh_type != SHT_NOTE) 2910 continue; 2911 note_cnt++; 2912 if (!match(MATCH_F_ALL, _cache->c_name, cnt, shdr->sh_type)) 2913 continue; 2914 2915 /* 2916 * As these sections are often hand rolled, make sure they're 2917 * properly aligned before proceeding, and issue an error 2918 * as necessary. 2919 * 2920 * Note that we will continue on to display the note even 2921 * if it has bad alignment. We can do this safely, because 2922 * libelf knows the alignment required for SHT_NOTE, and 2923 * takes steps to deliver a properly aligned buffer to us 2924 * even if the actual file is misaligned. 2925 */ 2926 if (shdr->sh_offset & (sizeof (Word) - 1)) 2927 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADALIGN), 2928 file, _cache->c_name); 2929 2930 if (_cache->c_data == NULL) 2931 continue; 2932 2933 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2934 dbg_print(0, MSG_INTL(MSG_ELF_SCN_NOTE), _cache->c_name); 2935 note_entry(_cache, (Word *)_cache->c_data->d_buf, 2936 /* LINTED */ 2937 (Word)_cache->c_data->d_size, ehdr, file); 2938 } 2939 2940 return (note_cnt); 2941 } 2942 2943 /* 2944 * Determine an individual hash entry. This may be the initial hash entry, 2945 * or an associated chain entry. 2946 */ 2947 static void 2948 hash_entry(Cache *refsec, Cache *strsec, const char *hsecname, Word hashndx, 2949 Word symndx, Word symn, Sym *syms, const char *file, ulong_t bkts, 2950 uint_t flags, int chain) 2951 { 2952 Sym *sym; 2953 const char *symname, *str; 2954 char _bucket[MAXNDXSIZE], _symndx[MAXNDXSIZE]; 2955 ulong_t nbkt, nhash; 2956 2957 if (symndx > symn) { 2958 (void) fprintf(stderr, MSG_INTL(MSG_ERR_HSBADSYMNDX), file, 2959 EC_WORD(symndx), EC_WORD(hashndx)); 2960 symname = MSG_INTL(MSG_STR_UNKNOWN); 2961 } else { 2962 sym = (Sym *)(syms + symndx); 2963 symname = string(refsec, symndx, strsec, file, sym->st_name); 2964 } 2965 2966 if (chain == 0) { 2967 (void) snprintf(_bucket, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INTEGER), 2968 hashndx); 2969 str = (const char *)_bucket; 2970 } else 2971 str = MSG_ORIG(MSG_STR_EMPTY); 2972 2973 (void) snprintf(_symndx, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INDEX2), 2974 EC_WORD(symndx)); 2975 dbg_print(0, MSG_ORIG(MSG_FMT_HASH_INFO), str, _symndx, 2976 demangle(symname, flags)); 2977 2978 /* 2979 * Determine if this string is in the correct bucket. 2980 */ 2981 nhash = elf_hash(symname); 2982 nbkt = nhash % bkts; 2983 2984 if (nbkt != hashndx) { 2985 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADHASH), file, 2986 hsecname, symname, EC_WORD(hashndx), nbkt); 2987 } 2988 } 2989 2990 #define MAXCOUNT 500 2991 2992 static void 2993 hash(Cache *cache, Word shnum, const char *file, uint_t flags) 2994 { 2995 static int count[MAXCOUNT]; 2996 Word cnt; 2997 ulong_t ndx, bkts; 2998 char number[MAXNDXSIZE]; 2999 3000 for (cnt = 1; cnt < shnum; cnt++) { 3001 uint_t *hash, *chain; 3002 Cache *_cache = &cache[cnt]; 3003 Shdr *sshdr, *hshdr = _cache->c_shdr; 3004 char *ssecname, *hsecname = _cache->c_name; 3005 Sym *syms; 3006 Word symn; 3007 3008 if (hshdr->sh_type != SHT_HASH) 3009 continue; 3010 3011 /* 3012 * Determine the hash table data and size. 3013 */ 3014 if ((hshdr->sh_entsize == 0) || (hshdr->sh_size == 0)) { 3015 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3016 file, hsecname); 3017 continue; 3018 } 3019 if (_cache->c_data == NULL) 3020 continue; 3021 3022 hash = (uint_t *)_cache->c_data->d_buf; 3023 bkts = *hash; 3024 chain = hash + 2 + bkts; 3025 hash += 2; 3026 3027 /* 3028 * Get the data buffer for the associated symbol table. 3029 */ 3030 if ((hshdr->sh_link == 0) || (hshdr->sh_link >= shnum)) { 3031 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 3032 file, hsecname, EC_WORD(hshdr->sh_link)); 3033 continue; 3034 } 3035 3036 _cache = &cache[hshdr->sh_link]; 3037 ssecname = _cache->c_name; 3038 3039 if (_cache->c_data == NULL) 3040 continue; 3041 3042 if ((syms = (Sym *)_cache->c_data->d_buf) == NULL) { 3043 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3044 file, ssecname); 3045 continue; 3046 } 3047 3048 sshdr = _cache->c_shdr; 3049 /* LINTED */ 3050 symn = (Word)(sshdr->sh_size / sshdr->sh_entsize); 3051 3052 /* 3053 * Get the associated string table section. 3054 */ 3055 if ((sshdr->sh_link == 0) || (sshdr->sh_link >= shnum)) { 3056 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 3057 file, ssecname, EC_WORD(sshdr->sh_link)); 3058 continue; 3059 } 3060 3061 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3062 dbg_print(0, MSG_INTL(MSG_ELF_SCN_HASH), hsecname); 3063 dbg_print(0, MSG_INTL(MSG_ELF_HASH_INFO)); 3064 3065 /* 3066 * Loop through the hash buckets, printing the appropriate 3067 * symbols. 3068 */ 3069 for (ndx = 0; ndx < bkts; ndx++, hash++) { 3070 Word _ndx, _cnt; 3071 3072 if (*hash == 0) { 3073 count[0]++; 3074 continue; 3075 } 3076 3077 hash_entry(_cache, &cache[sshdr->sh_link], hsecname, 3078 ndx, *hash, symn, syms, file, bkts, flags, 0); 3079 3080 /* 3081 * Determine if any other symbols are chained to this 3082 * bucket. 3083 */ 3084 _ndx = chain[*hash]; 3085 _cnt = 1; 3086 while (_ndx) { 3087 hash_entry(_cache, &cache[sshdr->sh_link], 3088 hsecname, ndx, _ndx, symn, syms, file, 3089 bkts, flags, 1); 3090 _ndx = chain[_ndx]; 3091 _cnt++; 3092 } 3093 3094 if (_cnt >= MAXCOUNT) { 3095 (void) fprintf(stderr, 3096 MSG_INTL(MSG_HASH_OVERFLW), file, 3097 _cache->c_name, EC_WORD(ndx), 3098 EC_WORD(_cnt)); 3099 } else 3100 count[_cnt]++; 3101 } 3102 break; 3103 } 3104 3105 /* 3106 * Print out the count information. 3107 */ 3108 bkts = cnt = 0; 3109 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3110 3111 for (ndx = 0; ndx < MAXCOUNT; ndx++) { 3112 Word _cnt; 3113 3114 if ((_cnt = count[ndx]) == 0) 3115 continue; 3116 3117 (void) snprintf(number, MAXNDXSIZE, 3118 MSG_ORIG(MSG_FMT_INTEGER), _cnt); 3119 dbg_print(0, MSG_INTL(MSG_ELF_HASH_BKTS1), number, 3120 EC_WORD(ndx)); 3121 bkts += _cnt; 3122 cnt += (Word)(ndx * _cnt); 3123 } 3124 if (cnt) { 3125 (void) snprintf(number, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INTEGER), 3126 bkts); 3127 dbg_print(0, MSG_INTL(MSG_ELF_HASH_BKTS2), number, 3128 EC_WORD(cnt)); 3129 } 3130 } 3131 3132 static void 3133 group(Cache *cache, Word shnum, const char *file, uint_t flags) 3134 { 3135 Word scnt; 3136 3137 for (scnt = 1; scnt < shnum; scnt++) { 3138 Cache *_cache = &cache[scnt]; 3139 Shdr *shdr = _cache->c_shdr; 3140 Word *grpdata, gcnt, grpcnt, symnum, unknown; 3141 Cache *symsec, *strsec; 3142 Sym *syms, *sym; 3143 char flgstrbuf[MSG_GRP_COMDAT_SIZE + 10]; 3144 3145 if (shdr->sh_type != SHT_GROUP) 3146 continue; 3147 if (!match(MATCH_F_ALL, _cache->c_name, scnt, shdr->sh_type)) 3148 continue; 3149 if ((_cache->c_data == NULL) || 3150 ((grpdata = (Word *)_cache->c_data->d_buf) == NULL)) 3151 continue; 3152 grpcnt = shdr->sh_size / sizeof (Word); 3153 3154 /* 3155 * Get the data buffer for the associated symbol table and 3156 * string table. 3157 */ 3158 if (stringtbl(cache, 1, scnt, shnum, file, 3159 &symnum, &symsec, &strsec) == 0) 3160 return; 3161 3162 syms = symsec->c_data->d_buf; 3163 3164 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3165 dbg_print(0, MSG_INTL(MSG_ELF_SCN_GRP), _cache->c_name); 3166 dbg_print(0, MSG_INTL(MSG_GRP_TITLE)); 3167 3168 /* 3169 * The first element of the group defines the group. The 3170 * associated symbol is defined by the sh_link field. 3171 */ 3172 if ((shdr->sh_info == SHN_UNDEF) || (shdr->sh_info > symnum)) { 3173 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHINFO), 3174 file, _cache->c_name, EC_WORD(shdr->sh_info)); 3175 return; 3176 } 3177 3178 (void) strcpy(flgstrbuf, MSG_ORIG(MSG_STR_OSQBRKT)); 3179 if (grpdata[0] & GRP_COMDAT) { 3180 (void) strcat(flgstrbuf, MSG_ORIG(MSG_GRP_COMDAT)); 3181 } 3182 if ((unknown = (grpdata[0] & ~GRP_COMDAT)) != 0) { 3183 size_t len = strlen(flgstrbuf); 3184 3185 (void) snprintf(&flgstrbuf[len], 3186 (MSG_GRP_COMDAT_SIZE + 10 - len), 3187 MSG_ORIG(MSG_GRP_UNKNOWN), unknown); 3188 } 3189 (void) strcat(flgstrbuf, MSG_ORIG(MSG_STR_CSQBRKT)); 3190 sym = (Sym *)(syms + shdr->sh_info); 3191 3192 dbg_print(0, MSG_INTL(MSG_GRP_SIGNATURE), flgstrbuf, 3193 demangle(string(_cache, 0, strsec, file, sym->st_name), 3194 flags)); 3195 3196 for (gcnt = 1; gcnt < grpcnt; gcnt++) { 3197 char index[MAXNDXSIZE]; 3198 const char *name; 3199 3200 (void) snprintf(index, MAXNDXSIZE, 3201 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(gcnt)); 3202 3203 if (grpdata[gcnt] >= shnum) 3204 name = MSG_INTL(MSG_GRP_INVALSCN); 3205 else 3206 name = cache[grpdata[gcnt]].c_name; 3207 3208 (void) printf(MSG_ORIG(MSG_GRP_ENTRY), index, name, 3209 EC_XWORD(grpdata[gcnt])); 3210 } 3211 } 3212 } 3213 3214 static void 3215 got(Cache *cache, Word shnum, Ehdr *ehdr, const char *file) 3216 { 3217 Cache *gotcache = NULL, *symtab = NULL; 3218 Addr gotbgn, gotend; 3219 Shdr *gotshdr; 3220 Word cnt, gotents, gotndx; 3221 size_t gentsize; 3222 Got_info *gottable; 3223 char *gotdata; 3224 Sym *gotsym; 3225 Xword gotsymaddr; 3226 uint_t sys_encoding; 3227 3228 /* 3229 * First, find the got. 3230 */ 3231 for (cnt = 1; cnt < shnum; cnt++) { 3232 if (strncmp(cache[cnt].c_name, MSG_ORIG(MSG_ELF_GOT), 3233 MSG_ELF_GOT_SIZE) == 0) { 3234 gotcache = &cache[cnt]; 3235 break; 3236 } 3237 } 3238 if (gotcache == NULL) 3239 return; 3240 3241 /* 3242 * A got section within a relocatable object is suspicious. 3243 */ 3244 if (ehdr->e_type == ET_REL) { 3245 (void) fprintf(stderr, MSG_INTL(MSG_GOT_UNEXPECTED), file, 3246 gotcache->c_name); 3247 } 3248 3249 gotshdr = gotcache->c_shdr; 3250 if (gotshdr->sh_size == 0) { 3251 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3252 file, gotcache->c_name); 3253 return; 3254 } 3255 3256 gotbgn = gotshdr->sh_addr; 3257 gotend = gotbgn + gotshdr->sh_size; 3258 3259 /* 3260 * Some architectures don't properly set the sh_entsize for the GOT 3261 * table. If it's not set, default to a size of a pointer. 3262 */ 3263 if ((gentsize = gotshdr->sh_entsize) == 0) 3264 gentsize = sizeof (Xword); 3265 3266 if (gotcache->c_data == NULL) 3267 return; 3268 3269 /* LINTED */ 3270 gotents = (Word)(gotshdr->sh_size / gentsize); 3271 gotdata = gotcache->c_data->d_buf; 3272 3273 if ((gottable = calloc(gotents, sizeof (Got_info))) == 0) { 3274 int err = errno; 3275 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), file, 3276 strerror(err)); 3277 return; 3278 } 3279 3280 /* 3281 * Now we scan through all the sections looking for any relocations 3282 * that may be against the GOT. Since these may not be isolated to a 3283 * .rel[a].got section we check them all. 3284 * While scanning sections save the symbol table entry (a symtab 3285 * overriding a dynsym) so that we can lookup _GLOBAL_OFFSET_TABLE_. 3286 */ 3287 for (cnt = 1; cnt < shnum; cnt++) { 3288 Word type, symnum; 3289 Xword relndx, relnum, relsize; 3290 void *rels; 3291 Sym *syms; 3292 Cache *symsec, *strsec; 3293 Cache *_cache = &cache[cnt]; 3294 Shdr *shdr; 3295 3296 shdr = _cache->c_shdr; 3297 type = shdr->sh_type; 3298 3299 if ((symtab == 0) && (type == SHT_DYNSYM)) { 3300 symtab = _cache; 3301 continue; 3302 } 3303 if (type == SHT_SYMTAB) { 3304 symtab = _cache; 3305 continue; 3306 } 3307 if ((type != SHT_RELA) && (type != SHT_REL)) 3308 continue; 3309 3310 /* 3311 * Decide entry size. 3312 */ 3313 if (((relsize = shdr->sh_entsize) == 0) || 3314 (relsize > shdr->sh_size)) { 3315 if (type == SHT_RELA) 3316 relsize = sizeof (Rela); 3317 else 3318 relsize = sizeof (Rel); 3319 } 3320 3321 /* 3322 * Determine the number of relocations available. 3323 */ 3324 if (shdr->sh_size == 0) { 3325 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3326 file, _cache->c_name); 3327 continue; 3328 } 3329 if (_cache->c_data == NULL) 3330 continue; 3331 3332 rels = _cache->c_data->d_buf; 3333 relnum = shdr->sh_size / relsize; 3334 3335 /* 3336 * Get the data buffer for the associated symbol table and 3337 * string table. 3338 */ 3339 if (stringtbl(cache, 1, cnt, shnum, file, 3340 &symnum, &symsec, &strsec) == 0) 3341 continue; 3342 3343 syms = symsec->c_data->d_buf; 3344 3345 /* 3346 * Loop through the relocation entries. 3347 */ 3348 for (relndx = 0; relndx < relnum; relndx++, 3349 rels = (void *)((char *)rels + relsize)) { 3350 char section[BUFSIZ]; 3351 Addr offset; 3352 Got_info *gip; 3353 Word symndx, reltype; 3354 Rela *rela; 3355 Rel *rel; 3356 3357 /* 3358 * Unravel the relocation. 3359 */ 3360 if (type == SHT_RELA) { 3361 rela = (Rela *)rels; 3362 symndx = ELF_R_SYM(rela->r_info); 3363 reltype = ELF_R_TYPE(rela->r_info, 3364 ehdr->e_machine); 3365 offset = rela->r_offset; 3366 } else { 3367 rel = (Rel *)rels; 3368 symndx = ELF_R_SYM(rel->r_info); 3369 reltype = ELF_R_TYPE(rel->r_info, 3370 ehdr->e_machine); 3371 offset = rel->r_offset; 3372 } 3373 3374 /* 3375 * Only pay attention to relocations against the GOT. 3376 */ 3377 if ((offset < gotbgn) || (offset >= gotend)) 3378 continue; 3379 3380 /* LINTED */ 3381 gotndx = (Word)((offset - gotbgn) / 3382 gotshdr->sh_entsize); 3383 gip = &gottable[gotndx]; 3384 3385 if (gip->g_reltype != 0) { 3386 (void) fprintf(stderr, 3387 MSG_INTL(MSG_GOT_MULTIPLE), file, 3388 EC_WORD(gotndx), EC_ADDR(offset)); 3389 continue; 3390 } 3391 3392 if (symndx) 3393 gip->g_symname = relsymname(cache, _cache, 3394 strsec, symndx, symnum, relndx, syms, 3395 section, BUFSIZ, file); 3396 gip->g_reltype = reltype; 3397 gip->g_rel = rels; 3398 } 3399 } 3400 3401 if (symlookup(MSG_ORIG(MSG_SYM_GOT), cache, shnum, &gotsym, symtab, 3402 file)) 3403 gotsymaddr = gotsym->st_value; 3404 else 3405 gotsymaddr = gotbgn; 3406 3407 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3408 dbg_print(0, MSG_INTL(MSG_ELF_SCN_GOT), gotcache->c_name); 3409 Elf_got_title(0); 3410 3411 sys_encoding = _elf_sys_encoding(); 3412 for (gotndx = 0; gotndx < gotents; gotndx++) { 3413 Got_info *gip; 3414 Sword gindex; 3415 Addr gaddr; 3416 Xword gotentry; 3417 3418 gip = &gottable[gotndx]; 3419 3420 gaddr = gotbgn + (gotndx * gentsize); 3421 gindex = (Sword)(gaddr - gotsymaddr) / (Sword)gentsize; 3422 3423 if (gentsize == sizeof (Word)) 3424 /* LINTED */ 3425 gotentry = (Xword)(*((Word *)(gotdata) + gotndx)); 3426 else 3427 /* LINTED */ 3428 gotentry = *((Xword *)(gotdata) + gotndx); 3429 3430 Elf_got_entry(0, gindex, gaddr, gotentry, ehdr->e_machine, 3431 ehdr->e_ident[EI_DATA], sys_encoding, 3432 gip->g_reltype, gip->g_rel, gip->g_symname); 3433 } 3434 free(gottable); 3435 } 3436 3437 void 3438 checksum(Elf *elf) 3439 { 3440 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3441 dbg_print(0, MSG_INTL(MSG_STR_CHECKSUM), elf_checksum(elf)); 3442 } 3443 3444 /* 3445 * This variable is used by regular() to communicate the address of 3446 * the section header cache to sort_shdr_ndx_arr(). Unfortunately, 3447 * the qsort() interface does not include a userdata argument by which 3448 * such arbitrary data can be passed, so we are stuck using global data. 3449 */ 3450 static Cache *sort_shdr_ndx_arr_cache; 3451 3452 3453 /* 3454 * Used with qsort() to sort the section indices so that they can be 3455 * used to access the section headers in order of increasing data offset. 3456 * 3457 * entry: 3458 * sort_shdr_ndx_arr_cache - Contains address of 3459 * section header cache. 3460 * v1, v2 - Point at elements of sort_shdr_bits array to be compared. 3461 * 3462 * exit: 3463 * Returns -1 (less than), 0 (equal) or 1 (greater than). 3464 */ 3465 static int 3466 sort_shdr_ndx_arr(const void *v1, const void *v2) 3467 { 3468 Cache *cache1 = sort_shdr_ndx_arr_cache + *((size_t *)v1); 3469 Cache *cache2 = sort_shdr_ndx_arr_cache + *((size_t *)v2); 3470 3471 if (cache1->c_shdr->sh_offset < cache2->c_shdr->sh_offset) 3472 return (-1); 3473 3474 if (cache1->c_shdr->sh_offset > cache2->c_shdr->sh_offset) 3475 return (1); 3476 3477 return (0); 3478 } 3479 3480 3481 static int 3482 shdr_cache(const char *file, Elf *elf, Ehdr *ehdr, size_t shstrndx, 3483 size_t shnum, Cache **cache_ret, Word flags) 3484 { 3485 Elf_Scn *scn; 3486 Elf_Data *data; 3487 size_t ndx; 3488 Shdr *nameshdr; 3489 char *names = NULL; 3490 Cache *cache, *_cache; 3491 size_t *shdr_ndx_arr, shdr_ndx_arr_cnt; 3492 3493 3494 /* 3495 * Obtain the .shstrtab data buffer to provide the required section 3496 * name strings. 3497 */ 3498 if (shstrndx == SHN_UNDEF) { 3499 /* 3500 * It is rare, but legal, for an object to lack a 3501 * header string table section. 3502 */ 3503 names = NULL; 3504 (void) fprintf(stderr, MSG_INTL(MSG_ERR_NOSHSTRSEC), file); 3505 } else if ((scn = elf_getscn(elf, shstrndx)) == NULL) { 3506 failure(file, MSG_ORIG(MSG_ELF_GETSCN)); 3507 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SHDR), 3508 EC_XWORD(shstrndx)); 3509 3510 } else if ((data = elf_getdata(scn, NULL)) == NULL) { 3511 failure(file, MSG_ORIG(MSG_ELF_GETDATA)); 3512 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_DATA), 3513 EC_XWORD(shstrndx)); 3514 3515 } else if ((nameshdr = elf_getshdr(scn)) == NULL) { 3516 failure(file, MSG_ORIG(MSG_ELF_GETSHDR)); 3517 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCN), 3518 EC_WORD(elf_ndxscn(scn))); 3519 3520 } else if ((names = data->d_buf) == NULL) 3521 (void) fprintf(stderr, MSG_INTL(MSG_ERR_SHSTRNULL), file); 3522 3523 /* 3524 * Allocate a cache to maintain a descriptor for each section. 3525 */ 3526 if ((*cache_ret = cache = malloc(shnum * sizeof (Cache))) == NULL) { 3527 int err = errno; 3528 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 3529 file, strerror(err)); 3530 return (0); 3531 } 3532 3533 *cache = cache_init; 3534 _cache = cache; 3535 _cache++; 3536 3537 /* 3538 * Allocate an array that will hold the section index for 3539 * each section that has data in the ELF file: 3540 * 3541 * - Is not a NOBITS section 3542 * - Data has non-zero length 3543 * 3544 * Note that shnum is an upper bound on the size required. It 3545 * is likely that we won't use a few of these array elements. 3546 * Allocating a modest amount of extra memory in this case means 3547 * that we can avoid an extra loop to count the number of needed 3548 * items, and can fill this array immediately in the first loop 3549 * below. 3550 */ 3551 if ((shdr_ndx_arr = malloc(shnum * sizeof (*shdr_ndx_arr))) == NULL) { 3552 int err = errno; 3553 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 3554 file, strerror(err)); 3555 return (0); 3556 } 3557 shdr_ndx_arr_cnt = 0; 3558 3559 /* 3560 * Traverse the sections of the file. This gathering of data is 3561 * carried out in two passes. First, the section headers are captured 3562 * and the section header names are evaluated. A verification pass is 3563 * then carried out over the section information. Files have been 3564 * known to exhibit overlapping (and hence erroneous) section header 3565 * information. 3566 * 3567 * Finally, the data for each section is obtained. This processing is 3568 * carried out after section verification because should any section 3569 * header overlap occur, and a file needs translating (ie. xlate'ing 3570 * information from a non-native architecture file), then the process 3571 * of translation can corrupt the section header information. Of 3572 * course, if there is any section overlap, the data related to the 3573 * sections is going to be compromised. However, it is the translation 3574 * of this data that has caused problems with elfdump()'s ability to 3575 * extract the data. 3576 */ 3577 for (ndx = 1, scn = NULL; scn = elf_nextscn(elf, scn); 3578 ndx++, _cache++) { 3579 char scnndxnm[100]; 3580 3581 _cache->c_ndx = ndx; 3582 _cache->c_scn = scn; 3583 3584 if ((_cache->c_shdr = elf_getshdr(scn)) == NULL) { 3585 failure(file, MSG_ORIG(MSG_ELF_GETSHDR)); 3586 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCN), 3587 EC_WORD(elf_ndxscn(scn))); 3588 } 3589 3590 /* 3591 * If this section has data in the file, include it in 3592 * the array of sections to check for address overlap. 3593 */ 3594 if ((_cache->c_shdr->sh_size != 0) && 3595 (_cache->c_shdr->sh_type != SHT_NOBITS)) 3596 shdr_ndx_arr[shdr_ndx_arr_cnt++] = ndx; 3597 3598 /* 3599 * If a shstrtab exists, assign the section name. 3600 */ 3601 if (names && _cache->c_shdr) { 3602 if (_cache->c_shdr->sh_name && 3603 /* LINTED */ 3604 (nameshdr->sh_size > _cache->c_shdr->sh_name)) { 3605 const char *symname; 3606 char *secname; 3607 3608 secname = names + _cache->c_shdr->sh_name; 3609 3610 /* 3611 * A SUN naming convention employs a "%" within 3612 * a section name to indicate a section/symbol 3613 * name. This originated from the compilers 3614 * -xF option, that places functions into their 3615 * own sections. This convention (which has no 3616 * formal standard) has also been followed for 3617 * COMDAT sections. To demangle the symbol 3618 * name, the name must be separated from the 3619 * section name. 3620 */ 3621 if (((flags & FLG_CTL_DEMANGLE) == 0) || 3622 ((symname = strchr(secname, '%')) == NULL)) 3623 _cache->c_name = secname; 3624 else { 3625 size_t secsz = ++symname - secname; 3626 size_t strsz; 3627 3628 symname = demangle(symname, flags); 3629 strsz = secsz + strlen(symname) + 1; 3630 3631 if ((_cache->c_name = 3632 malloc(strsz)) == NULL) { 3633 int err = errno; 3634 (void) fprintf(stderr, 3635 MSG_INTL(MSG_ERR_MALLOC), 3636 file, strerror(err)); 3637 return (0); 3638 } 3639 (void) snprintf(_cache->c_name, strsz, 3640 MSG_ORIG(MSG_FMT_SECSYM), 3641 EC_WORD(secsz), secname, symname); 3642 } 3643 3644 continue; 3645 } 3646 3647 /* 3648 * Generate an error if the section name index is zero 3649 * or exceeds the shstrtab data. Fall through to 3650 * fabricate a section name. 3651 */ 3652 if ((_cache->c_shdr->sh_name == 0) || 3653 /* LINTED */ 3654 (nameshdr->sh_size <= _cache->c_shdr->sh_name)) { 3655 (void) fprintf(stderr, 3656 MSG_INTL(MSG_ERR_BADSHNAME), file, 3657 EC_WORD(ndx), 3658 EC_XWORD(_cache->c_shdr->sh_name)); 3659 } 3660 } 3661 3662 /* 3663 * If there exists no shstrtab data, or a section header has no 3664 * name (an invalid index of 0), then compose a name for the 3665 * section. 3666 */ 3667 (void) snprintf(scnndxnm, sizeof (scnndxnm), 3668 MSG_INTL(MSG_FMT_SCNNDX), ndx); 3669 3670 if ((_cache->c_name = malloc(strlen(scnndxnm) + 1)) == NULL) { 3671 int err = errno; 3672 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 3673 file, strerror(err)); 3674 return (0); 3675 } 3676 (void) strcpy(_cache->c_name, scnndxnm); 3677 } 3678 3679 /* 3680 * Having collected all the sections, validate their address range. 3681 * Cases have existed where the section information has been invalid. 3682 * This can lead to all sorts of other, hard to diagnose errors, as 3683 * each section is processed individually (ie. with elf_getdata()). 3684 * Here, we carry out some address comparisons to catch a family of 3685 * overlapping memory issues we have observed (likely, there are others 3686 * that we have yet to discover). 3687 * 3688 * Note, should any memory overlap occur, obtaining any additional 3689 * data from the file is questionable. However, it might still be 3690 * possible to inspect the ELF header, Programs headers, or individual 3691 * sections, so rather than bailing on an error condition, continue 3692 * processing to see if any data can be salvaged. 3693 */ 3694 if (shdr_ndx_arr_cnt > 1) { 3695 sort_shdr_ndx_arr_cache = cache; 3696 qsort(shdr_ndx_arr, shdr_ndx_arr_cnt, 3697 sizeof (*shdr_ndx_arr), sort_shdr_ndx_arr); 3698 } 3699 for (ndx = 0; ndx < shdr_ndx_arr_cnt; ndx++) { 3700 Cache *_cache = cache + shdr_ndx_arr[ndx]; 3701 Shdr *shdr = _cache->c_shdr; 3702 Off bgn1, bgn = shdr->sh_offset; 3703 Off end1, end = shdr->sh_offset + shdr->sh_size; 3704 size_t ndx1; 3705 3706 /* 3707 * Check the section against all following ones, reporting 3708 * any overlaps. Since we've sorted the sections by offset, 3709 * we can stop after the first comparison that fails. There 3710 * are no overlaps in a properly formed ELF file, in which 3711 * case this algorithm runs in O(n) time. This will degenerate 3712 * to O(n^2) for a completely broken file. Such a file is 3713 * (1) highly unlikely, and (2) unusable, so it is reasonable 3714 * for the analysis to take longer. 3715 */ 3716 for (ndx1 = ndx + 1; ndx1 < shdr_ndx_arr_cnt; ndx1++) { 3717 Cache *_cache1 = cache + shdr_ndx_arr[ndx1]; 3718 Shdr *shdr1 = _cache1->c_shdr; 3719 3720 bgn1 = shdr1->sh_offset; 3721 end1 = shdr1->sh_offset + shdr1->sh_size; 3722 3723 if (((bgn1 <= bgn) && (end1 > bgn)) || 3724 ((bgn1 < end) && (end1 >= end))) { 3725 (void) fprintf(stderr, 3726 MSG_INTL(MSG_ERR_SECMEMOVER), file, 3727 EC_WORD(elf_ndxscn(_cache->c_scn)), 3728 _cache->c_name, EC_OFF(bgn), EC_OFF(end), 3729 EC_WORD(elf_ndxscn(_cache1->c_scn)), 3730 _cache1->c_name, EC_OFF(bgn1), 3731 EC_OFF(end1)); 3732 } else { /* No overlap, so can stop */ 3733 break; 3734 } 3735 } 3736 3737 /* 3738 * In addition to checking for sections overlapping 3739 * each other (done above), we should also make sure 3740 * the section doesn't overlap the section header array. 3741 */ 3742 bgn1 = ehdr->e_shoff; 3743 end1 = ehdr->e_shoff + (ehdr->e_shentsize * ehdr->e_shnum); 3744 3745 if (((bgn1 <= bgn) && (end1 > bgn)) || 3746 ((bgn1 < end) && (end1 >= end))) { 3747 (void) fprintf(stderr, 3748 MSG_INTL(MSG_ERR_SHDRMEMOVER), file, EC_OFF(bgn1), 3749 EC_OFF(end1), 3750 EC_WORD(elf_ndxscn(_cache->c_scn)), 3751 _cache->c_name, EC_OFF(bgn), EC_OFF(end)); 3752 } 3753 } 3754 3755 /* 3756 * Obtain the data for each section. 3757 */ 3758 for (ndx = 1; ndx < shnum; ndx++) { 3759 Cache *_cache = &cache[ndx]; 3760 Elf_Scn *scn = _cache->c_scn; 3761 3762 if ((_cache->c_data = elf_getdata(scn, NULL)) == NULL) { 3763 failure(file, MSG_ORIG(MSG_ELF_GETDATA)); 3764 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCNDATA), 3765 EC_WORD(elf_ndxscn(scn))); 3766 } 3767 3768 /* 3769 * If a string table, verify that it has NULL first and 3770 * final bytes. 3771 */ 3772 if ((_cache->c_shdr->sh_type == SHT_STRTAB) && 3773 (_cache->c_data->d_buf != NULL) && 3774 (_cache->c_data->d_size > 0)) { 3775 const char *s = _cache->c_data->d_buf; 3776 3777 if ((*s != '\0') || 3778 (*(s + _cache->c_data->d_size - 1) != '\0')) 3779 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALSTR), 3780 file, _cache->c_name); 3781 } 3782 } 3783 3784 return (1); 3785 } 3786 3787 3788 3789 int 3790 regular(const char *file, int fd, Elf *elf, uint_t flags, 3791 const char *wname, int wfd) 3792 { 3793 Elf_Scn *scn; 3794 Ehdr *ehdr; 3795 size_t ndx, shstrndx, shnum, phnum; 3796 Shdr *shdr; 3797 Cache *cache; 3798 VERSYM_STATE versym; 3799 int ret = 0; 3800 int addr_align; 3801 3802 if ((ehdr = elf_getehdr(elf)) == NULL) { 3803 failure(file, MSG_ORIG(MSG_ELF_GETEHDR)); 3804 return (ret); 3805 } 3806 3807 if (elf_getshnum(elf, &shnum) == 0) { 3808 failure(file, MSG_ORIG(MSG_ELF_GETSHNUM)); 3809 return (ret); 3810 } 3811 3812 if (elf_getshstrndx(elf, &shstrndx) == 0) { 3813 failure(file, MSG_ORIG(MSG_ELF_GETSHSTRNDX)); 3814 return (ret); 3815 } 3816 3817 if (elf_getphnum(elf, &phnum) == 0) { 3818 failure(file, MSG_ORIG(MSG_ELF_GETPHNUM)); 3819 return (ret); 3820 } 3821 /* 3822 * If the user requested section headers derived from the 3823 * program headers (-P option) and this file doesn't have 3824 * any program headers (i.e. ET_REL), then we can't do it. 3825 */ 3826 if ((phnum == 0) && (flags & FLG_CTL_FAKESHDR)) { 3827 (void) fprintf(stderr, MSG_INTL(MSG_ERR_PNEEDSPH), file); 3828 return (ret); 3829 } 3830 3831 3832 if ((scn = elf_getscn(elf, 0)) != NULL) { 3833 if ((shdr = elf_getshdr(scn)) == NULL) { 3834 failure(file, MSG_ORIG(MSG_ELF_GETSHDR)); 3835 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCN), 0); 3836 return (ret); 3837 } 3838 } else 3839 shdr = NULL; 3840 3841 /* 3842 * Print the elf header. 3843 */ 3844 if (flags & FLG_SHOW_EHDR) 3845 Elf_ehdr(0, ehdr, shdr); 3846 3847 /* 3848 * If the section headers or program headers have inadequate 3849 * alignment for the class of object, print a warning. libelf 3850 * can handle such files, but programs that use them can crash 3851 * when they dereference unaligned items. 3852 * 3853 * Note that the AMD64 ABI, although it is a 64-bit architecture, 3854 * allows access to data types smaller than 128-bits to be on 3855 * word alignment. 3856 */ 3857 if (ehdr->e_machine == EM_AMD64) 3858 addr_align = sizeof (Word); 3859 else 3860 addr_align = sizeof (Addr); 3861 3862 if (ehdr->e_phoff & (addr_align - 1)) 3863 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADPHDRALIGN), file); 3864 if (ehdr->e_shoff & (addr_align - 1)) 3865 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHDRALIGN), file); 3866 3867 /* 3868 * Print the program headers. 3869 */ 3870 if ((flags & FLG_SHOW_PHDR) && (phnum != 0)) { 3871 Phdr *phdr; 3872 3873 if ((phdr = elf_getphdr(elf)) == NULL) { 3874 failure(file, MSG_ORIG(MSG_ELF_GETPHDR)); 3875 return (ret); 3876 } 3877 3878 for (ndx = 0; ndx < phnum; phdr++, ndx++) { 3879 if (!match(MATCH_F_PHDR| MATCH_F_NDX | MATCH_F_TYPE, 3880 NULL, ndx, phdr->p_type)) 3881 continue; 3882 3883 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3884 dbg_print(0, MSG_INTL(MSG_ELF_PHDR), EC_WORD(ndx)); 3885 Elf_phdr(0, ehdr->e_machine, phdr); 3886 } 3887 } 3888 3889 /* 3890 * If we have flag bits set that explicitly require a show or calc 3891 * operation, but none of them require the section headers, then 3892 * we are done and can return now. 3893 */ 3894 if (((flags & (FLG_MASK_SHOW | FLG_MASK_CALC)) != 0) && 3895 ((flags & (FLG_MASK_SHOW_SHDR | FLG_MASK_CALC_SHDR)) == 0)) 3896 return (ret); 3897 3898 /* 3899 * If there are no section headers, then resort to synthesizing 3900 * section headers from the program headers. This is normally 3901 * only done by explicit request, but in this case there's no 3902 * reason not to go ahead, since the alternative is simply to quit. 3903 */ 3904 if ((shnum <= 1) && ((flags & FLG_CTL_FAKESHDR) == 0)) { 3905 (void) fprintf(stderr, MSG_INTL(MSG_ERR_NOSHDR), file); 3906 flags |= FLG_CTL_FAKESHDR; 3907 } 3908 3909 /* 3910 * Generate a cache of section headers and related information 3911 * for use by the rest of elfdump. If requested (or the file 3912 * contains no section headers), we generate a fake set of 3913 * headers from the information accessible from the program headers. 3914 * Otherwise, we use the real section headers contained in the file. 3915 */ 3916 3917 if (flags & FLG_CTL_FAKESHDR) { 3918 if (fake_shdr_cache(file, fd, elf, ehdr, &cache, &shnum) == 0) 3919 return (ret); 3920 } else { 3921 if (shdr_cache(file, elf, ehdr, shstrndx, shnum, 3922 &cache, flags) == 0) 3923 return (ret); 3924 } 3925 3926 /* 3927 * Everything from this point on requires section headers. 3928 * If we have no section headers, there is no reason to continue. 3929 */ 3930 if (shnum <= 1) 3931 goto done; 3932 3933 /* 3934 * If -w was specified, find and write out the section(s) data. 3935 */ 3936 if (wfd) { 3937 for (ndx = 1; ndx < shnum; ndx++) { 3938 Cache *_cache = &cache[ndx]; 3939 3940 if (match(MATCH_F_STRICT | MATCH_F_ALL, _cache->c_name, 3941 ndx, _cache->c_shdr->sh_type) && 3942 _cache->c_data && _cache->c_data->d_buf) { 3943 if (write(wfd, _cache->c_data->d_buf, 3944 _cache->c_data->d_size) != 3945 _cache->c_data->d_size) { 3946 int err = errno; 3947 (void) fprintf(stderr, 3948 MSG_INTL(MSG_ERR_WRITE), wname, 3949 strerror(err)); 3950 /* 3951 * Return an exit status of 1, because 3952 * the failure is not related to the 3953 * ELF file, but by system resources. 3954 */ 3955 ret = 1; 3956 goto done; 3957 } 3958 } 3959 } 3960 } 3961 3962 /* 3963 * If we have no flag bits set that explicitly require a show or calc 3964 * operation, but match options (-I, -N, -T) were used, then run 3965 * through the section headers and see if we can't deduce show flags 3966 * from the match options given. 3967 * 3968 * We don't do this if -w was specified, because (-I, -N, -T) used 3969 * with -w in lieu of some other option is supposed to be quiet. 3970 */ 3971 if ((wfd == 0) && (flags & FLG_CTL_MATCH) && 3972 ((flags & (FLG_MASK_SHOW | FLG_MASK_CALC)) == 0)) { 3973 for (ndx = 1; ndx < shnum; ndx++) { 3974 Cache *_cache = &cache[ndx]; 3975 3976 if (!match(MATCH_F_STRICT | MATCH_F_ALL, _cache->c_name, 3977 ndx, _cache->c_shdr->sh_type)) 3978 continue; 3979 3980 switch (_cache->c_shdr->sh_type) { 3981 case SHT_PROGBITS: 3982 /* 3983 * Heuristic time: It is usually bad form 3984 * to assume the meaning/format of a PROGBITS 3985 * section based on its name. However, there 3986 * are exceptions: The ELF ABI specifies 3987 * .interp and .got sections by name. Existing 3988 * practice has similarly pinned down the 3989 * meaning of unwind sections (.eh_frame and 3990 * .eh_frame_hdr). 3991 * 3992 * Check for these special names. 3993 */ 3994 if (strcmp(_cache->c_name, 3995 MSG_ORIG(MSG_ELF_INTERP)) == 0) 3996 flags |= FLG_SHOW_INTERP; 3997 else if (strcmp(_cache->c_name, 3998 MSG_ORIG(MSG_ELF_GOT)) == 0) 3999 flags |= FLG_SHOW_GOT; 4000 else if (strncmp(_cache->c_name, 4001 MSG_ORIG(MSG_SCN_FRM), 4002 MSG_SCN_FRM_SIZE) == 0) 4003 flags |= FLG_SHOW_UNWIND; 4004 break; 4005 4006 case SHT_SYMTAB: 4007 case SHT_DYNSYM: 4008 case SHT_SUNW_LDYNSYM: 4009 case SHT_SUNW_versym: 4010 case SHT_SYMTAB_SHNDX: 4011 flags |= FLG_SHOW_SYMBOLS; 4012 break; 4013 4014 case SHT_RELA: 4015 case SHT_REL: 4016 flags |= FLG_SHOW_RELOC; 4017 break; 4018 4019 case SHT_HASH: 4020 flags |= FLG_SHOW_HASH; 4021 break; 4022 4023 case SHT_DYNAMIC: 4024 flags |= FLG_SHOW_DYNAMIC; 4025 break; 4026 4027 case SHT_NOTE: 4028 flags |= FLG_SHOW_NOTE; 4029 break; 4030 4031 case SHT_GROUP: 4032 flags |= FLG_SHOW_GROUP; 4033 break; 4034 4035 case SHT_SUNW_symsort: 4036 case SHT_SUNW_tlssort: 4037 flags |= FLG_SHOW_SORT; 4038 break; 4039 4040 case SHT_SUNW_cap: 4041 flags |= FLG_SHOW_CAP; 4042 break; 4043 4044 case SHT_SUNW_move: 4045 flags |= FLG_SHOW_MOVE; 4046 break; 4047 4048 case SHT_SUNW_syminfo: 4049 flags |= FLG_SHOW_SYMINFO; 4050 break; 4051 4052 case SHT_SUNW_verdef: 4053 case SHT_SUNW_verneed: 4054 flags |= FLG_SHOW_VERSIONS; 4055 break; 4056 4057 case SHT_AMD64_UNWIND: 4058 flags |= FLG_SHOW_UNWIND; 4059 break; 4060 } 4061 } 4062 } 4063 4064 4065 if (flags & FLG_SHOW_SHDR) 4066 sections(file, cache, shnum, ehdr); 4067 4068 if (flags & FLG_SHOW_INTERP) 4069 interp(file, cache, shnum, phnum, elf); 4070 4071 versions(cache, shnum, file, flags, &versym); 4072 4073 if (flags & FLG_SHOW_SYMBOLS) 4074 symbols(cache, shnum, ehdr, &versym, file, flags); 4075 4076 if (flags & FLG_SHOW_SORT) 4077 sunw_sort(cache, shnum, ehdr, &versym, file, flags); 4078 4079 if (flags & FLG_SHOW_HASH) 4080 hash(cache, shnum, file, flags); 4081 4082 if (flags & FLG_SHOW_GOT) 4083 got(cache, shnum, ehdr, file); 4084 4085 if (flags & FLG_SHOW_GROUP) 4086 group(cache, shnum, file, flags); 4087 4088 if (flags & FLG_SHOW_SYMINFO) 4089 syminfo(cache, shnum, file); 4090 4091 if (flags & FLG_SHOW_RELOC) 4092 reloc(cache, shnum, ehdr, file); 4093 4094 if (flags & FLG_SHOW_DYNAMIC) 4095 dynamic(cache, shnum, ehdr, file); 4096 4097 if (flags & FLG_SHOW_NOTE) { 4098 Word note_cnt; 4099 size_t note_shnum; 4100 Cache *note_cache; 4101 4102 note_cnt = note(cache, shnum, ehdr, file); 4103 4104 /* 4105 * Solaris core files have section headers, but these 4106 * headers do not include SHT_NOTE sections that reference 4107 * the core note sections. This means that note() won't 4108 * find the core notes. Fake section headers (-P option) 4109 * recover these sections, but it is inconvenient to require 4110 * users to specify -P in this situation. If the following 4111 * are all true: 4112 * 4113 * - No note sections were found 4114 * - This is a core file 4115 * - We are not already using fake section headers 4116 * 4117 * then we will automatically generate fake section headers 4118 * and then process them in a second call to note(). 4119 */ 4120 if ((note_cnt == 0) && (ehdr->e_type == ET_CORE) && 4121 !(flags & FLG_CTL_FAKESHDR) && 4122 (fake_shdr_cache(file, fd, elf, ehdr, 4123 ¬e_cache, ¬e_shnum) != 0)) { 4124 (void) note(note_cache, note_shnum, ehdr, file); 4125 fake_shdr_cache_free(note_cache, note_shnum); 4126 } 4127 } 4128 4129 if (flags & FLG_SHOW_MOVE) 4130 move(cache, shnum, file, flags); 4131 4132 if (flags & FLG_CALC_CHECKSUM) 4133 checksum(elf); 4134 4135 if (flags & FLG_SHOW_CAP) 4136 cap(file, cache, shnum, phnum, ehdr, elf); 4137 4138 if (flags & FLG_SHOW_UNWIND) 4139 unwind(cache, shnum, phnum, ehdr, file, elf, flags); 4140 4141 4142 /* Release the memory used to cache section headers */ 4143 done: 4144 if (flags & FLG_CTL_FAKESHDR) 4145 fake_shdr_cache_free(cache, shnum); 4146 else 4147 free(cache); 4148 4149 return (ret); 4150 } 4151