1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 /* 28 * Dump an elf file. 29 */ 30 #include <stddef.h> 31 #include <sys/elf_386.h> 32 #include <sys/elf_amd64.h> 33 #include <sys/elf_SPARC.h> 34 #include <_libelf.h> 35 #include <dwarf.h> 36 #include <stdio.h> 37 #include <unistd.h> 38 #include <errno.h> 39 #include <strings.h> 40 #include <debug.h> 41 #include <conv.h> 42 #include <msg.h> 43 #include <_elfdump.h> 44 45 46 /* 47 * VERSYM_STATE is used to maintain information about the VERSYM section 48 * in the object being analyzed. It is filled in by versions(), and used 49 * by init_symtbl_state() when displaying symbol information. 50 * 51 * There are three forms of symbol versioning known to us: 52 * 53 * 1) The original form, introduced with Solaris 2.5, in which 54 * the Versym contains indexes to Verdef records, and the 55 * Versym values for UNDEF symbols resolved by other objects 56 * are all set to 0. 57 * 2) The GNU form, which is backward compatible with the original 58 * Solaris form, but which adds several extensions: 59 * - The Versym also contains indexes to Verneed records, recording 60 * which object/version contributed the external symbol at 61 * link time. These indexes start with the next value following 62 * the final Verdef index. The index is written to the previously 63 * reserved vna_other field of the ELF Vernaux structure. 64 * - The top bit of the Versym value is no longer part of the index, 65 * but is used as a "hidden bit" to prevent binding to the symbol. 66 * - Multiple implementations of a given symbol, contained in varying 67 * versions are allowed, using special assembler pseudo ops, 68 * and encoded in the symbol name using '@' characters. 69 * 3) Modified Solaris form, in which we adopt the first GNU extension 70 * (Versym indexes to Verneed records), but not the others. 71 * 72 * elfdump can handle any of these cases. The presence of a DT_VERSYM 73 * dynamic element indicates a full GNU object. An object that lacks 74 * a DT_VERSYM entry, but which has non-zero vna_other fields in the Vernaux 75 * structures is a modified Solaris object. An object that has neither of 76 * these uses the original form. 77 * 78 * max_verndx contains the largest version index that can appear 79 * in a Versym entry. This can never be less than 1: In the case where 80 * there is no verdef/verneed sections, the [0] index is reserved 81 * for local symbols, and the [1] index for globals. If the original 82 * Solaris versioning rules are in effect and there is a verdef section, 83 * then max_verndex is the number of defined versions. If one of the 84 * other versioning forms is in effect, then: 85 * 1) If there is no verneed section, it is the same as for 86 * original Solaris versioning. 87 * 2) If there is a verneed section, the vna_other field of the 88 * Vernaux structs contain versions, and max_verndx is the 89 * largest such index. 90 * 91 * If gnu_full is True, the object uses the full GNU form of versioning. 92 * The value of the gnu_full field is based on the presence of 93 * a DT_VERSYM entry in the dynamic section: GNU ld produces these, and 94 * Solaris ld does not. 95 * 96 * The gnu_needed field is True if the Versym contains indexes to 97 * Verneed records, as indicated by non-zero vna_other fields in the Verneed 98 * section. If gnu_full is True, then gnu_needed will always be true. 99 * However, gnu_needed can be true without gnu_full. This is the modified 100 * Solaris form. 101 */ 102 typedef struct { 103 Cache *cache; /* Pointer to cache entry for VERSYM */ 104 Versym *data; /* Pointer to versym array */ 105 int gnu_full; /* True if object uses GNU versioning rules */ 106 int gnu_needed; /* True if object uses VERSYM indexes for */ 107 /* VERNEED (subset of gnu_full) */ 108 int max_verndx; /* largest versym index value */ 109 } VERSYM_STATE; 110 111 /* 112 * SYMTBL_STATE is used to maintain information about a single symbol 113 * table section, for use by the routines that display symbol information. 114 */ 115 typedef struct { 116 const char *file; /* Name of file */ 117 Ehdr *ehdr; /* ELF header for file */ 118 Cache *cache; /* Cache of all section headers */ 119 uchar_t osabi; /* OSABI to use */ 120 Word shnum; /* # of sections in cache */ 121 Cache *seccache; /* Cache of symbol table section hdr */ 122 Word secndx; /* Index of symbol table section hdr */ 123 const char *secname; /* Name of section */ 124 uint_t flags; /* Command line option flags */ 125 struct { /* Extended section index data */ 126 int checked; /* TRUE if already checked for shxndx */ 127 Word *data; /* NULL, or extended section index */ 128 /* used for symbol table entries */ 129 uint_t n; /* # items in shxndx.data */ 130 } shxndx; 131 VERSYM_STATE *versym; /* NULL, or associated VERSYM section */ 132 Sym *sym; /* Array of symbols */ 133 Word symn; /* # of symbols */ 134 } SYMTBL_STATE; 135 136 /* 137 * A variable of this type is used to track information related to 138 * .eh_frame and .eh_frame_hdr sections across calls to unwind_eh_frame(). 139 */ 140 typedef struct { 141 Word frame_cnt; /* # .eh_frame sections seen */ 142 Word frame_ndx; /* Section index of 1st .eh_frame */ 143 Word hdr_cnt; /* # .eh_frame_hdr sections seen */ 144 Word hdr_ndx; /* Section index of 1st .eh_frame_hdr */ 145 uint64_t frame_ptr; /* Value of FramePtr field from first */ 146 /* .eh_frame_hdr section */ 147 uint64_t frame_base; /* Data addr of 1st .eh_frame */ 148 } gnu_eh_state_t; 149 150 /* 151 * C++ .exception_ranges entries make use of the signed ptrdiff_t 152 * type to record self-relative pointer values. We need a type 153 * for this that is matched to the ELFCLASS being processed. 154 */ 155 #if defined(_ELF64) 156 typedef int64_t PTRDIFF_T; 157 #else 158 typedef int32_t PTRDIFF_T; 159 #endif 160 161 /* 162 * The Sun C++ ABI uses this struct to define each .exception_ranges 163 * entry. From the ABI: 164 * 165 * The field ret_addr is a self relative pointer to the start of the address 166 * range. The name was chosen because in the current implementation the range 167 * typically starts at the return address for a call site. 168 * 169 * The field length is the difference, in bytes, between the pc of the last 170 * instruction covered by the exception range and the first. When only a 171 * single call site is represented without optimization, this will equal zero. 172 * 173 * The field handler_addr is a relative pointer which stores the difference 174 * between the start of the exception range and the address of all code to 175 * catch exceptions and perform the cleanup for stack unwinding. 176 * 177 * The field type_block is a relative pointer which stores the difference 178 * between the start of the exception range and the address of an array used 179 * for storing a list of the types of exceptions which can be caught within 180 * the exception range. 181 */ 182 typedef struct { 183 PTRDIFF_T ret_addr; 184 Xword length; 185 PTRDIFF_T handler_addr; 186 PTRDIFF_T type_block; 187 Xword reserved; 188 } exception_range_entry; 189 190 /* 191 * Focal point for verifying symbol names. 192 */ 193 static const char * 194 string(Cache *refsec, Word ndx, Cache *strsec, const char *file, Word name) 195 { 196 /* 197 * If an error in this routine is due to a property of the string 198 * section, as opposed to a bad offset into the section (a property of 199 * the referencing section), then we will detect the same error on 200 * every call involving those sections. We use these static variables 201 * to retain the information needed to only issue each such error once. 202 */ 203 static Cache *last_refsec; /* Last referencing section seen */ 204 static int strsec_err; /* True if error issued */ 205 206 const char *strs; 207 Word strn; 208 209 if (strsec->c_data == NULL) 210 return (NULL); 211 212 strs = (char *)strsec->c_data->d_buf; 213 strn = strsec->c_data->d_size; 214 215 /* 216 * We only print a diagnostic regarding a bad string table once per 217 * input section being processed. If the refsec has changed, reset 218 * our retained error state. 219 */ 220 if (last_refsec != refsec) { 221 last_refsec = refsec; 222 strsec_err = 0; 223 } 224 225 /* Verify that strsec really is a string table */ 226 if (strsec->c_shdr->sh_type != SHT_STRTAB) { 227 if (!strsec_err) { 228 (void) fprintf(stderr, MSG_INTL(MSG_ERR_NOTSTRTAB), 229 file, strsec->c_ndx, refsec->c_ndx); 230 strsec_err = 1; 231 } 232 return (MSG_INTL(MSG_STR_UNKNOWN)); 233 } 234 235 /* 236 * Is the string table offset within range of the available strings? 237 */ 238 if (name >= strn) { 239 /* 240 * Do we have a empty string table? 241 */ 242 if (strs == NULL) { 243 if (!strsec_err) { 244 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 245 file, strsec->c_name); 246 strsec_err = 1; 247 } 248 } else { 249 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSTOFF), 250 file, refsec->c_name, EC_WORD(ndx), strsec->c_name, 251 EC_WORD(name), EC_WORD(strn - 1)); 252 } 253 254 /* 255 * Return the empty string so that the calling function can 256 * continue it's output diagnostics. 257 */ 258 return (MSG_INTL(MSG_STR_UNKNOWN)); 259 } 260 return (strs + name); 261 } 262 263 /* 264 * Relocations can reference section symbols and standard symbols. If the 265 * former, establish the section name. 266 */ 267 static const char * 268 relsymname(Cache *cache, Cache *csec, Cache *strsec, Word symndx, Word symnum, 269 Word relndx, Sym *syms, char *secstr, size_t secsz, const char *file) 270 { 271 Sym *sym; 272 const char *name; 273 274 if (symndx >= symnum) { 275 (void) fprintf(stderr, MSG_INTL(MSG_ERR_RELBADSYMNDX), 276 file, EC_WORD(symndx), EC_WORD(relndx)); 277 return (MSG_INTL(MSG_STR_UNKNOWN)); 278 } 279 280 sym = (Sym *)(syms + symndx); 281 name = string(csec, symndx, strsec, file, sym->st_name); 282 283 /* 284 * If the symbol represents a section offset construct an appropriate 285 * string. Note, although section symbol table entries typically have 286 * a NULL name pointer, entries do exist that point into the string 287 * table to their own NULL strings. 288 */ 289 if ((ELF_ST_TYPE(sym->st_info) == STT_SECTION) && 290 ((sym->st_name == 0) || (*name == '\0'))) { 291 (void) snprintf(secstr, secsz, MSG_INTL(MSG_STR_SECTION), 292 cache[sym->st_shndx].c_name); 293 return ((const char *)secstr); 294 } 295 296 return (name); 297 } 298 299 /* 300 * Focal point for establishing a string table section. Data such as the 301 * dynamic information simply points to a string table. Data such as 302 * relocations, reference a symbol table, which in turn is associated with a 303 * string table. 304 */ 305 static int 306 stringtbl(Cache *cache, int symtab, Word ndx, Word shnum, const char *file, 307 Word *symnum, Cache **symsec, Cache **strsec) 308 { 309 Shdr *shdr = cache[ndx].c_shdr; 310 311 if (symtab) { 312 /* 313 * Validate the symbol table section. 314 */ 315 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 316 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 317 file, cache[ndx].c_name, EC_WORD(shdr->sh_link)); 318 return (0); 319 } 320 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 321 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 322 file, cache[ndx].c_name); 323 return (0); 324 } 325 326 /* 327 * Obtain, and verify the symbol table data. 328 */ 329 if ((cache[ndx].c_data == NULL) || 330 (cache[ndx].c_data->d_buf == NULL)) { 331 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 332 file, cache[ndx].c_name); 333 return (0); 334 } 335 336 /* 337 * Establish the string table index. 338 */ 339 ndx = shdr->sh_link; 340 shdr = cache[ndx].c_shdr; 341 342 /* 343 * Return symbol table information. 344 */ 345 if (symnum) 346 *symnum = (shdr->sh_size / shdr->sh_entsize); 347 if (symsec) 348 *symsec = &cache[ndx]; 349 } 350 351 /* 352 * Validate the associated string table section. 353 */ 354 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 355 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 356 file, cache[ndx].c_name, EC_WORD(shdr->sh_link)); 357 return (0); 358 } 359 360 if (strsec) 361 *strsec = &cache[shdr->sh_link]; 362 363 return (1); 364 } 365 366 /* 367 * Lookup a symbol and set Sym accordingly. 368 * 369 * entry: 370 * name - Name of symbol to lookup 371 * cache - Cache of all section headers 372 * shnum - # of sections in cache 373 * sym - Address of pointer to receive symbol 374 * target - NULL, or section to which the symbol must be associated. 375 * symtab - Symbol table to search for symbol 376 * file - Name of file 377 * 378 * exit: 379 * If the symbol is found, *sym is set to reference it, and True is 380 * returned. If target is non-NULL, the symbol must reference the given 381 * section --- otherwise the section is not checked. 382 * 383 * If no symbol is found, False is returned. 384 */ 385 static int 386 symlookup(const char *name, Cache *cache, Word shnum, Sym **sym, 387 Cache *target, Cache *symtab, const char *file) 388 { 389 Shdr *shdr; 390 Word symn, cnt; 391 Sym *syms; 392 393 if (symtab == 0) 394 return (0); 395 396 shdr = symtab->c_shdr; 397 398 /* 399 * Determine the symbol data and number. 400 */ 401 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 402 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 403 file, symtab->c_name); 404 return (0); 405 } 406 if (symtab->c_data == NULL) 407 return (0); 408 409 /* LINTED */ 410 symn = (Word)(shdr->sh_size / shdr->sh_entsize); 411 syms = (Sym *)symtab->c_data->d_buf; 412 413 /* 414 * Get the associated string table section. 415 */ 416 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 417 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 418 file, symtab->c_name, EC_WORD(shdr->sh_link)); 419 return (0); 420 } 421 422 /* 423 * Loop through the symbol table to find a match. 424 */ 425 *sym = NULL; 426 for (cnt = 0; cnt < symn; syms++, cnt++) { 427 const char *symname; 428 429 symname = string(symtab, cnt, &cache[shdr->sh_link], file, 430 syms->st_name); 431 432 if (symname && (strcmp(name, symname) == 0) && 433 ((target == NULL) || (target->c_ndx == syms->st_shndx))) { 434 /* 435 * It is possible, though rare, for a local and 436 * global symbol of the same name to exist, each 437 * contributed by a different input object. If the 438 * symbol just found is local, remember it, but 439 * continue looking. 440 */ 441 *sym = syms; 442 if (ELF_ST_BIND(syms->st_info) != STB_LOCAL) 443 break; 444 } 445 } 446 447 return (*sym != NULL); 448 } 449 450 /* 451 * Print section headers. 452 */ 453 static void 454 sections(const char *file, Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi) 455 { 456 size_t seccnt; 457 458 for (seccnt = 1; seccnt < shnum; seccnt++) { 459 Cache *_cache = &cache[seccnt]; 460 Shdr *shdr = _cache->c_shdr; 461 const char *secname = _cache->c_name; 462 463 /* 464 * Although numerous section header entries can be zero, it's 465 * usually a sign of trouble if the type is zero. 466 */ 467 if (shdr->sh_type == 0) { 468 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHTYPE), 469 file, secname, EC_WORD(shdr->sh_type)); 470 } 471 472 if (!match(MATCH_F_ALL, secname, seccnt, shdr->sh_type)) 473 continue; 474 475 /* 476 * Identify any sections that are suspicious. A .got section 477 * shouldn't exist in a relocatable object. 478 */ 479 if (ehdr->e_type == ET_REL) { 480 if (strncmp(secname, MSG_ORIG(MSG_ELF_GOT), 481 MSG_ELF_GOT_SIZE) == 0) { 482 (void) fprintf(stderr, 483 MSG_INTL(MSG_GOT_UNEXPECTED), file, 484 secname); 485 } 486 } 487 488 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 489 dbg_print(0, MSG_INTL(MSG_ELF_SHDR), EC_WORD(seccnt), secname); 490 Elf_shdr(0, osabi, ehdr->e_machine, shdr); 491 } 492 } 493 494 /* 495 * Obtain a specified Phdr entry. 496 */ 497 static Phdr * 498 getphdr(Word phnum, Word *type_arr, Word type_cnt, const char *file, Elf *elf) 499 { 500 Word cnt, tcnt; 501 Phdr *phdr; 502 503 if ((phdr = elf_getphdr(elf)) == NULL) { 504 failure(file, MSG_ORIG(MSG_ELF_GETPHDR)); 505 return (NULL); 506 } 507 508 for (cnt = 0; cnt < phnum; phdr++, cnt++) { 509 for (tcnt = 0; tcnt < type_cnt; tcnt++) { 510 if (phdr->p_type == type_arr[tcnt]) 511 return (phdr); 512 } 513 } 514 return (NULL); 515 } 516 517 /* 518 * Display the contents of GNU/amd64 .eh_frame and .eh_frame_hdr 519 * sections. 520 * 521 * entry: 522 * cache - Cache of all section headers 523 * shndx - Index of .eh_frame or .eh_frame_hdr section to be displayed 524 * shnum - Total number of sections which exist 525 * uphdr - NULL, or unwind program header associated with 526 * the .eh_frame_hdr section. 527 * ehdr - ELF header for file 528 * eh_state - Data used across calls to this routine. The 529 * caller should zero it before the first call, and 530 * pass it on every call. 531 * osabi - OSABI to use in displaying information 532 * file - Name of file 533 * flags - Command line option flags 534 */ 535 static void 536 unwind_eh_frame(Cache *cache, Word shndx, Word shnum, Phdr *uphdr, Ehdr *ehdr, 537 gnu_eh_state_t *eh_state, uchar_t osabi, const char *file, uint_t flags) 538 { 539 #if defined(_ELF64) 540 #define MSG_UNW_BINSRTAB2 MSG_UNW_BINSRTAB2_64 541 #define MSG_UNW_BINSRTABENT MSG_UNW_BINSRTABENT_64 542 #else 543 #define MSG_UNW_BINSRTAB2 MSG_UNW_BINSRTAB2_32 544 #define MSG_UNW_BINSRTABENT MSG_UNW_BINSRTABENT_32 545 #endif 546 547 Cache *_cache = &cache[shndx]; 548 Shdr *shdr = _cache->c_shdr; 549 uchar_t *data = (uchar_t *)(_cache->c_data->d_buf); 550 size_t datasize = _cache->c_data->d_size; 551 Conv_dwarf_ehe_buf_t dwarf_ehe_buf; 552 uint64_t ndx, frame_ptr, fde_cnt, tabndx; 553 uint_t vers, frame_ptr_enc, fde_cnt_enc, table_enc; 554 uint64_t initloc, initloc0; 555 uint64_t gotaddr = 0; 556 int cnt; 557 558 for (cnt = 1; cnt < shnum; cnt++) { 559 if (strncmp(cache[cnt].c_name, MSG_ORIG(MSG_ELF_GOT), 560 MSG_ELF_GOT_SIZE) == 0) { 561 gotaddr = cache[cnt].c_shdr->sh_addr; 562 break; 563 } 564 } 565 566 /* 567 * Is this a .eh_frame_hdr? 568 */ 569 if ((uphdr && (shdr->sh_addr == uphdr->p_vaddr)) || 570 (strncmp(_cache->c_name, MSG_ORIG(MSG_SCN_FRMHDR), 571 MSG_SCN_FRMHDR_SIZE) == 0)) { 572 /* 573 * There can only be a single .eh_frame_hdr. 574 * Flag duplicates. 575 */ 576 if (++eh_state->hdr_cnt > 1) 577 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MULTEHFRMHDR), 578 file, EC_WORD(shndx), _cache->c_name); 579 580 dbg_print(0, MSG_ORIG(MSG_UNW_FRMHDR)); 581 ndx = 0; 582 583 vers = data[ndx++]; 584 frame_ptr_enc = data[ndx++]; 585 fde_cnt_enc = data[ndx++]; 586 table_enc = data[ndx++]; 587 588 dbg_print(0, MSG_ORIG(MSG_UNW_FRMVERS), vers); 589 590 frame_ptr = dwarf_ehe_extract(data, &ndx, frame_ptr_enc, 591 ehdr->e_ident, B_TRUE, shdr->sh_addr, ndx, gotaddr); 592 if (eh_state->hdr_cnt == 1) { 593 eh_state->hdr_ndx = shndx; 594 eh_state->frame_ptr = frame_ptr; 595 } 596 597 dbg_print(0, MSG_ORIG(MSG_UNW_FRPTRENC), 598 conv_dwarf_ehe(frame_ptr_enc, &dwarf_ehe_buf), 599 EC_XWORD(frame_ptr)); 600 601 fde_cnt = dwarf_ehe_extract(data, &ndx, fde_cnt_enc, 602 ehdr->e_ident, B_TRUE, shdr->sh_addr, ndx, gotaddr); 603 604 dbg_print(0, MSG_ORIG(MSG_UNW_FDCNENC), 605 conv_dwarf_ehe(fde_cnt_enc, &dwarf_ehe_buf), 606 EC_XWORD(fde_cnt)); 607 dbg_print(0, MSG_ORIG(MSG_UNW_TABENC), 608 conv_dwarf_ehe(table_enc, &dwarf_ehe_buf)); 609 dbg_print(0, MSG_ORIG(MSG_UNW_BINSRTAB1)); 610 dbg_print(0, MSG_ORIG(MSG_UNW_BINSRTAB2)); 611 612 for (tabndx = 0; tabndx < fde_cnt; tabndx++) { 613 initloc = dwarf_ehe_extract(data, &ndx, table_enc, 614 ehdr->e_ident, B_TRUE, shdr->sh_addr, ndx, gotaddr); 615 /*LINTED:E_VAR_USED_BEFORE_SET*/ 616 if ((tabndx != 0) && (initloc0 > initloc)) 617 (void) fprintf(stderr, 618 MSG_INTL(MSG_ERR_BADSORT), file, 619 _cache->c_name, EC_WORD(tabndx)); 620 dbg_print(0, MSG_ORIG(MSG_UNW_BINSRTABENT), 621 EC_XWORD(initloc), 622 EC_XWORD(dwarf_ehe_extract(data, &ndx, 623 table_enc, ehdr->e_ident, B_TRUE, shdr->sh_addr, 624 ndx, gotaddr))); 625 initloc0 = initloc; 626 } 627 } else { /* Display the .eh_frame section */ 628 eh_state->frame_cnt++; 629 if (eh_state->frame_cnt == 1) { 630 eh_state->frame_ndx = shndx; 631 eh_state->frame_base = shdr->sh_addr; 632 } else if ((eh_state->frame_cnt > 1) && 633 (ehdr->e_type != ET_REL)) { 634 Conv_inv_buf_t inv_buf; 635 636 (void) fprintf(stderr, MSG_INTL(MSG_WARN_MULTEHFRM), 637 file, EC_WORD(shndx), _cache->c_name, 638 conv_ehdr_type(osabi, ehdr->e_type, 0, &inv_buf)); 639 } 640 dump_eh_frame(data, datasize, shdr->sh_addr, 641 ehdr->e_machine, ehdr->e_ident, gotaddr); 642 } 643 644 /* 645 * If we've seen the .eh_frame_hdr and the first .eh_frame section, 646 * compare the header frame_ptr to the address of the actual frame 647 * section to ensure the link-editor got this right. Note, this 648 * diagnostic is only produced when unwind information is explicitly 649 * asked for, as shared objects built with an older ld(1) may reveal 650 * this inconsistency. Although an inconsistency, it doesn't seem to 651 * have any adverse effect on existing tools. 652 */ 653 if (((flags & FLG_MASK_SHOW) != FLG_MASK_SHOW) && 654 (eh_state->hdr_cnt > 0) && (eh_state->frame_cnt > 0) && 655 (eh_state->frame_ptr != eh_state->frame_base)) 656 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADEHFRMPTR), 657 file, EC_WORD(eh_state->hdr_ndx), 658 cache[eh_state->hdr_ndx].c_name, 659 EC_XWORD(eh_state->frame_ptr), 660 EC_WORD(eh_state->frame_ndx), 661 cache[eh_state->frame_ndx].c_name, 662 EC_XWORD(eh_state->frame_base)); 663 #undef MSG_UNW_BINSRTAB2 664 #undef MSG_UNW_BINSRTABENT 665 } 666 667 /* 668 * Convert a self relative pointer into an address. A self relative 669 * pointer adds the address where the pointer resides to the offset 670 * contained in the pointer. The benefit is that the value of the 671 * pointer does not require relocation. 672 * 673 * entry: 674 * base_addr - Address of the pointer. 675 * delta - Offset relative to base_addr giving desired address 676 * 677 * exit: 678 * The computed address is returned. 679 * 680 * note: 681 * base_addr is an unsigned value, while ret_addr is signed. This routine 682 * used explicit testing and casting to explicitly control type 683 * conversion, and ensure that we handle the maximum possible range. 684 */ 685 static Addr 686 srelptr(Addr base_addr, PTRDIFF_T delta) 687 { 688 if (delta < 0) 689 return (base_addr - (Addr) (-delta)); 690 691 return (base_addr + (Addr) delta); 692 } 693 694 /* 695 * Byte swap a PTRDIFF_T value. 696 */ 697 static PTRDIFF_T 698 swap_ptrdiff(PTRDIFF_T value) 699 { 700 PTRDIFF_T r; 701 uchar_t *dst = (uchar_t *)&r; 702 uchar_t *src = (uchar_t *)&value; 703 704 UL_ASSIGN_BSWAP_XWORD(dst, src); 705 return (r); 706 } 707 708 /* 709 * Display exception_range_entry items from the .exception_ranges section 710 * of a Sun C++ object. 711 */ 712 static void 713 unwind_exception_ranges(Cache *_cache, const char *file, int do_swap) 714 { 715 /* 716 * Translate a PTRDIFF_T self-relative address field of 717 * an exception_range_entry struct into an address. 718 * 719 * entry: 720 * exc_addr - Address of base of exception_range_entry struct 721 * cur_ent - Pointer to data in the struct to be translated 722 * 723 * _f - Field of struct to be translated 724 */ 725 #define SRELPTR(_f) \ 726 srelptr(exc_addr + offsetof(exception_range_entry, _f), cur_ent->_f) 727 728 #if defined(_ELF64) 729 #define MSG_EXR_TITLE MSG_EXR_TITLE_64 730 #define MSG_EXR_ENTRY MSG_EXR_ENTRY_64 731 #else 732 #define MSG_EXR_TITLE MSG_EXR_TITLE_32 733 #define MSG_EXR_ENTRY MSG_EXR_ENTRY_32 734 #endif 735 736 exception_range_entry scratch, *ent, *cur_ent = &scratch; 737 char index[MAXNDXSIZE]; 738 Word i, nelts; 739 Addr addr, addr0, offset = 0; 740 Addr exc_addr = _cache->c_shdr->sh_addr; 741 742 dbg_print(0, MSG_INTL(MSG_EXR_TITLE)); 743 ent = (exception_range_entry *)(_cache->c_data->d_buf); 744 nelts = _cache->c_data->d_size / sizeof (exception_range_entry); 745 746 for (i = 0; i < nelts; i++, ent++) { 747 if (do_swap) { 748 /* 749 * Copy byte swapped values into the scratch buffer. 750 * The reserved field is not used, so we skip it. 751 */ 752 scratch.ret_addr = swap_ptrdiff(ent->ret_addr); 753 scratch.length = BSWAP_XWORD(ent->length); 754 scratch.handler_addr = swap_ptrdiff(ent->handler_addr); 755 scratch.type_block = swap_ptrdiff(ent->type_block); 756 } else { 757 cur_ent = ent; 758 } 759 760 /* 761 * The table is required to be sorted by the address 762 * derived from ret_addr, to allow binary searching. Ensure 763 * that addresses grow monotonically. 764 */ 765 addr = SRELPTR(ret_addr); 766 /*LINTED:E_VAR_USED_BEFORE_SET*/ 767 if ((i != 0) && (addr0 > addr)) 768 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSORT), 769 file, _cache->c_name, EC_WORD(i)); 770 771 (void) snprintf(index, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INDEX), 772 EC_XWORD(i)); 773 dbg_print(0, MSG_INTL(MSG_EXR_ENTRY), index, EC_ADDR(offset), 774 EC_ADDR(addr), EC_ADDR(cur_ent->length), 775 EC_ADDR(SRELPTR(handler_addr)), 776 EC_ADDR(SRELPTR(type_block))); 777 778 addr0 = addr; 779 exc_addr += sizeof (exception_range_entry); 780 offset += sizeof (exception_range_entry); 781 } 782 783 #undef SRELPTR 784 #undef MSG_EXR_TITLE 785 #undef MSG_EXR_ENTRY 786 } 787 788 /* 789 * Display information from unwind/exception sections: 790 * 791 * - GNU/amd64 .eh_frame and .eh_frame_hdr 792 * - Sun C++ .exception_ranges 793 * 794 */ 795 static void 796 unwind(Cache *cache, Word shnum, Word phnum, Ehdr *ehdr, uchar_t osabi, 797 const char *file, Elf *elf, uint_t flags) 798 { 799 static Word phdr_types[] = { PT_SUNW_UNWIND, PT_SUNW_EH_FRAME }; 800 801 Word cnt; 802 Phdr *uphdr = NULL; 803 gnu_eh_state_t eh_state; 804 805 /* 806 * Historical background: .eh_frame and .eh_frame_hdr sections 807 * come from the GNU compilers (particularly C++), and are used 808 * under all architectures. Their format is based on DWARF. When 809 * the amd64 ABI was defined, these sections were adopted wholesale 810 * from the existing practice. 811 * 812 * When amd64 support was added to Solaris, support for these 813 * sections was added, using the SHT_AMD64_UNWIND section type 814 * to identify them. At first, we ignored them in objects for 815 * non-amd64 targets, but later broadened our support to include 816 * other architectures in order to better support gcc-generated 817 * objects. 818 * 819 * .exception_ranges implement the same basic concepts, but 820 * were invented at Sun for the Sun C++ compiler. 821 * 822 * We match these sections by name, rather than section type, 823 * because they can come in as either SHT_AMD64_UNWIND, or as 824 * SHT_PROGBITS, and because the type isn't enough to determine 825 * how they should be interpreted. 826 */ 827 /* Find the program header for .eh_frame_hdr if present */ 828 if (phnum) 829 uphdr = getphdr(phnum, phdr_types, 830 sizeof (phdr_types) / sizeof (*phdr_types), file, elf); 831 832 /* 833 * eh_state is used to retain data used by unwind_eh_frame() 834 * across calls. 835 */ 836 bzero(&eh_state, sizeof (eh_state)); 837 838 for (cnt = 1; cnt < shnum; cnt++) { 839 Cache *_cache = &cache[cnt]; 840 Shdr *shdr = _cache->c_shdr; 841 int is_exrange; 842 843 /* 844 * Skip sections of the wrong type. On amd64, they 845 * can be SHT_AMD64_UNWIND. On all platforms, they 846 * can be SHT_PROGBITS (including amd64, if using 847 * the GNU compilers). 848 * 849 * Skip anything other than these two types. The name 850 * test below will thin out the SHT_PROGBITS that don't apply. 851 */ 852 if ((shdr->sh_type != SHT_PROGBITS) && 853 (shdr->sh_type != SHT_AMD64_UNWIND)) 854 continue; 855 856 /* 857 * Only sections with certain well known names are of interest. 858 * These are: 859 * 860 * .eh_frame - amd64/GNU-compiler unwind sections 861 * .eh_frame_hdr - Sorted table referencing .eh_frame 862 * .exception_ranges - Sun C++ unwind sections 863 * 864 * We do a prefix comparison, allowing for naming conventions 865 * like .eh_frame.foo, hence the use of strncmp() rather than 866 * strcmp(). This means that we only really need to test for 867 * .eh_frame, as it's a prefix of .eh_frame_hdr. 868 */ 869 is_exrange = strncmp(_cache->c_name, 870 MSG_ORIG(MSG_SCN_EXRANGE), MSG_SCN_EXRANGE_SIZE) == 0; 871 if ((strncmp(_cache->c_name, MSG_ORIG(MSG_SCN_FRM), 872 MSG_SCN_FRM_SIZE) != 0) && !is_exrange) 873 continue; 874 875 if (!match(MATCH_F_ALL, _cache->c_name, cnt, shdr->sh_type)) 876 continue; 877 878 if (_cache->c_data == NULL) 879 continue; 880 881 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 882 dbg_print(0, MSG_INTL(MSG_ELF_SCN_UNWIND), _cache->c_name); 883 884 if (is_exrange) 885 unwind_exception_ranges(_cache, file, 886 _elf_sys_encoding() != ehdr->e_ident[EI_DATA]); 887 else 888 unwind_eh_frame(cache, cnt, shnum, uphdr, ehdr, 889 &eh_state, osabi, file, flags); 890 } 891 } 892 893 /* 894 * Initialize a symbol table state structure 895 * 896 * entry: 897 * state - State structure to be initialized 898 * cache - Cache of all section headers 899 * shnum - # of sections in cache 900 * secndx - Index of symbol table section 901 * ehdr - ELF header for file 902 * versym - Information about versym section 903 * file - Name of file 904 * flags - Command line option flags 905 */ 906 static int 907 init_symtbl_state(SYMTBL_STATE *state, Cache *cache, Word shnum, Word secndx, 908 Ehdr *ehdr, uchar_t osabi, VERSYM_STATE *versym, const char *file, 909 uint_t flags) 910 { 911 Shdr *shdr; 912 913 state->file = file; 914 state->ehdr = ehdr; 915 state->cache = cache; 916 state->osabi = osabi; 917 state->shnum = shnum; 918 state->seccache = &cache[secndx]; 919 state->secndx = secndx; 920 state->secname = state->seccache->c_name; 921 state->flags = flags; 922 state->shxndx.checked = 0; 923 state->shxndx.data = NULL; 924 state->shxndx.n = 0; 925 926 shdr = state->seccache->c_shdr; 927 928 /* 929 * Check the symbol data and per-item size. 930 */ 931 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 932 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 933 file, state->secname); 934 return (0); 935 } 936 if (state->seccache->c_data == NULL) 937 return (0); 938 939 /* LINTED */ 940 state->symn = (Word)(shdr->sh_size / shdr->sh_entsize); 941 state->sym = (Sym *)state->seccache->c_data->d_buf; 942 943 /* 944 * Check associated string table section. 945 */ 946 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 947 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 948 file, state->secname, EC_WORD(shdr->sh_link)); 949 return (0); 950 } 951 952 /* 953 * Determine if there is a associated Versym section 954 * with this Symbol Table. 955 */ 956 if (versym && versym->cache && 957 (versym->cache->c_shdr->sh_link == state->secndx)) 958 state->versym = versym; 959 else 960 state->versym = NULL; 961 962 963 return (1); 964 } 965 966 /* 967 * Determine the extended section index used for symbol tables entries. 968 */ 969 static void 970 symbols_getxindex(SYMTBL_STATE *state) 971 { 972 uint_t symn; 973 Word symcnt; 974 975 state->shxndx.checked = 1; /* Note that we've been called */ 976 for (symcnt = 1; symcnt < state->shnum; symcnt++) { 977 Cache *_cache = &state->cache[symcnt]; 978 Shdr *shdr = _cache->c_shdr; 979 980 if ((shdr->sh_type != SHT_SYMTAB_SHNDX) || 981 (shdr->sh_link != state->secndx)) 982 continue; 983 984 if ((shdr->sh_entsize) && 985 /* LINTED */ 986 ((symn = (uint_t)(shdr->sh_size / shdr->sh_entsize)) == 0)) 987 continue; 988 989 if (_cache->c_data == NULL) 990 continue; 991 992 state->shxndx.data = _cache->c_data->d_buf; 993 state->shxndx.n = symn; 994 return; 995 } 996 } 997 998 /* 999 * Produce a line of output for the given symbol 1000 * 1001 * entry: 1002 * state - Symbol table state 1003 * symndx - Index of symbol within the table 1004 * info - Value of st_info (indicates local/global range) 1005 * symndx_disp - Index to display. This may not be the same 1006 * as symndx if the display is relative to the logical 1007 * combination of the SUNW_ldynsym/dynsym tables. 1008 * sym - Symbol to display 1009 */ 1010 static void 1011 output_symbol(SYMTBL_STATE *state, Word symndx, Word info, Word disp_symndx, 1012 Sym *sym) 1013 { 1014 /* 1015 * Symbol types for which we check that the specified 1016 * address/size land inside the target section. 1017 */ 1018 static const int addr_symtype[] = { 1019 0, /* STT_NOTYPE */ 1020 1, /* STT_OBJECT */ 1021 1, /* STT_FUNC */ 1022 0, /* STT_SECTION */ 1023 0, /* STT_FILE */ 1024 1, /* STT_COMMON */ 1025 0, /* STT_TLS */ 1026 0, /* 7 */ 1027 0, /* 8 */ 1028 0, /* 9 */ 1029 0, /* 10 */ 1030 0, /* 11 */ 1031 0, /* 12 */ 1032 0, /* STT_SPARC_REGISTER */ 1033 0, /* 14 */ 1034 0, /* 15 */ 1035 }; 1036 #if STT_NUM != (STT_TLS + 1) 1037 #error "STT_NUM has grown. Update addr_symtype[]" 1038 #endif 1039 1040 char index[MAXNDXSIZE]; 1041 const char *symname, *sec; 1042 Versym verndx; 1043 int gnuver; 1044 uchar_t type; 1045 Shdr *tshdr; 1046 Word shndx; 1047 Conv_inv_buf_t inv_buf; 1048 1049 /* Ensure symbol index is in range */ 1050 if (symndx >= state->symn) { 1051 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSYMNDX), 1052 state->file, state->secname, EC_WORD(symndx)); 1053 return; 1054 } 1055 1056 /* 1057 * If we are using extended symbol indexes, find the 1058 * corresponding SHN_SYMTAB_SHNDX table. 1059 */ 1060 if ((sym->st_shndx == SHN_XINDEX) && (state->shxndx.checked == 0)) 1061 symbols_getxindex(state); 1062 1063 /* LINTED */ 1064 symname = string(state->seccache, symndx, 1065 &state->cache[state->seccache->c_shdr->sh_link], state->file, 1066 sym->st_name); 1067 1068 tshdr = NULL; 1069 sec = NULL; 1070 1071 if (state->ehdr->e_type == ET_CORE) { 1072 sec = (char *)MSG_INTL(MSG_STR_UNKNOWN); 1073 } else if (state->flags & FLG_CTL_FAKESHDR) { 1074 /* 1075 * If we are using fake section headers derived from 1076 * the program headers, then the section indexes 1077 * in the symbols do not correspond to these headers. 1078 * The section names are not available, so all we can 1079 * do is to display them in numeric form. 1080 */ 1081 sec = conv_sym_shndx(state->osabi, state->ehdr->e_machine, 1082 sym->st_shndx, CONV_FMT_DECIMAL, &inv_buf); 1083 } else if ((sym->st_shndx < SHN_LORESERVE) && 1084 (sym->st_shndx < state->shnum)) { 1085 shndx = sym->st_shndx; 1086 tshdr = state->cache[shndx].c_shdr; 1087 sec = state->cache[shndx].c_name; 1088 } else if (sym->st_shndx == SHN_XINDEX) { 1089 if (state->shxndx.data) { 1090 Word _shxndx; 1091 1092 if (symndx > state->shxndx.n) { 1093 (void) fprintf(stderr, 1094 MSG_INTL(MSG_ERR_BADSYMXINDEX1), 1095 state->file, state->secname, 1096 EC_WORD(symndx)); 1097 } else if ((_shxndx = 1098 state->shxndx.data[symndx]) > state->shnum) { 1099 (void) fprintf(stderr, 1100 MSG_INTL(MSG_ERR_BADSYMXINDEX2), 1101 state->file, state->secname, 1102 EC_WORD(symndx), EC_WORD(_shxndx)); 1103 } else { 1104 shndx = _shxndx; 1105 tshdr = state->cache[shndx].c_shdr; 1106 sec = state->cache[shndx].c_name; 1107 } 1108 } else { 1109 (void) fprintf(stderr, 1110 MSG_INTL(MSG_ERR_BADSYMXINDEX3), 1111 state->file, state->secname, EC_WORD(symndx)); 1112 } 1113 } else if ((sym->st_shndx < SHN_LORESERVE) && 1114 (sym->st_shndx >= state->shnum)) { 1115 (void) fprintf(stderr, 1116 MSG_INTL(MSG_ERR_BADSYM5), state->file, 1117 state->secname, EC_WORD(symndx), 1118 demangle(symname, state->flags), sym->st_shndx); 1119 } 1120 1121 /* 1122 * If versioning is available display the 1123 * version index. If not, then use 0. 1124 */ 1125 if (state->versym) { 1126 Versym test_verndx; 1127 1128 verndx = test_verndx = state->versym->data[symndx]; 1129 gnuver = state->versym->gnu_full; 1130 1131 /* 1132 * Check to see if this is a defined symbol with a 1133 * version index that is outside the valid range for 1134 * the file. The interpretation of this depends on 1135 * the style of versioning used by the object. 1136 * 1137 * Versions >= VER_NDX_LORESERVE have special meanings, 1138 * and are exempt from this checking. 1139 * 1140 * GNU style version indexes use the top bit of the 1141 * 16-bit index value (0x8000) as the "hidden bit". 1142 * We must mask off this bit in order to compare 1143 * the version against the maximum value. 1144 */ 1145 if (gnuver) 1146 test_verndx &= ~0x8000; 1147 1148 if ((test_verndx > state->versym->max_verndx) && 1149 (verndx < VER_NDX_LORESERVE)) 1150 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADVER), 1151 state->file, state->secname, EC_WORD(symndx), 1152 EC_HALF(test_verndx), state->versym->max_verndx); 1153 } else { 1154 verndx = 0; 1155 gnuver = 0; 1156 } 1157 1158 /* 1159 * Error checking for TLS. 1160 */ 1161 type = ELF_ST_TYPE(sym->st_info); 1162 if (type == STT_TLS) { 1163 if (tshdr && 1164 (sym->st_shndx != SHN_UNDEF) && 1165 ((tshdr->sh_flags & SHF_TLS) == 0)) { 1166 (void) fprintf(stderr, 1167 MSG_INTL(MSG_ERR_BADSYM3), state->file, 1168 state->secname, EC_WORD(symndx), 1169 demangle(symname, state->flags)); 1170 } 1171 } else if ((type != STT_SECTION) && sym->st_size && 1172 tshdr && (tshdr->sh_flags & SHF_TLS)) { 1173 (void) fprintf(stderr, 1174 MSG_INTL(MSG_ERR_BADSYM4), state->file, 1175 state->secname, EC_WORD(symndx), 1176 demangle(symname, state->flags)); 1177 } 1178 1179 /* 1180 * If a symbol with non-zero size has a type that 1181 * specifies an address, then make sure the location 1182 * it references is actually contained within the 1183 * section. UNDEF symbols don't count in this case, 1184 * so we ignore them. 1185 * 1186 * The meaning of the st_value field in a symbol 1187 * depends on the type of object. For a relocatable 1188 * object, it is the offset within the section. 1189 * For sharable objects, it is the offset relative to 1190 * the base of the object, and for other types, it is 1191 * the virtual address. To get an offset within the 1192 * section for non-ET_REL files, we subtract the 1193 * base address of the section. 1194 */ 1195 if (addr_symtype[type] && (sym->st_size > 0) && 1196 (sym->st_shndx != SHN_UNDEF) && ((sym->st_shndx < SHN_LORESERVE) || 1197 (sym->st_shndx == SHN_XINDEX)) && (tshdr != NULL)) { 1198 Word v = sym->st_value; 1199 if (state->ehdr->e_type != ET_REL) 1200 v -= tshdr->sh_addr; 1201 if (((v + sym->st_size) > tshdr->sh_size)) { 1202 (void) fprintf(stderr, 1203 MSG_INTL(MSG_ERR_BADSYM6), state->file, 1204 state->secname, EC_WORD(symndx), 1205 demangle(symname, state->flags), 1206 EC_WORD(shndx), EC_XWORD(tshdr->sh_size), 1207 EC_XWORD(sym->st_value), EC_XWORD(sym->st_size)); 1208 } 1209 } 1210 1211 /* 1212 * A typical symbol table uses the sh_info field to indicate one greater 1213 * than the symbol table index of the last local symbol, STB_LOCAL. 1214 * Therefore, symbol indexes less than sh_info should have local 1215 * binding. Symbol indexes greater than, or equal to sh_info, should 1216 * have global binding. Note, we exclude UNDEF/NOTY symbols with zero 1217 * value and size, as these symbols may be the result of an mcs(1) 1218 * section deletion. 1219 */ 1220 if (info) { 1221 uchar_t bind = ELF_ST_BIND(sym->st_info); 1222 1223 if ((symndx < info) && (bind != STB_LOCAL)) { 1224 (void) fprintf(stderr, 1225 MSG_INTL(MSG_ERR_BADSYM7), state->file, 1226 state->secname, EC_WORD(symndx), 1227 demangle(symname, state->flags), EC_XWORD(info)); 1228 1229 } else if ((symndx >= info) && (bind == STB_LOCAL) && 1230 ((sym->st_shndx != SHN_UNDEF) || 1231 (ELF_ST_TYPE(sym->st_info) != STT_NOTYPE) || 1232 (sym->st_size != 0) || (sym->st_value != 0))) { 1233 (void) fprintf(stderr, 1234 MSG_INTL(MSG_ERR_BADSYM8), state->file, 1235 state->secname, EC_WORD(symndx), 1236 demangle(symname, state->flags), EC_XWORD(info)); 1237 } 1238 } 1239 1240 (void) snprintf(index, MAXNDXSIZE, 1241 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(disp_symndx)); 1242 Elf_syms_table_entry(0, ELF_DBG_ELFDUMP, index, state->osabi, 1243 state->ehdr->e_machine, sym, verndx, gnuver, sec, symname); 1244 } 1245 1246 /* 1247 * Process a SHT_SUNW_cap capabilities section. 1248 */ 1249 static int 1250 cap_section(const char *file, Cache *cache, Word shnum, Cache *ccache, 1251 uchar_t osabi, Ehdr *ehdr, uint_t flags) 1252 { 1253 SYMTBL_STATE state; 1254 Word cnum, capnum, nulls, symcaps; 1255 int descapndx, objcap, title; 1256 Cap *cap = (Cap *)ccache->c_data->d_buf; 1257 Shdr *cishdr, *cshdr = ccache->c_shdr; 1258 Cache *cicache, *strcache; 1259 Capinfo *capinfo = NULL; 1260 Word capinfonum; 1261 const char *strs = NULL; 1262 size_t strs_size; 1263 1264 if ((cshdr->sh_entsize == 0) || (cshdr->sh_size == 0)) { 1265 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 1266 file, ccache->c_name); 1267 return (0); 1268 } 1269 1270 /* 1271 * If this capabilities section is associated with symbols, then the 1272 * sh_link field points to the associated capabilities information 1273 * section. The sh_link field of the capabilities information section 1274 * points to the associated symbol table. 1275 */ 1276 if (cshdr->sh_link) { 1277 Cache *scache; 1278 Shdr *sshdr; 1279 1280 /* 1281 * Validate that the sh_link field points to a capabilities 1282 * information section. 1283 */ 1284 if (cshdr->sh_link >= shnum) { 1285 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1286 file, ccache->c_name, EC_WORD(cshdr->sh_link)); 1287 return (0); 1288 } 1289 1290 cicache = &cache[cshdr->sh_link]; 1291 cishdr = cicache->c_shdr; 1292 1293 if (cishdr->sh_type != SHT_SUNW_capinfo) { 1294 (void) fprintf(stderr, MSG_INTL(MSG_ERR_INVCAP), 1295 file, ccache->c_name, EC_WORD(cshdr->sh_link)); 1296 return (0); 1297 } 1298 1299 capinfo = cicache->c_data->d_buf; 1300 capinfonum = (Word)(cishdr->sh_size / cishdr->sh_entsize); 1301 1302 /* 1303 * Validate that the sh_link field of the capabilities 1304 * information section points to a valid symbol table. 1305 */ 1306 if ((cishdr->sh_link == 0) || (cishdr->sh_link >= shnum)) { 1307 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1308 file, cicache->c_name, EC_WORD(cishdr->sh_link)); 1309 return (0); 1310 } 1311 scache = &cache[cishdr->sh_link]; 1312 sshdr = scache->c_shdr; 1313 1314 if ((sshdr->sh_type != SHT_SYMTAB) && 1315 (sshdr->sh_type != SHT_DYNSYM)) { 1316 (void) fprintf(stderr, MSG_INTL(MSG_ERR_INVCAPINFO1), 1317 file, cicache->c_name, EC_WORD(cishdr->sh_link)); 1318 return (0); 1319 } 1320 1321 if (!init_symtbl_state(&state, cache, shnum, 1322 cishdr->sh_link, ehdr, osabi, NULL, file, flags)) 1323 return (0); 1324 } 1325 1326 /* 1327 * If this capabilities section contains capability string entries, 1328 * then determine the associated string table. Capabilities entries 1329 * that define names require that the capability section indicate 1330 * which string table to use via sh_info. 1331 */ 1332 if (cshdr->sh_info) { 1333 Shdr *strshdr; 1334 1335 /* 1336 * Validate that the sh_info field points to a string table. 1337 */ 1338 if (cshdr->sh_info >= shnum) { 1339 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1340 file, ccache->c_name, EC_WORD(cshdr->sh_info)); 1341 return (0); 1342 } 1343 1344 strcache = &cache[cshdr->sh_info]; 1345 strshdr = strcache->c_shdr; 1346 1347 if (strshdr->sh_type != SHT_STRTAB) { 1348 (void) fprintf(stderr, MSG_INTL(MSG_ERR_INVCAP), 1349 file, ccache->c_name, EC_WORD(cshdr->sh_info)); 1350 return (0); 1351 } 1352 strs = (const char *)strcache->c_data->d_buf; 1353 strs_size = strcache->c_data->d_size; 1354 } 1355 1356 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1357 dbg_print(0, MSG_INTL(MSG_ELF_SCN_CAP), ccache->c_name); 1358 1359 capnum = (Word)(cshdr->sh_size / cshdr->sh_entsize); 1360 1361 nulls = symcaps = 0; 1362 objcap = title = 1; 1363 descapndx = -1; 1364 1365 /* 1366 * Traverse the capabilities section printing each capability group. 1367 * The first capabilities group defines any object capabilities. Any 1368 * following groups define symbol capabilities. In the case where no 1369 * object capabilities exist, but symbol capabilities do, a single 1370 * CA_SUNW_NULL terminator for the object capabilities exists. 1371 */ 1372 for (cnum = 0; cnum < capnum; cap++, cnum++) { 1373 if (cap->c_tag == CA_SUNW_NULL) { 1374 /* 1375 * A CA_SUNW_NULL tag terminates a capabilities group. 1376 * If the first capabilities tag is CA_SUNW_NULL, then 1377 * no object capabilities exist. 1378 */ 1379 if ((nulls++ == 0) && (cnum == 0)) 1380 objcap = 0; 1381 title = 1; 1382 } else { 1383 if (title) { 1384 if (nulls == 0) { 1385 /* 1386 * If this capabilities group represents 1387 * the object capabilities (i.e., no 1388 * CA_SUNW_NULL tag has been processed 1389 * yet), then display an object 1390 * capabilities title. 1391 */ 1392 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1393 dbg_print(0, 1394 MSG_INTL(MSG_OBJ_CAP_TITLE)); 1395 } else { 1396 /* 1397 * If this is a symbols capabilities 1398 * group (i.e., a CA_SUNW_NULL tag has 1399 * already be found that terminates 1400 * the object capabilities group), then 1401 * display a symbol capabilities title, 1402 * and retain this capabilities index 1403 * for later processing. 1404 */ 1405 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1406 dbg_print(0, 1407 MSG_INTL(MSG_SYM_CAP_TITLE)); 1408 descapndx = cnum; 1409 } 1410 Elf_cap_title(0); 1411 title = 0; 1412 } 1413 1414 /* 1415 * Print the capabilities data. 1416 * 1417 * Note that CA_SUNW_PLAT, CA_SUNW_MACH and CA_SUNW_ID 1418 * entries require a string table, which should have 1419 * already been established. 1420 */ 1421 if ((strs == NULL) && ((cap->c_tag == CA_SUNW_PLAT) || 1422 (cap->c_tag == CA_SUNW_MACH) || 1423 (cap->c_tag == CA_SUNW_ID))) { 1424 (void) fprintf(stderr, 1425 MSG_INTL(MSG_WARN_INVCAP4), file, 1426 EC_WORD(elf_ndxscn(ccache->c_scn)), 1427 ccache->c_name, EC_WORD(cshdr->sh_info)); 1428 } 1429 Elf_cap_entry(0, cap, cnum, strs, strs_size, 1430 ehdr->e_machine); 1431 } 1432 1433 /* 1434 * If this CA_SUNW_NULL tag terminates a symbol capabilities 1435 * group, determine the associated symbols. 1436 */ 1437 if ((cap->c_tag == CA_SUNW_NULL) && (nulls > 1) && 1438 (descapndx != -1)) { 1439 Capinfo *cip; 1440 Word inum; 1441 1442 symcaps++; 1443 1444 /* 1445 * Make sure we've discovered a SHT_SUNW_capinfo table. 1446 */ 1447 if ((cip = capinfo) == NULL) { 1448 (void) fprintf(stderr, 1449 MSG_INTL(MSG_ERR_INVCAP), file, 1450 ccache->c_name, EC_WORD(cshdr->sh_link)); 1451 return (0); 1452 } 1453 1454 /* 1455 * Determine what symbols reference this capabilities 1456 * group. 1457 */ 1458 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1459 dbg_print(0, MSG_INTL(MSG_CAPINFO_ENTRIES)); 1460 Elf_syms_table_title(0, ELF_DBG_ELFDUMP); 1461 1462 for (inum = 1, cip++; inum < capinfonum; 1463 inum++, cip++) { 1464 Word gndx = (Word)ELF_C_GROUP(*cip); 1465 1466 if (gndx && (gndx == descapndx)) { 1467 output_symbol(&state, inum, 0, 1468 inum, state.sym + inum); 1469 } 1470 } 1471 descapndx = -1; 1472 continue; 1473 } 1474 1475 /* 1476 * An SF1_SUNW_ADDR32 software capability tag in a 32-bit 1477 * object is suspicious as it has no effect. 1478 */ 1479 if ((cap->c_tag == CA_SUNW_SF_1) && 1480 (ehdr->e_ident[EI_CLASS] == ELFCLASS32) && 1481 (cap->c_un.c_val & SF1_SUNW_ADDR32)) { 1482 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INADDR32SF1), 1483 file, ccache->c_name); 1484 } 1485 } 1486 1487 /* 1488 * If this is a dynamic object, with symbol capabilities, then a 1489 * .SUNW_capchain section should exist. This section contains a chain 1490 * of symbol indexes for each capabilities family. This is the list 1491 * that is searched by ld.so.1 to determine the best capabilities 1492 * candidate. 1493 * 1494 * Note, more than one capabilities lead symbol can point to the same 1495 * family chain. For example, a weak/global pair of symbols can both 1496 * represent the same family of capabilities symbols. Therefore, to 1497 * display all possible families we traverse the capabilities 1498 * information section looking for CAPINFO_SUNW_GLOB lead symbols. 1499 * From these we determine the associated capabilities chain to inspect. 1500 */ 1501 if (symcaps && 1502 ((ehdr->e_type == ET_EXEC) || (ehdr->e_type == ET_DYN))) { 1503 Capinfo *cip; 1504 Capchain *chain; 1505 Cache *chcache; 1506 Shdr *chshdr; 1507 Word chainnum, inum; 1508 1509 /* 1510 * Validate that the sh_info field of the capabilities 1511 * information section points to a capabilities chain section. 1512 */ 1513 if (cishdr->sh_info >= shnum) { 1514 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1515 file, cicache->c_name, EC_WORD(cishdr->sh_info)); 1516 return (0); 1517 } 1518 1519 chcache = &cache[cishdr->sh_info]; 1520 chshdr = chcache->c_shdr; 1521 1522 if (chshdr->sh_type != SHT_SUNW_capchain) { 1523 (void) fprintf(stderr, MSG_INTL(MSG_ERR_INVCAPINFO2), 1524 file, cicache->c_name, EC_WORD(cishdr->sh_info)); 1525 return (0); 1526 } 1527 1528 chainnum = (Word)(chshdr->sh_size / chshdr->sh_entsize); 1529 chain = (Capchain *)chcache->c_data->d_buf; 1530 1531 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1532 dbg_print(0, MSG_INTL(MSG_ELF_SCN_CAPCHAIN), chcache->c_name); 1533 1534 /* 1535 * Traverse the capabilities information section looking for 1536 * CAPINFO_SUNW_GLOB lead capabilities symbols. 1537 */ 1538 cip = capinfo; 1539 for (inum = 1, cip++; inum < capinfonum; inum++, cip++) { 1540 const char *name; 1541 Sym *sym; 1542 Word sndx, cndx; 1543 Word gndx = (Word)ELF_C_GROUP(*cip); 1544 1545 if ((gndx == 0) || (gndx != CAPINFO_SUNW_GLOB)) 1546 continue; 1547 1548 /* 1549 * Determine the symbol that is associated with this 1550 * capability information entry, and use this to 1551 * identify this capability family. 1552 */ 1553 sym = (Sym *)(state.sym + inum); 1554 name = string(cicache, inum, strcache, file, 1555 sym->st_name); 1556 1557 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1558 dbg_print(0, MSG_INTL(MSG_CAPCHAIN_TITLE), name); 1559 dbg_print(0, MSG_INTL(MSG_CAPCHAIN_ENTRY)); 1560 1561 cndx = (Word)ELF_C_SYM(*cip); 1562 1563 /* 1564 * Traverse this families chain and identify each 1565 * family member. 1566 */ 1567 for (;;) { 1568 char _chain[MAXNDXSIZE], _symndx[MAXNDXSIZE]; 1569 1570 if (cndx >= chainnum) { 1571 (void) fprintf(stderr, 1572 MSG_INTL(MSG_ERR_INVCAPINFO3), file, 1573 cicache->c_name, EC_WORD(inum), 1574 EC_WORD(cndx)); 1575 break; 1576 } 1577 if ((sndx = chain[cndx]) == 0) 1578 break; 1579 1580 /* 1581 * Determine this entries symbol reference. 1582 */ 1583 if (sndx > state.symn) { 1584 (void) fprintf(stderr, 1585 MSG_INTL(MSG_ERR_CHBADSYMNDX), file, 1586 EC_WORD(sndx), chcache->c_name, 1587 EC_WORD(cndx)); 1588 name = MSG_INTL(MSG_STR_UNKNOWN); 1589 } else { 1590 sym = (Sym *)(state.sym + sndx); 1591 name = string(chcache, sndx, 1592 strcache, file, sym->st_name); 1593 } 1594 1595 /* 1596 * Display the family member. 1597 */ 1598 (void) snprintf(_chain, MAXNDXSIZE, 1599 MSG_ORIG(MSG_FMT_INTEGER), cndx); 1600 (void) snprintf(_symndx, MAXNDXSIZE, 1601 MSG_ORIG(MSG_FMT_INDEX2), EC_WORD(sndx)); 1602 dbg_print(0, MSG_ORIG(MSG_FMT_CHAIN_INFO), 1603 _chain, _symndx, demangle(name, flags)); 1604 1605 cndx++; 1606 } 1607 } 1608 } 1609 return (objcap); 1610 } 1611 1612 /* 1613 * Print the capabilities. 1614 * 1615 * A .SUNW_cap section can contain one or more, CA_SUNW_NULL terminated, 1616 * capabilities groups. The first group defines the object capabilities. 1617 * This group defines the minimum capability requirements of the entire 1618 * object file. If this is a dynamic object, this group should be associated 1619 * with a PT_SUNWCAP program header. 1620 * 1621 * Additional capabilities groups define the association of individual symbols 1622 * to specific capabilities. 1623 */ 1624 static void 1625 cap(const char *file, Cache *cache, Word shnum, Word phnum, Ehdr *ehdr, 1626 uchar_t osabi, Elf *elf, uint_t flags) 1627 { 1628 Word cnt; 1629 Shdr *cshdr = NULL; 1630 Cache *ccache; 1631 Off cphdr_off = 0; 1632 Xword cphdr_sz; 1633 1634 /* 1635 * Determine if a global capabilities header exists. 1636 */ 1637 if (phnum) { 1638 Phdr *phdr; 1639 1640 if ((phdr = elf_getphdr(elf)) == NULL) { 1641 failure(file, MSG_ORIG(MSG_ELF_GETPHDR)); 1642 return; 1643 } 1644 1645 for (cnt = 0; cnt < phnum; phdr++, cnt++) { 1646 if (phdr->p_type == PT_SUNWCAP) { 1647 cphdr_off = phdr->p_offset; 1648 cphdr_sz = phdr->p_filesz; 1649 break; 1650 } 1651 } 1652 } 1653 1654 /* 1655 * Determine if a capabilities section exists. 1656 */ 1657 for (cnt = 1; cnt < shnum; cnt++) { 1658 Cache *_cache = &cache[cnt]; 1659 Shdr *shdr = _cache->c_shdr; 1660 1661 /* 1662 * Process any capabilities information. 1663 */ 1664 if (shdr->sh_type == SHT_SUNW_cap) { 1665 if (cap_section(file, cache, shnum, _cache, osabi, 1666 ehdr, flags)) { 1667 /* 1668 * If this section defined an object capability 1669 * group, retain the section information for 1670 * program header validation. 1671 */ 1672 ccache = _cache; 1673 cshdr = shdr; 1674 } 1675 continue; 1676 } 1677 } 1678 1679 if ((cshdr == NULL) && (cphdr_off == 0)) 1680 return; 1681 1682 if (cphdr_off && (cshdr == NULL)) 1683 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVCAP1), file); 1684 1685 /* 1686 * If this object is an executable or shared object, and it provided 1687 * an object capabilities group, then the group should have an 1688 * accompanying PT_SUNWCAP program header. 1689 */ 1690 if (cshdr && ((ehdr->e_type == ET_EXEC) || (ehdr->e_type == ET_DYN))) { 1691 if (cphdr_off == 0) { 1692 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVCAP2), 1693 file, EC_WORD(elf_ndxscn(ccache->c_scn)), 1694 ccache->c_name); 1695 } else if ((cphdr_off != cshdr->sh_offset) || 1696 (cphdr_sz != cshdr->sh_size)) { 1697 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVCAP3), 1698 file, EC_WORD(elf_ndxscn(ccache->c_scn)), 1699 ccache->c_name); 1700 } 1701 } 1702 } 1703 1704 /* 1705 * Print the interpretor. 1706 */ 1707 static void 1708 interp(const char *file, Cache *cache, Word shnum, Word phnum, Elf *elf) 1709 { 1710 static Word phdr_types[] = { PT_INTERP }; 1711 1712 1713 Word cnt; 1714 Shdr *ishdr = NULL; 1715 Cache *icache; 1716 Off iphdr_off = 0; 1717 Xword iphdr_fsz; 1718 1719 /* 1720 * Determine if an interp header exists. 1721 */ 1722 if (phnum) { 1723 Phdr *phdr; 1724 1725 phdr = getphdr(phnum, phdr_types, 1726 sizeof (phdr_types) / sizeof (*phdr_types), file, elf); 1727 if (phdr != NULL) { 1728 iphdr_off = phdr->p_offset; 1729 iphdr_fsz = phdr->p_filesz; 1730 } 1731 } 1732 1733 if (iphdr_off == 0) 1734 return; 1735 1736 /* 1737 * Determine if an interp section exists. 1738 */ 1739 for (cnt = 1; cnt < shnum; cnt++) { 1740 Cache *_cache = &cache[cnt]; 1741 Shdr *shdr = _cache->c_shdr; 1742 1743 /* 1744 * Scan sections to find a section which contains the PT_INTERP 1745 * string. The target section can't be in a NOBITS section. 1746 */ 1747 if ((shdr->sh_type == SHT_NOBITS) || 1748 (iphdr_off < shdr->sh_offset) || 1749 (iphdr_off + iphdr_fsz) > (shdr->sh_offset + shdr->sh_size)) 1750 continue; 1751 1752 icache = _cache; 1753 ishdr = shdr; 1754 break; 1755 } 1756 1757 /* 1758 * Print the interpreter string based on the offset defined in the 1759 * program header, as this is the offset used by the kernel. 1760 */ 1761 if (ishdr && icache->c_data) { 1762 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1763 dbg_print(0, MSG_INTL(MSG_ELF_SCN_INTERP), icache->c_name); 1764 dbg_print(0, MSG_ORIG(MSG_FMT_INDENT), 1765 (char *)icache->c_data->d_buf + 1766 (iphdr_off - ishdr->sh_offset)); 1767 } else 1768 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVINTERP1), file); 1769 1770 /* 1771 * If there are any inconsistences between the program header and 1772 * section information, flag them. 1773 */ 1774 if (ishdr && ((iphdr_off != ishdr->sh_offset) || 1775 (iphdr_fsz != ishdr->sh_size))) { 1776 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVINTERP2), file, 1777 icache->c_name); 1778 } 1779 } 1780 1781 /* 1782 * Print the syminfo section. 1783 */ 1784 static void 1785 syminfo(Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, const char *file) 1786 { 1787 Shdr *infoshdr; 1788 Syminfo *info; 1789 Sym *syms; 1790 Dyn *dyns; 1791 Word infonum, cnt, ndx, symnum, dynnum; 1792 Cache *infocache = NULL, *dyncache = NULL, *symsec, *strsec; 1793 Boolean *dynerr; 1794 1795 for (cnt = 1; cnt < shnum; cnt++) { 1796 if (cache[cnt].c_shdr->sh_type == SHT_SUNW_syminfo) { 1797 infocache = &cache[cnt]; 1798 break; 1799 } 1800 } 1801 if (infocache == NULL) 1802 return; 1803 1804 infoshdr = infocache->c_shdr; 1805 if ((infoshdr->sh_entsize == 0) || (infoshdr->sh_size == 0)) { 1806 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 1807 file, infocache->c_name); 1808 return; 1809 } 1810 if (infocache->c_data == NULL) 1811 return; 1812 1813 infonum = (Word)(infoshdr->sh_size / infoshdr->sh_entsize); 1814 info = (Syminfo *)infocache->c_data->d_buf; 1815 1816 /* 1817 * If there is no associated dynamic section, determine if one 1818 * is needed, and if so issue a warning. If there is an 1819 * associated dynamic section, validate it and get the data buffer 1820 * for it. 1821 */ 1822 dyns = NULL; 1823 dynnum = 0; 1824 if (infoshdr->sh_info == 0) { 1825 Syminfo *_info = info + 1; 1826 1827 for (ndx = 1; ndx < infonum; ndx++, _info++) { 1828 if ((_info->si_flags == 0) && (_info->si_boundto == 0)) 1829 continue; 1830 1831 if (_info->si_boundto < SYMINFO_BT_LOWRESERVE) 1832 (void) fprintf(stderr, 1833 MSG_INTL(MSG_ERR_BADSHINFO), file, 1834 infocache->c_name, 1835 EC_WORD(infoshdr->sh_info)); 1836 } 1837 } else if ((infoshdr->sh_info >= shnum) || 1838 (cache[infoshdr->sh_info].c_shdr->sh_type != SHT_DYNAMIC)) { 1839 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHINFO), 1840 file, infocache->c_name, EC_WORD(infoshdr->sh_info)); 1841 } else { 1842 dyncache = &cache[infoshdr->sh_info]; 1843 if ((dyncache->c_data == NULL) || 1844 ((dyns = dyncache->c_data->d_buf) == NULL)) { 1845 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 1846 file, dyncache->c_name); 1847 } 1848 if (dyns != NULL) { 1849 dynnum = dyncache->c_shdr->sh_size / 1850 dyncache->c_shdr->sh_entsize; 1851 1852 /* 1853 * We validate the type of dynamic elements referenced 1854 * from the syminfo. This array is used report any 1855 * bad dynamic entries. 1856 */ 1857 if ((dynerr = calloc(dynnum, sizeof (*dynerr))) == 1858 NULL) { 1859 int err = errno; 1860 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 1861 file, strerror(err)); 1862 return; 1863 } 1864 } 1865 } 1866 1867 /* 1868 * Get the data buffer for the associated symbol table and string table. 1869 */ 1870 if (stringtbl(cache, 1, cnt, shnum, file, 1871 &symnum, &symsec, &strsec) == 0) 1872 return; 1873 1874 syms = symsec->c_data->d_buf; 1875 1876 /* 1877 * Loop through the syminfo entries. 1878 */ 1879 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1880 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMINFO), infocache->c_name); 1881 Elf_syminfo_title(0); 1882 1883 for (ndx = 1, info++; ndx < infonum; ndx++, info++) { 1884 Sym *sym; 1885 const char *needed, *name; 1886 Word expect_dt; 1887 Word boundto = info->si_boundto; 1888 1889 if ((info->si_flags == 0) && (boundto == 0)) 1890 continue; 1891 1892 sym = &syms[ndx]; 1893 name = string(infocache, ndx, strsec, file, sym->st_name); 1894 1895 /* Is si_boundto set to one of the reserved values? */ 1896 if (boundto >= SYMINFO_BT_LOWRESERVE) { 1897 Elf_syminfo_entry(0, ndx, info, name, NULL); 1898 continue; 1899 } 1900 1901 /* 1902 * si_boundto is referencing a dynamic section. If we don't 1903 * have one, an error was already issued above, so it suffices 1904 * to display an empty string. If we are out of bounds, then 1905 * report that and then display an empty string. 1906 */ 1907 if ((dyns == NULL) || (boundto >= dynnum)) { 1908 if (dyns != NULL) 1909 (void) fprintf(stderr, 1910 MSG_INTL(MSG_ERR_BADSIDYNNDX), file, 1911 infocache->c_ndx, infocache->c_name, 1912 EC_WORD(ndx), EC_WORD(dynnum - 1), 1913 EC_WORD(boundto)); 1914 Elf_syminfo_entry(0, ndx, info, name, 1915 MSG_ORIG(MSG_STR_EMPTY)); 1916 continue; 1917 } 1918 1919 /* 1920 * The si_boundto reference expects a specific dynamic element 1921 * type at the given index. The dynamic element is always a 1922 * string that gives an object name. The specific type depends 1923 * on the si_flags present. Ensure that we've got the right 1924 * type. 1925 */ 1926 if (info->si_flags & SYMINFO_FLG_FILTER) 1927 expect_dt = DT_SUNW_FILTER; 1928 else if (info->si_flags & SYMINFO_FLG_AUXILIARY) 1929 expect_dt = DT_SUNW_AUXILIARY; 1930 else if (info->si_flags & (SYMINFO_FLG_DIRECT | 1931 SYMINFO_FLG_LAZYLOAD | SYMINFO_FLG_DIRECTBIND)) 1932 expect_dt = DT_NEEDED; 1933 else 1934 expect_dt = DT_NULL; /* means we ignore the type */ 1935 1936 if ((dyns[boundto].d_tag != expect_dt) && 1937 (expect_dt != DT_NULL)) { 1938 Conv_inv_buf_t buf1, buf2; 1939 1940 /* Only complain about each dynamic element once */ 1941 if (!dynerr[boundto]) { 1942 (void) fprintf(stderr, 1943 MSG_INTL(MSG_ERR_BADSIDYNTAG), 1944 file, infocache->c_ndx, infocache->c_name, 1945 EC_WORD(ndx), dyncache->c_ndx, 1946 dyncache->c_name, EC_WORD(boundto), 1947 conv_dyn_tag(expect_dt, osabi, 1948 ehdr->e_machine, CONV_FMT_ALT_CF, &buf1), 1949 conv_dyn_tag(dyns[boundto].d_tag, osabi, 1950 ehdr->e_machine, CONV_FMT_ALT_CF, &buf2)); 1951 dynerr[boundto] = TRUE; 1952 } 1953 } 1954 1955 /* 1956 * Whether or not the DT item we're pointing at is 1957 * of the right type, if it's a type we recognize as 1958 * providing a string, go ahead and show it. Otherwise 1959 * an empty string. 1960 */ 1961 switch (dyns[boundto].d_tag) { 1962 case DT_NEEDED: 1963 case DT_SONAME: 1964 case DT_RPATH: 1965 case DT_RUNPATH: 1966 case DT_CONFIG: 1967 case DT_DEPAUDIT: 1968 case DT_USED: 1969 case DT_AUDIT: 1970 case DT_SUNW_AUXILIARY: 1971 case DT_SUNW_FILTER: 1972 case DT_FILTER: 1973 case DT_AUXILIARY: 1974 needed = string(infocache, boundto, 1975 strsec, file, dyns[boundto].d_un.d_val); 1976 break; 1977 default: 1978 needed = MSG_ORIG(MSG_STR_EMPTY); 1979 } 1980 Elf_syminfo_entry(0, ndx, info, name, needed); 1981 } 1982 if (dyns != NULL) 1983 free(dynerr); 1984 } 1985 1986 /* 1987 * Print version definition section entries. 1988 */ 1989 static void 1990 version_def(Verdef *vdf, Word vdf_num, Cache *vcache, Cache *scache, 1991 const char *file) 1992 { 1993 Word cnt; 1994 char index[MAXNDXSIZE]; 1995 1996 Elf_ver_def_title(0); 1997 1998 for (cnt = 1; cnt <= vdf_num; cnt++, 1999 vdf = (Verdef *)((uintptr_t)vdf + vdf->vd_next)) { 2000 Conv_ver_flags_buf_t ver_flags_buf; 2001 const char *name, *dep; 2002 Half vcnt = vdf->vd_cnt - 1; 2003 Half ndx = vdf->vd_ndx; 2004 Verdaux *vdap = (Verdaux *)((uintptr_t)vdf + vdf->vd_aux); 2005 2006 /* 2007 * Obtain the name and first dependency (if any). 2008 */ 2009 name = string(vcache, cnt, scache, file, vdap->vda_name); 2010 vdap = (Verdaux *)((uintptr_t)vdap + vdap->vda_next); 2011 if (vcnt) 2012 dep = string(vcache, cnt, scache, file, vdap->vda_name); 2013 else 2014 dep = MSG_ORIG(MSG_STR_EMPTY); 2015 2016 (void) snprintf(index, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INDEX), 2017 EC_XWORD(ndx)); 2018 Elf_ver_line_1(0, index, name, dep, 2019 conv_ver_flags(vdf->vd_flags, 0, &ver_flags_buf)); 2020 2021 /* 2022 * Print any additional dependencies. 2023 */ 2024 if (vcnt) { 2025 vdap = (Verdaux *)((uintptr_t)vdap + vdap->vda_next); 2026 for (vcnt--; vcnt; vcnt--, 2027 vdap = (Verdaux *)((uintptr_t)vdap + 2028 vdap->vda_next)) { 2029 dep = string(vcache, cnt, scache, file, 2030 vdap->vda_name); 2031 Elf_ver_line_2(0, MSG_ORIG(MSG_STR_EMPTY), dep); 2032 } 2033 } 2034 } 2035 } 2036 2037 /* 2038 * Print version needed section entries. 2039 * 2040 * entry: 2041 * vnd - Address of verneed data 2042 * vnd_num - # of Verneed entries 2043 * vcache - Cache of verneed section being processed 2044 * scache - Cache of associated string table section 2045 * file - Name of object being processed. 2046 * versym - Information about versym section 2047 * 2048 * exit: 2049 * The versions have been printed. If GNU style versioning 2050 * is in effect, versym->max_verndx has been updated to 2051 * contain the largest version index seen. 2052 * 2053 * note: 2054 * The versym section of an object that follows the original 2055 * Solaris versioning rules only contains indexes into the verdef 2056 * section. Symbols defined in other objects (UNDEF) are given 2057 * a version of 0, indicating that they are not defined by 2058 * this file, and the Verneed entries do not have associated version 2059 * indexes. For these reasons, we do not display a version index 2060 * for original-style Verneed sections. 2061 * 2062 * The GNU versioning extensions alter this: Symbols defined in other 2063 * objects receive a version index in the range above those defined 2064 * by the Verdef section, and the vna_other field of the Vernaux 2065 * structs inside the Verneed section contain the version index for 2066 * that item. We therefore display the index when showing the 2067 * contents of a GNU style Verneed section. You should not 2068 * necessarily expect these indexes to appear in sorted 2069 * order --- it seems that the GNU ld assigns the versions as 2070 * symbols are encountered during linking, and then the results 2071 * are assembled into the Verneed section afterwards. 2072 */ 2073 static void 2074 version_need(Verneed *vnd, Word vnd_num, Cache *vcache, Cache *scache, 2075 const char *file, VERSYM_STATE *versym) 2076 { 2077 Word cnt; 2078 char index[MAXNDXSIZE]; 2079 const char *index_str; 2080 2081 Elf_ver_need_title(0, versym->gnu_needed); 2082 2083 for (cnt = 1; cnt <= vnd_num; cnt++, 2084 vnd = (Verneed *)((uintptr_t)vnd + vnd->vn_next)) { 2085 Conv_ver_flags_buf_t ver_flags_buf; 2086 const char *name, *dep; 2087 Half vcnt = vnd->vn_cnt; 2088 Vernaux *vnap = (Vernaux *)((uintptr_t)vnd + vnd->vn_aux); 2089 2090 /* 2091 * Obtain the name of the needed file and the version name 2092 * within it that we're dependent on. Note that the count 2093 * should be at least one, otherwise this is a pretty bogus 2094 * entry. 2095 */ 2096 name = string(vcache, cnt, scache, file, vnd->vn_file); 2097 if (vcnt) 2098 dep = string(vcache, cnt, scache, file, vnap->vna_name); 2099 else 2100 dep = MSG_INTL(MSG_STR_NULL); 2101 2102 if (vnap->vna_other == 0) { /* Traditional form */ 2103 index_str = MSG_ORIG(MSG_STR_EMPTY); 2104 } else { /* GNU form */ 2105 index_str = index; 2106 /* Format the version index value */ 2107 (void) snprintf(index, MAXNDXSIZE, 2108 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(vnap->vna_other)); 2109 if (vnap->vna_other > versym->max_verndx) 2110 versym->max_verndx = vnap->vna_other; 2111 } 2112 Elf_ver_line_1(0, index_str, name, dep, 2113 conv_ver_flags(vnap->vna_flags, 0, &ver_flags_buf)); 2114 2115 /* 2116 * Print any additional version dependencies. 2117 */ 2118 if (vcnt) { 2119 vnap = (Vernaux *)((uintptr_t)vnap + vnap->vna_next); 2120 for (vcnt--; vcnt; vcnt--, 2121 vnap = (Vernaux *)((uintptr_t)vnap + 2122 vnap->vna_next)) { 2123 dep = string(vcache, cnt, scache, file, 2124 vnap->vna_name); 2125 if (vnap->vna_other > 0) { 2126 /* Format the next index value */ 2127 (void) snprintf(index, MAXNDXSIZE, 2128 MSG_ORIG(MSG_FMT_INDEX), 2129 EC_XWORD(vnap->vna_other)); 2130 Elf_ver_line_1(0, index, 2131 MSG_ORIG(MSG_STR_EMPTY), dep, 2132 conv_ver_flags(vnap->vna_flags, 2133 0, &ver_flags_buf)); 2134 if (vnap->vna_other > 2135 versym->max_verndx) 2136 versym->max_verndx = 2137 vnap->vna_other; 2138 } else { 2139 Elf_ver_line_3(0, 2140 MSG_ORIG(MSG_STR_EMPTY), dep, 2141 conv_ver_flags(vnap->vna_flags, 2142 0, &ver_flags_buf)); 2143 } 2144 } 2145 } 2146 } 2147 } 2148 2149 /* 2150 * Examine the Verneed section for information related to GNU 2151 * style Versym indexing: 2152 * - A non-zero vna_other field indicates that Versym indexes can 2153 * reference Verneed records. 2154 * - If the object uses GNU style Versym indexing, the 2155 * maximum index value is needed to detect bad Versym entries. 2156 * 2157 * entry: 2158 * vnd - Address of verneed data 2159 * vnd_num - # of Verneed entries 2160 * versym - Information about versym section 2161 * 2162 * exit: 2163 * If a non-zero vna_other field is seen, versym->gnu_needed is set. 2164 * 2165 * versym->max_verndx has been updated to contain the largest 2166 * version index seen. 2167 */ 2168 static void 2169 update_gnu_verndx(Verneed *vnd, Word vnd_num, VERSYM_STATE *versym) 2170 { 2171 Word cnt; 2172 2173 for (cnt = 1; cnt <= vnd_num; cnt++, 2174 vnd = (Verneed *)((uintptr_t)vnd + vnd->vn_next)) { 2175 Half vcnt = vnd->vn_cnt; 2176 Vernaux *vnap = (Vernaux *)((uintptr_t)vnd + vnd->vn_aux); 2177 2178 /* 2179 * A non-zero value of vna_other indicates that this 2180 * object references VERNEED items from the VERSYM 2181 * array. 2182 */ 2183 if (vnap->vna_other != 0) { 2184 versym->gnu_needed = 1; 2185 if (vnap->vna_other > versym->max_verndx) 2186 versym->max_verndx = vnap->vna_other; 2187 } 2188 2189 /* 2190 * Check any additional version dependencies. 2191 */ 2192 if (vcnt) { 2193 vnap = (Vernaux *)((uintptr_t)vnap + vnap->vna_next); 2194 for (vcnt--; vcnt; vcnt--, 2195 vnap = (Vernaux *)((uintptr_t)vnap + 2196 vnap->vna_next)) { 2197 if (vnap->vna_other == 0) 2198 continue; 2199 2200 versym->gnu_needed = 1; 2201 if (vnap->vna_other > versym->max_verndx) 2202 versym->max_verndx = vnap->vna_other; 2203 } 2204 } 2205 } 2206 } 2207 2208 /* 2209 * Display version section information if the flags require it. 2210 * Return version information needed by other output. 2211 * 2212 * entry: 2213 * cache - Cache of all section headers 2214 * shnum - # of sections in cache 2215 * file - Name of file 2216 * flags - Command line option flags 2217 * versym - VERSYM_STATE block to be filled in. 2218 */ 2219 static void 2220 versions(Cache *cache, Word shnum, const char *file, uint_t flags, 2221 VERSYM_STATE *versym) 2222 { 2223 GElf_Word cnt; 2224 Cache *verdef_cache = NULL, *verneed_cache = NULL; 2225 2226 2227 /* Gather information about the version sections */ 2228 bzero(versym, sizeof (*versym)); 2229 versym->max_verndx = 1; 2230 for (cnt = 1; cnt < shnum; cnt++) { 2231 Cache *_cache = &cache[cnt]; 2232 Shdr *shdr = _cache->c_shdr; 2233 Dyn *dyn; 2234 ulong_t numdyn; 2235 2236 switch (shdr->sh_type) { 2237 case SHT_DYNAMIC: 2238 /* 2239 * The GNU ld puts a DT_VERSYM entry in the dynamic 2240 * section so that the runtime linker can use it to 2241 * implement their versioning rules. They allow multiple 2242 * incompatible functions with the same name to exist 2243 * in different versions. The Solaris ld does not 2244 * support this mechanism, and as such, does not 2245 * produce DT_VERSYM. We use this fact to determine 2246 * which ld produced this object, and how to interpret 2247 * the version values. 2248 */ 2249 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0) || 2250 (_cache->c_data == NULL)) 2251 continue; 2252 numdyn = shdr->sh_size / shdr->sh_entsize; 2253 dyn = (Dyn *)_cache->c_data->d_buf; 2254 for (; numdyn-- > 0; dyn++) 2255 if (dyn->d_tag == DT_VERSYM) { 2256 versym->gnu_full = 2257 versym->gnu_needed = 1; 2258 break; 2259 } 2260 break; 2261 2262 case SHT_SUNW_versym: 2263 /* Record data address for later symbol processing */ 2264 if (_cache->c_data != NULL) { 2265 versym->cache = _cache; 2266 versym->data = _cache->c_data->d_buf; 2267 continue; 2268 } 2269 break; 2270 2271 case SHT_SUNW_verdef: 2272 case SHT_SUNW_verneed: 2273 /* 2274 * Ensure the data is non-NULL and the number 2275 * of items is non-zero. Otherwise, we don't 2276 * understand the section, and will not use it. 2277 */ 2278 if ((_cache->c_data == NULL) || 2279 (_cache->c_data->d_buf == NULL)) { 2280 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 2281 file, _cache->c_name); 2282 continue; 2283 } 2284 if (shdr->sh_info == 0) { 2285 (void) fprintf(stderr, 2286 MSG_INTL(MSG_ERR_BADSHINFO), 2287 file, _cache->c_name, 2288 EC_WORD(shdr->sh_info)); 2289 continue; 2290 } 2291 2292 /* Make sure the string table index is in range */ 2293 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 2294 (void) fprintf(stderr, 2295 MSG_INTL(MSG_ERR_BADSHLINK), file, 2296 _cache->c_name, EC_WORD(shdr->sh_link)); 2297 continue; 2298 } 2299 2300 /* 2301 * The section is usable. Save the cache entry. 2302 */ 2303 if (shdr->sh_type == SHT_SUNW_verdef) { 2304 verdef_cache = _cache; 2305 /* 2306 * Under Solaris rules, if there is a verdef 2307 * section, the max versym index is number 2308 * of version definitions it supplies. 2309 */ 2310 versym->max_verndx = shdr->sh_info; 2311 } else { 2312 verneed_cache = _cache; 2313 } 2314 break; 2315 } 2316 } 2317 2318 /* 2319 * If there is a Verneed section, examine it for information 2320 * related to GNU style versioning. 2321 */ 2322 if (verneed_cache != NULL) 2323 update_gnu_verndx((Verneed *)verneed_cache->c_data->d_buf, 2324 verneed_cache->c_shdr->sh_info, versym); 2325 2326 /* 2327 * Now that all the information is available, display the 2328 * Verdef and Verneed section contents, if requested. 2329 */ 2330 if ((flags & FLG_SHOW_VERSIONS) == 0) 2331 return; 2332 if (verdef_cache != NULL) { 2333 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2334 dbg_print(0, MSG_INTL(MSG_ELF_SCN_VERDEF), 2335 verdef_cache->c_name); 2336 version_def((Verdef *)verdef_cache->c_data->d_buf, 2337 verdef_cache->c_shdr->sh_info, verdef_cache, 2338 &cache[verdef_cache->c_shdr->sh_link], file); 2339 } 2340 if (verneed_cache != NULL) { 2341 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2342 dbg_print(0, MSG_INTL(MSG_ELF_SCN_VERNEED), 2343 verneed_cache->c_name); 2344 /* 2345 * If GNU versioning applies to this object, version_need() 2346 * will update versym->max_verndx, and it is not 2347 * necessary to call update_gnu_verndx(). 2348 */ 2349 version_need((Verneed *)verneed_cache->c_data->d_buf, 2350 verneed_cache->c_shdr->sh_info, verneed_cache, 2351 &cache[verneed_cache->c_shdr->sh_link], file, versym); 2352 } 2353 } 2354 2355 /* 2356 * Search for and process any symbol tables. 2357 */ 2358 void 2359 symbols(Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, 2360 VERSYM_STATE *versym, const char *file, uint_t flags) 2361 { 2362 SYMTBL_STATE state; 2363 Cache *_cache; 2364 Word secndx; 2365 2366 for (secndx = 1; secndx < shnum; secndx++) { 2367 Word symcnt; 2368 Shdr *shdr; 2369 2370 _cache = &cache[secndx]; 2371 shdr = _cache->c_shdr; 2372 2373 if ((shdr->sh_type != SHT_SYMTAB) && 2374 (shdr->sh_type != SHT_DYNSYM) && 2375 ((shdr->sh_type != SHT_SUNW_LDYNSYM) || 2376 (osabi != ELFOSABI_SOLARIS))) 2377 continue; 2378 if (!match(MATCH_F_ALL, _cache->c_name, secndx, shdr->sh_type)) 2379 continue; 2380 2381 if (!init_symtbl_state(&state, cache, shnum, secndx, ehdr, 2382 osabi, versym, file, flags)) 2383 continue; 2384 /* 2385 * Loop through the symbol tables entries. 2386 */ 2387 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2388 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMTAB), state.secname); 2389 Elf_syms_table_title(0, ELF_DBG_ELFDUMP); 2390 2391 for (symcnt = 0; symcnt < state.symn; symcnt++) 2392 output_symbol(&state, symcnt, shdr->sh_info, symcnt, 2393 state.sym + symcnt); 2394 } 2395 } 2396 2397 /* 2398 * Search for and process any SHT_SUNW_symsort or SHT_SUNW_tlssort sections. 2399 * These sections are always associated with the .SUNW_ldynsym./.dynsym pair. 2400 */ 2401 static void 2402 sunw_sort(Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, 2403 VERSYM_STATE *versym, const char *file, uint_t flags) 2404 { 2405 SYMTBL_STATE ldynsym_state, dynsym_state; 2406 Cache *sortcache, *symcache; 2407 Shdr *sortshdr, *symshdr; 2408 Word sortsecndx, symsecndx; 2409 Word ldynsym_cnt; 2410 Word *ndx; 2411 Word ndxn; 2412 int output_cnt = 0; 2413 Conv_inv_buf_t inv_buf; 2414 2415 for (sortsecndx = 1; sortsecndx < shnum; sortsecndx++) { 2416 2417 sortcache = &cache[sortsecndx]; 2418 sortshdr = sortcache->c_shdr; 2419 2420 if ((sortshdr->sh_type != SHT_SUNW_symsort) && 2421 (sortshdr->sh_type != SHT_SUNW_tlssort)) 2422 continue; 2423 if (!match(MATCH_F_ALL, sortcache->c_name, sortsecndx, 2424 sortshdr->sh_type)) 2425 continue; 2426 2427 /* 2428 * If the section references a SUNW_ldynsym, then we 2429 * expect to see the associated .dynsym immediately 2430 * following. If it references a .dynsym, there is no 2431 * SUNW_ldynsym. If it is any other type, then we don't 2432 * know what to do with it. 2433 */ 2434 if ((sortshdr->sh_link == 0) || (sortshdr->sh_link >= shnum)) { 2435 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 2436 file, sortcache->c_name, 2437 EC_WORD(sortshdr->sh_link)); 2438 continue; 2439 } 2440 symcache = &cache[sortshdr->sh_link]; 2441 symshdr = symcache->c_shdr; 2442 symsecndx = sortshdr->sh_link; 2443 ldynsym_cnt = 0; 2444 switch (symshdr->sh_type) { 2445 case SHT_SUNW_LDYNSYM: 2446 if (!init_symtbl_state(&ldynsym_state, cache, shnum, 2447 symsecndx, ehdr, osabi, versym, file, flags)) 2448 continue; 2449 ldynsym_cnt = ldynsym_state.symn; 2450 /* 2451 * We know that the dynsym follows immediately 2452 * after the SUNW_ldynsym, and so, should be at 2453 * (sortshdr->sh_link + 1). However, elfdump is a 2454 * diagnostic tool, so we do the full paranoid 2455 * search instead. 2456 */ 2457 for (symsecndx = 1; symsecndx < shnum; symsecndx++) { 2458 symcache = &cache[symsecndx]; 2459 symshdr = symcache->c_shdr; 2460 if (symshdr->sh_type == SHT_DYNSYM) 2461 break; 2462 } 2463 if (symsecndx >= shnum) { /* Dynsym not found! */ 2464 (void) fprintf(stderr, 2465 MSG_INTL(MSG_ERR_NODYNSYM), 2466 file, sortcache->c_name); 2467 continue; 2468 } 2469 /* Fallthrough to process associated dynsym */ 2470 /* FALLTHROUGH */ 2471 case SHT_DYNSYM: 2472 if (!init_symtbl_state(&dynsym_state, cache, shnum, 2473 symsecndx, ehdr, osabi, versym, file, flags)) 2474 continue; 2475 break; 2476 default: 2477 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADNDXSEC), 2478 file, sortcache->c_name, 2479 conv_sec_type(osabi, ehdr->e_machine, 2480 symshdr->sh_type, 0, &inv_buf)); 2481 continue; 2482 } 2483 2484 /* 2485 * Output header 2486 */ 2487 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2488 if (ldynsym_cnt > 0) { 2489 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMSORT2), 2490 sortcache->c_name, ldynsym_state.secname, 2491 dynsym_state.secname); 2492 /* 2493 * The data for .SUNW_ldynsym and dynsym sections 2494 * is supposed to be adjacent with SUNW_ldynsym coming 2495 * first. Check, and issue a warning if it isn't so. 2496 */ 2497 if (((ldynsym_state.sym + ldynsym_state.symn) 2498 != dynsym_state.sym) && 2499 ((flags & FLG_CTL_FAKESHDR) == 0)) 2500 (void) fprintf(stderr, 2501 MSG_INTL(MSG_ERR_LDYNNOTADJ), file, 2502 ldynsym_state.secname, 2503 dynsym_state.secname); 2504 } else { 2505 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMSORT1), 2506 sortcache->c_name, dynsym_state.secname); 2507 } 2508 Elf_syms_table_title(0, ELF_DBG_ELFDUMP); 2509 2510 /* If not first one, insert a line of white space */ 2511 if (output_cnt++ > 0) 2512 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2513 2514 /* 2515 * SUNW_dynsymsort and SUNW_dyntlssort are arrays of 2516 * symbol indices. Iterate over the array entries, 2517 * dispaying the referenced symbols. 2518 */ 2519 ndxn = sortshdr->sh_size / sortshdr->sh_entsize; 2520 ndx = (Word *)sortcache->c_data->d_buf; 2521 for (; ndxn-- > 0; ndx++) { 2522 if (*ndx >= ldynsym_cnt) { 2523 Word sec_ndx = *ndx - ldynsym_cnt; 2524 2525 output_symbol(&dynsym_state, sec_ndx, 0, 2526 *ndx, dynsym_state.sym + sec_ndx); 2527 } else { 2528 output_symbol(&ldynsym_state, *ndx, 0, 2529 *ndx, ldynsym_state.sym + *ndx); 2530 } 2531 } 2532 } 2533 } 2534 2535 /* 2536 * Search for and process any relocation sections. 2537 */ 2538 static void 2539 reloc(Cache *cache, Word shnum, Ehdr *ehdr, const char *file) 2540 { 2541 Word cnt; 2542 2543 for (cnt = 1; cnt < shnum; cnt++) { 2544 Word type, symnum; 2545 Xword relndx, relnum, relsize; 2546 void *rels; 2547 Sym *syms; 2548 Cache *symsec, *strsec; 2549 Cache *_cache = &cache[cnt]; 2550 Shdr *shdr = _cache->c_shdr; 2551 char *relname = _cache->c_name; 2552 Conv_inv_buf_t inv_buf; 2553 2554 if (((type = shdr->sh_type) != SHT_RELA) && 2555 (type != SHT_REL)) 2556 continue; 2557 if (!match(MATCH_F_ALL, relname, cnt, type)) 2558 continue; 2559 2560 /* 2561 * Decide entry size. 2562 */ 2563 if (((relsize = shdr->sh_entsize) == 0) || 2564 (relsize > shdr->sh_size)) { 2565 if (type == SHT_RELA) 2566 relsize = sizeof (Rela); 2567 else 2568 relsize = sizeof (Rel); 2569 } 2570 2571 /* 2572 * Determine the number of relocations available. 2573 */ 2574 if (shdr->sh_size == 0) { 2575 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 2576 file, relname); 2577 continue; 2578 } 2579 if (_cache->c_data == NULL) 2580 continue; 2581 2582 rels = _cache->c_data->d_buf; 2583 relnum = shdr->sh_size / relsize; 2584 2585 /* 2586 * Get the data buffer for the associated symbol table and 2587 * string table. 2588 */ 2589 if (stringtbl(cache, 1, cnt, shnum, file, 2590 &symnum, &symsec, &strsec) == 0) 2591 continue; 2592 2593 syms = symsec->c_data->d_buf; 2594 2595 /* 2596 * Loop through the relocation entries. 2597 */ 2598 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2599 dbg_print(0, MSG_INTL(MSG_ELF_SCN_RELOC), _cache->c_name); 2600 Elf_reloc_title(0, ELF_DBG_ELFDUMP, type); 2601 2602 for (relndx = 0; relndx < relnum; relndx++, 2603 rels = (void *)((char *)rels + relsize)) { 2604 Half mach = ehdr->e_machine; 2605 char section[BUFSIZ]; 2606 const char *symname; 2607 Word symndx, reltype; 2608 Rela *rela; 2609 Rel *rel; 2610 2611 /* 2612 * Unravel the relocation and determine the symbol with 2613 * which this relocation is associated. 2614 */ 2615 if (type == SHT_RELA) { 2616 rela = (Rela *)rels; 2617 symndx = ELF_R_SYM(rela->r_info); 2618 reltype = ELF_R_TYPE(rela->r_info, mach); 2619 } else { 2620 rel = (Rel *)rels; 2621 symndx = ELF_R_SYM(rel->r_info); 2622 reltype = ELF_R_TYPE(rel->r_info, mach); 2623 } 2624 2625 symname = relsymname(cache, _cache, strsec, symndx, 2626 symnum, relndx, syms, section, BUFSIZ, file); 2627 2628 /* 2629 * A zero symbol index is only valid for a few 2630 * relocations. 2631 */ 2632 if (symndx == 0) { 2633 int badrel = 0; 2634 2635 if ((mach == EM_SPARC) || 2636 (mach == EM_SPARC32PLUS) || 2637 (mach == EM_SPARCV9)) { 2638 if ((reltype != R_SPARC_NONE) && 2639 (reltype != R_SPARC_REGISTER) && 2640 (reltype != R_SPARC_RELATIVE)) 2641 badrel++; 2642 } else if (mach == EM_386) { 2643 if ((reltype != R_386_NONE) && 2644 (reltype != R_386_RELATIVE)) 2645 badrel++; 2646 } else if (mach == EM_AMD64) { 2647 if ((reltype != R_AMD64_NONE) && 2648 (reltype != R_AMD64_RELATIVE)) 2649 badrel++; 2650 } 2651 2652 if (badrel) { 2653 (void) fprintf(stderr, 2654 MSG_INTL(MSG_ERR_BADREL1), file, 2655 conv_reloc_type(mach, reltype, 2656 0, &inv_buf)); 2657 } 2658 } 2659 2660 Elf_reloc_entry_1(0, ELF_DBG_ELFDUMP, 2661 MSG_ORIG(MSG_STR_EMPTY), ehdr->e_machine, type, 2662 rels, relname, symname, 0); 2663 } 2664 } 2665 } 2666 2667 2668 /* 2669 * This value controls which test dyn_test() performs. 2670 */ 2671 typedef enum { DYN_TEST_ADDR, DYN_TEST_SIZE, DYN_TEST_ENTSIZE } dyn_test_t; 2672 2673 /* 2674 * Used by dynamic() to compare the value of a dynamic element against 2675 * the starting address of the section it references. 2676 * 2677 * entry: 2678 * test_type - Specify which dyn item is being tested. 2679 * sh_type - SHT_* type value for required section. 2680 * sec_cache - Cache entry for section, or NULL if the object lacks 2681 * a section of this type. 2682 * dyn - Dyn entry to be tested 2683 * dynsec_cnt - # of dynamic section being examined. The first 2684 * dynamic section is 1, the next is 2, and so on... 2685 * ehdr - ELF header for file 2686 * file - Name of file 2687 */ 2688 static void 2689 dyn_test(dyn_test_t test_type, Word sh_type, Cache *sec_cache, Dyn *dyn, 2690 Word dynsec_cnt, Ehdr *ehdr, uchar_t osabi, const char *file) 2691 { 2692 Conv_inv_buf_t buf1, buf2; 2693 2694 /* 2695 * These tests are based around the implicit assumption that 2696 * there is only one dynamic section in an object, and also only 2697 * one of the sections it references. We have therefore gathered 2698 * all of the necessary information to test this in a single pass 2699 * over the section headers, which is very efficient. We are not 2700 * aware of any case where more than one dynamic section would 2701 * be meaningful in an ELF object, so this is a reasonable solution. 2702 * 2703 * To test multiple dynamic sections correctly would be more 2704 * expensive in code and time. We would have to build a data structure 2705 * containing all the dynamic elements. Then, we would use the address 2706 * to locate the section it references and ensure the section is of 2707 * the right type and that the address in the dynamic element is 2708 * to the start of the section. Then, we could check the size and 2709 * entsize values against those same sections. This is O(n^2), and 2710 * also complicated. 2711 * 2712 * In the highly unlikely case that there is more than one dynamic 2713 * section, we only test the first one, and simply allow the values 2714 * of the subsequent one to be displayed unchallenged. 2715 */ 2716 if (dynsec_cnt != 1) 2717 return; 2718 2719 /* 2720 * A DT_ item that references a section address should always find 2721 * the section in the file. 2722 */ 2723 if (sec_cache == NULL) { 2724 const char *name; 2725 2726 /* 2727 * Supply section names instead of section types for 2728 * things that reference progbits so that the error 2729 * message will make more sense. 2730 */ 2731 switch (dyn->d_tag) { 2732 case DT_INIT: 2733 name = MSG_ORIG(MSG_ELF_INIT); 2734 break; 2735 case DT_FINI: 2736 name = MSG_ORIG(MSG_ELF_FINI); 2737 break; 2738 default: 2739 name = conv_sec_type(osabi, ehdr->e_machine, 2740 sh_type, 0, &buf1); 2741 break; 2742 } 2743 (void) fprintf(stderr, MSG_INTL(MSG_ERR_DYNNOBCKSEC), file, 2744 name, conv_dyn_tag(dyn->d_tag, osabi, ehdr->e_machine, 2745 CONV_FMT_ALT_CF, &buf2)); 2746 return; 2747 } 2748 2749 2750 switch (test_type) { 2751 case DYN_TEST_ADDR: 2752 /* The section address should match the DT_ item value */ 2753 if (dyn->d_un.d_val != sec_cache->c_shdr->sh_addr) 2754 (void) fprintf(stderr, 2755 MSG_INTL(MSG_ERR_DYNBADADDR), file, 2756 conv_dyn_tag(dyn->d_tag, osabi, ehdr->e_machine, 2757 CONV_FMT_ALT_CF, &buf1), EC_ADDR(dyn->d_un.d_val), 2758 sec_cache->c_ndx, sec_cache->c_name, 2759 EC_ADDR(sec_cache->c_shdr->sh_addr)); 2760 break; 2761 2762 case DYN_TEST_SIZE: 2763 /* The section size should match the DT_ item value */ 2764 if (dyn->d_un.d_val != sec_cache->c_shdr->sh_size) 2765 (void) fprintf(stderr, 2766 MSG_INTL(MSG_ERR_DYNBADSIZE), file, 2767 conv_dyn_tag(dyn->d_tag, osabi, ehdr->e_machine, 2768 CONV_FMT_ALT_CF, &buf1), EC_XWORD(dyn->d_un.d_val), 2769 sec_cache->c_ndx, sec_cache->c_name, 2770 EC_XWORD(sec_cache->c_shdr->sh_size)); 2771 break; 2772 2773 case DYN_TEST_ENTSIZE: 2774 /* The sh_entsize value should match the DT_ item value */ 2775 if (dyn->d_un.d_val != sec_cache->c_shdr->sh_entsize) 2776 (void) fprintf(stderr, 2777 MSG_INTL(MSG_ERR_DYNBADENTSIZE), file, 2778 conv_dyn_tag(dyn->d_tag, osabi, ehdr->e_machine, 2779 CONV_FMT_ALT_CF, &buf1), EC_XWORD(dyn->d_un.d_val), 2780 sec_cache->c_ndx, sec_cache->c_name, 2781 EC_XWORD(sec_cache->c_shdr->sh_entsize)); 2782 break; 2783 } 2784 } 2785 2786 /* 2787 * There are some DT_ entries that have corresponding symbols 2788 * (e.g. DT_INIT and _init). It is expected that these items will 2789 * both have the same value if both are present. This routine 2790 * examines the well known symbol tables for such symbols and 2791 * issues warnings for any that don't match. 2792 * 2793 * entry: 2794 * dyn - Dyn entry to be tested 2795 * symname - Name of symbol that corresponds to dyn 2796 * symtab_cache, dynsym_cache, ldynsym_cache - Symbol tables to check 2797 * target_cache - Section the symname section is expected to be 2798 * associated with. 2799 * cache - Cache of all section headers 2800 * shnum - # of sections in cache 2801 * ehdr - ELF header for file 2802 * osabi - OSABI to apply when interpreting object 2803 * file - Name of file 2804 */ 2805 static void 2806 dyn_symtest(Dyn *dyn, const char *symname, Cache *symtab_cache, 2807 Cache *dynsym_cache, Cache *ldynsym_cache, Cache *target_cache, 2808 Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, const char *file) 2809 { 2810 Conv_inv_buf_t buf; 2811 int i; 2812 Sym *sym; 2813 Cache *_cache; 2814 2815 for (i = 0; i < 3; i++) { 2816 switch (i) { 2817 case 0: 2818 _cache = symtab_cache; 2819 break; 2820 case 1: 2821 _cache = dynsym_cache; 2822 break; 2823 case 2: 2824 _cache = ldynsym_cache; 2825 break; 2826 } 2827 2828 if ((_cache != NULL) && 2829 symlookup(symname, cache, shnum, &sym, target_cache, 2830 _cache, file) && (sym->st_value != dyn->d_un.d_val)) 2831 (void) fprintf(stderr, MSG_INTL(MSG_ERR_DYNSYMVAL), 2832 file, _cache->c_name, conv_dyn_tag(dyn->d_tag, 2833 osabi, ehdr->e_machine, CONV_FMT_ALT_CF, &buf), 2834 symname, EC_ADDR(sym->st_value)); 2835 } 2836 } 2837 2838 /* 2839 * Search for and process a .dynamic section. 2840 */ 2841 static void 2842 dynamic(Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, const char *file) 2843 { 2844 struct { 2845 Cache *symtab; 2846 Cache *dynstr; 2847 Cache *dynsym; 2848 Cache *hash; 2849 Cache *fini; 2850 Cache *fini_array; 2851 Cache *init; 2852 Cache *init_array; 2853 Cache *preinit_array; 2854 Cache *rel; 2855 Cache *rela; 2856 Cache *sunw_cap; 2857 Cache *sunw_capinfo; 2858 Cache *sunw_capchain; 2859 Cache *sunw_ldynsym; 2860 Cache *sunw_move; 2861 Cache *sunw_syminfo; 2862 Cache *sunw_symsort; 2863 Cache *sunw_tlssort; 2864 Cache *sunw_verdef; 2865 Cache *sunw_verneed; 2866 Cache *sunw_versym; 2867 } sec; 2868 Word dynsec_ndx; 2869 Word dynsec_num; 2870 int dynsec_cnt; 2871 Word cnt; 2872 int osabi_solaris = osabi == ELFOSABI_SOLARIS; 2873 2874 /* 2875 * Make a pass over all the sections, gathering section information 2876 * we'll need below. 2877 */ 2878 dynsec_num = 0; 2879 bzero(&sec, sizeof (sec)); 2880 for (cnt = 1; cnt < shnum; cnt++) { 2881 Cache *_cache = &cache[cnt]; 2882 2883 switch (_cache->c_shdr->sh_type) { 2884 case SHT_DYNAMIC: 2885 if (dynsec_num == 0) { 2886 dynsec_ndx = cnt; 2887 2888 /* Does it have a valid string table? */ 2889 (void) stringtbl(cache, 0, cnt, shnum, file, 2890 0, 0, &sec.dynstr); 2891 } 2892 dynsec_num++; 2893 break; 2894 2895 2896 case SHT_PROGBITS: 2897 /* 2898 * We want to detect the .init and .fini sections, 2899 * if present. These are SHT_PROGBITS, so all we 2900 * have to go on is the section name. Normally comparing 2901 * names is a bad idea, but there are some special 2902 * names (i.e. .init/.fini/.interp) that are very 2903 * difficult to use in any other context, and for 2904 * these symbols, we do the heuristic match. 2905 */ 2906 if (strcmp(_cache->c_name, 2907 MSG_ORIG(MSG_ELF_INIT)) == 0) { 2908 if (sec.init == NULL) 2909 sec.init = _cache; 2910 } else if (strcmp(_cache->c_name, 2911 MSG_ORIG(MSG_ELF_FINI)) == 0) { 2912 if (sec.fini == NULL) 2913 sec.fini = _cache; 2914 } 2915 break; 2916 2917 case SHT_REL: 2918 /* 2919 * We want the SHT_REL section with the lowest 2920 * offset. The linker gathers them together, 2921 * and puts the address of the first one 2922 * into the DT_REL dynamic element. 2923 */ 2924 if ((sec.rel == NULL) || 2925 (_cache->c_shdr->sh_offset < 2926 sec.rel->c_shdr->sh_offset)) 2927 sec.rel = _cache; 2928 break; 2929 2930 case SHT_RELA: 2931 /* RELA is handled just like RELA above */ 2932 if ((sec.rela == NULL) || 2933 (_cache->c_shdr->sh_offset < 2934 sec.rela->c_shdr->sh_offset)) 2935 sec.rela = _cache; 2936 break; 2937 2938 /* 2939 * The GRAB macro is used for the simple case in which 2940 * we simply grab the first section of the desired type. 2941 */ 2942 #define GRAB(_sec_type, _sec_field) \ 2943 case _sec_type: \ 2944 if (sec._sec_field == NULL) \ 2945 sec._sec_field = _cache; \ 2946 break 2947 GRAB(SHT_SYMTAB, symtab); 2948 GRAB(SHT_DYNSYM, dynsym); 2949 GRAB(SHT_FINI_ARRAY, fini_array); 2950 GRAB(SHT_HASH, hash); 2951 GRAB(SHT_INIT_ARRAY, init_array); 2952 GRAB(SHT_SUNW_move, sunw_move); 2953 GRAB(SHT_PREINIT_ARRAY, preinit_array); 2954 GRAB(SHT_SUNW_cap, sunw_cap); 2955 GRAB(SHT_SUNW_capinfo, sunw_capinfo); 2956 GRAB(SHT_SUNW_capchain, sunw_capchain); 2957 GRAB(SHT_SUNW_LDYNSYM, sunw_ldynsym); 2958 GRAB(SHT_SUNW_syminfo, sunw_syminfo); 2959 GRAB(SHT_SUNW_symsort, sunw_symsort); 2960 GRAB(SHT_SUNW_tlssort, sunw_tlssort); 2961 GRAB(SHT_SUNW_verdef, sunw_verdef); 2962 GRAB(SHT_SUNW_verneed, sunw_verneed); 2963 GRAB(SHT_SUNW_versym, sunw_versym); 2964 #undef GRAB 2965 } 2966 } 2967 2968 /* 2969 * If no dynamic section, return immediately. If more than one 2970 * dynamic section, then something odd is going on and an error 2971 * is in order, but then continue on and display them all. 2972 */ 2973 if (dynsec_num == 0) 2974 return; 2975 if (dynsec_num > 1) 2976 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MULTDYN), 2977 file, EC_WORD(dynsec_num)); 2978 2979 2980 dynsec_cnt = 0; 2981 for (cnt = dynsec_ndx; (cnt < shnum) && (dynsec_cnt < dynsec_num); 2982 cnt++) { 2983 Dyn *dyn; 2984 ulong_t numdyn; 2985 int ndx, end_ndx; 2986 Cache *_cache = &cache[cnt], *strsec; 2987 Shdr *shdr = _cache->c_shdr; 2988 int dumped = 0; 2989 2990 if (shdr->sh_type != SHT_DYNAMIC) 2991 continue; 2992 dynsec_cnt++; 2993 2994 /* 2995 * Verify the associated string table section. 2996 */ 2997 if (stringtbl(cache, 0, cnt, shnum, file, 0, 0, &strsec) == 0) 2998 continue; 2999 3000 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 3001 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3002 file, _cache->c_name); 3003 continue; 3004 } 3005 if (_cache->c_data == NULL) 3006 continue; 3007 3008 numdyn = shdr->sh_size / shdr->sh_entsize; 3009 dyn = (Dyn *)_cache->c_data->d_buf; 3010 3011 /* 3012 * We expect the REL/RELA entries to reference the reloc 3013 * section with the lowest address. However, this is 3014 * not true for dumped objects. Detect if this object has 3015 * been dumped so that we can skip the reloc address test 3016 * in that case. 3017 */ 3018 for (ndx = 0; ndx < numdyn; dyn++, ndx++) { 3019 if (dyn->d_tag == DT_FLAGS_1) { 3020 dumped = (dyn->d_un.d_val & DF_1_CONFALT) != 0; 3021 break; 3022 } 3023 } 3024 dyn = (Dyn *)_cache->c_data->d_buf; 3025 3026 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3027 dbg_print(0, MSG_INTL(MSG_ELF_SCN_DYNAMIC), _cache->c_name); 3028 3029 Elf_dyn_title(0); 3030 3031 for (ndx = 0; ndx < numdyn; dyn++, ndx++) { 3032 union { 3033 Conv_inv_buf_t inv; 3034 Conv_dyn_flag_buf_t flag; 3035 Conv_dyn_flag1_buf_t flag1; 3036 Conv_dyn_posflag1_buf_t posflag1; 3037 Conv_dyn_feature1_buf_t feature1; 3038 } c_buf; 3039 const char *name = NULL; 3040 3041 /* 3042 * Print the information numerically, and if possible 3043 * as a string. If a string is available, name is 3044 * set to reference it. 3045 * 3046 * Also, take this opportunity to sanity check 3047 * the values of DT elements. In the code above, 3048 * we gathered information on sections that are 3049 * referenced by the dynamic section. Here, we 3050 * compare the attributes of those sections to 3051 * the DT_ items that reference them and report 3052 * on inconsistencies. 3053 * 3054 * Things not currently tested that could be improved 3055 * in later revisions include: 3056 * - We don't check PLT or GOT related items 3057 * - We don't handle computing the lengths of 3058 * relocation arrays. To handle this 3059 * requires examining data that spans 3060 * across sections, in a contiguous span 3061 * within a single segment. 3062 * - DT_VERDEFNUM and DT_VERNEEDNUM can't be 3063 * verified without parsing the sections. 3064 * - We don't handle DT_SUNW_SYMSZ, which would 3065 * be the sum of the lengths of .dynsym and 3066 * .SUNW_ldynsym 3067 * - DT_SUNW_STRPAD can't be verified other than 3068 * to check that it's not larger than 3069 * the string table. 3070 * - Some items come in "all or none" clusters 3071 * that give an address, element size, 3072 * and data length in bytes. We don't 3073 * verify that there are no missing items 3074 * in such groups. 3075 */ 3076 switch (dyn->d_tag) { 3077 case DT_NULL: 3078 /* 3079 * Special case: DT_NULLs can come in groups 3080 * that we prefer to reduce to a single line. 3081 */ 3082 end_ndx = ndx; 3083 while ((end_ndx < (numdyn - 1)) && 3084 ((dyn + 1)->d_tag == DT_NULL)) { 3085 dyn++; 3086 end_ndx++; 3087 } 3088 Elf_dyn_null_entry(0, dyn, ndx, end_ndx); 3089 ndx = end_ndx; 3090 continue; 3091 3092 /* 3093 * String items all reference the dynstr. The string() 3094 * function does the necessary sanity checking. 3095 */ 3096 case DT_NEEDED: 3097 case DT_SONAME: 3098 case DT_FILTER: 3099 case DT_AUXILIARY: 3100 case DT_CONFIG: 3101 case DT_RPATH: 3102 case DT_RUNPATH: 3103 case DT_USED: 3104 case DT_DEPAUDIT: 3105 case DT_AUDIT: 3106 name = string(_cache, ndx, strsec, 3107 file, dyn->d_un.d_ptr); 3108 break; 3109 3110 case DT_SUNW_AUXILIARY: 3111 case DT_SUNW_FILTER: 3112 if (osabi_solaris) 3113 name = string(_cache, ndx, strsec, 3114 file, dyn->d_un.d_ptr); 3115 break; 3116 3117 case DT_FLAGS: 3118 name = conv_dyn_flag(dyn->d_un.d_val, 3119 0, &c_buf.flag); 3120 break; 3121 case DT_FLAGS_1: 3122 name = conv_dyn_flag1(dyn->d_un.d_val, 0, 3123 &c_buf.flag1); 3124 break; 3125 case DT_POSFLAG_1: 3126 name = conv_dyn_posflag1(dyn->d_un.d_val, 0, 3127 &c_buf.posflag1); 3128 break; 3129 case DT_FEATURE_1: 3130 name = conv_dyn_feature1(dyn->d_un.d_val, 0, 3131 &c_buf.feature1); 3132 break; 3133 case DT_DEPRECATED_SPARC_REGISTER: 3134 name = MSG_INTL(MSG_STR_DEPRECATED); 3135 break; 3136 3137 case DT_SUNW_LDMACH: 3138 if (!osabi_solaris) 3139 break; 3140 name = conv_ehdr_mach((Half)dyn->d_un.d_val, 3141 0, &c_buf.inv); 3142 break; 3143 3144 /* 3145 * Cases below this point are strictly sanity checking, 3146 * and do not generate a name string. The TEST_ macros 3147 * are used to hide the boiler plate arguments neeeded 3148 * by dyn_test(). 3149 */ 3150 #define TEST_ADDR(_sh_type, _sec_field) \ 3151 dyn_test(DYN_TEST_ADDR, _sh_type, \ 3152 sec._sec_field, dyn, dynsec_cnt, ehdr, \ 3153 osabi, file) 3154 #define TEST_SIZE(_sh_type, _sec_field) \ 3155 dyn_test(DYN_TEST_SIZE, _sh_type, \ 3156 sec._sec_field, dyn, dynsec_cnt, ehdr, \ 3157 osabi, file) 3158 #define TEST_ENTSIZE(_sh_type, _sec_field) \ 3159 dyn_test(DYN_TEST_ENTSIZE, _sh_type, \ 3160 sec._sec_field, dyn, dynsec_cnt, ehdr, \ 3161 osabi, file) 3162 3163 case DT_FINI: 3164 dyn_symtest(dyn, MSG_ORIG(MSG_SYM_FINI), 3165 sec.symtab, sec.dynsym, sec.sunw_ldynsym, 3166 sec.fini, cache, shnum, ehdr, osabi, file); 3167 TEST_ADDR(SHT_PROGBITS, fini); 3168 break; 3169 3170 case DT_FINI_ARRAY: 3171 TEST_ADDR(SHT_FINI_ARRAY, fini_array); 3172 break; 3173 3174 case DT_FINI_ARRAYSZ: 3175 TEST_SIZE(SHT_FINI_ARRAY, fini_array); 3176 break; 3177 3178 case DT_HASH: 3179 TEST_ADDR(SHT_HASH, hash); 3180 break; 3181 3182 case DT_INIT: 3183 dyn_symtest(dyn, MSG_ORIG(MSG_SYM_INIT), 3184 sec.symtab, sec.dynsym, sec.sunw_ldynsym, 3185 sec.init, cache, shnum, ehdr, osabi, file); 3186 TEST_ADDR(SHT_PROGBITS, init); 3187 break; 3188 3189 case DT_INIT_ARRAY: 3190 TEST_ADDR(SHT_INIT_ARRAY, init_array); 3191 break; 3192 3193 case DT_INIT_ARRAYSZ: 3194 TEST_SIZE(SHT_INIT_ARRAY, init_array); 3195 break; 3196 3197 case DT_MOVEENT: 3198 TEST_ENTSIZE(SHT_SUNW_move, sunw_move); 3199 break; 3200 3201 case DT_MOVESZ: 3202 TEST_SIZE(SHT_SUNW_move, sunw_move); 3203 break; 3204 3205 case DT_MOVETAB: 3206 TEST_ADDR(SHT_SUNW_move, sunw_move); 3207 break; 3208 3209 case DT_PREINIT_ARRAY: 3210 TEST_ADDR(SHT_PREINIT_ARRAY, preinit_array); 3211 break; 3212 3213 case DT_PREINIT_ARRAYSZ: 3214 TEST_SIZE(SHT_PREINIT_ARRAY, preinit_array); 3215 break; 3216 3217 case DT_REL: 3218 if (!dumped) 3219 TEST_ADDR(SHT_REL, rel); 3220 break; 3221 3222 case DT_RELENT: 3223 TEST_ENTSIZE(SHT_REL, rel); 3224 break; 3225 3226 case DT_RELA: 3227 if (!dumped) 3228 TEST_ADDR(SHT_RELA, rela); 3229 break; 3230 3231 case DT_RELAENT: 3232 TEST_ENTSIZE(SHT_RELA, rela); 3233 break; 3234 3235 case DT_STRTAB: 3236 TEST_ADDR(SHT_STRTAB, dynstr); 3237 break; 3238 3239 case DT_STRSZ: 3240 TEST_SIZE(SHT_STRTAB, dynstr); 3241 break; 3242 3243 case DT_SUNW_CAP: 3244 if (osabi_solaris) 3245 TEST_ADDR(SHT_SUNW_cap, sunw_cap); 3246 break; 3247 3248 case DT_SUNW_CAPINFO: 3249 if (osabi_solaris) 3250 TEST_ADDR(SHT_SUNW_capinfo, 3251 sunw_capinfo); 3252 break; 3253 3254 case DT_SUNW_CAPCHAIN: 3255 if (osabi_solaris) 3256 TEST_ADDR(SHT_SUNW_capchain, 3257 sunw_capchain); 3258 break; 3259 3260 case DT_SUNW_SYMTAB: 3261 TEST_ADDR(SHT_SUNW_LDYNSYM, sunw_ldynsym); 3262 break; 3263 3264 case DT_SYMENT: 3265 TEST_ENTSIZE(SHT_DYNSYM, dynsym); 3266 break; 3267 3268 case DT_SYMINENT: 3269 TEST_ENTSIZE(SHT_SUNW_syminfo, sunw_syminfo); 3270 break; 3271 3272 case DT_SYMINFO: 3273 TEST_ADDR(SHT_SUNW_syminfo, sunw_syminfo); 3274 break; 3275 3276 case DT_SYMINSZ: 3277 TEST_SIZE(SHT_SUNW_syminfo, sunw_syminfo); 3278 break; 3279 3280 case DT_SYMTAB: 3281 TEST_ADDR(SHT_DYNSYM, dynsym); 3282 break; 3283 3284 case DT_SUNW_SORTENT: 3285 /* 3286 * This entry is related to both the symsort and 3287 * tlssort sections. 3288 */ 3289 if (osabi_solaris) { 3290 int test_tls = 3291 (sec.sunw_tlssort != NULL); 3292 int test_sym = 3293 (sec.sunw_symsort != NULL) || 3294 !test_tls; 3295 if (test_sym) 3296 TEST_ENTSIZE(SHT_SUNW_symsort, 3297 sunw_symsort); 3298 if (test_tls) 3299 TEST_ENTSIZE(SHT_SUNW_tlssort, 3300 sunw_tlssort); 3301 } 3302 break; 3303 3304 3305 case DT_SUNW_SYMSORT: 3306 if (osabi_solaris) 3307 TEST_ADDR(SHT_SUNW_symsort, 3308 sunw_symsort); 3309 break; 3310 3311 case DT_SUNW_SYMSORTSZ: 3312 if (osabi_solaris) 3313 TEST_SIZE(SHT_SUNW_symsort, 3314 sunw_symsort); 3315 break; 3316 3317 case DT_SUNW_TLSSORT: 3318 if (osabi_solaris) 3319 TEST_ADDR(SHT_SUNW_tlssort, 3320 sunw_tlssort); 3321 break; 3322 3323 case DT_SUNW_TLSSORTSZ: 3324 if (osabi_solaris) 3325 TEST_SIZE(SHT_SUNW_tlssort, 3326 sunw_tlssort); 3327 break; 3328 3329 case DT_VERDEF: 3330 TEST_ADDR(SHT_SUNW_verdef, sunw_verdef); 3331 break; 3332 3333 case DT_VERNEED: 3334 TEST_ADDR(SHT_SUNW_verneed, sunw_verneed); 3335 break; 3336 3337 case DT_VERSYM: 3338 TEST_ADDR(SHT_SUNW_versym, sunw_versym); 3339 break; 3340 #undef TEST_ADDR 3341 #undef TEST_SIZE 3342 #undef TEST_ENTSIZE 3343 } 3344 3345 if (name == NULL) 3346 name = MSG_ORIG(MSG_STR_EMPTY); 3347 Elf_dyn_entry(0, dyn, ndx, name, 3348 osabi, ehdr->e_machine); 3349 } 3350 } 3351 } 3352 3353 /* 3354 * Search for and process a MOVE section. 3355 */ 3356 static void 3357 move(Cache *cache, Word shnum, const char *file, uint_t flags) 3358 { 3359 Word cnt; 3360 const char *fmt = NULL; 3361 3362 for (cnt = 1; cnt < shnum; cnt++) { 3363 Word movenum, symnum, ndx; 3364 Sym *syms; 3365 Cache *_cache = &cache[cnt]; 3366 Shdr *shdr = _cache->c_shdr; 3367 Cache *symsec, *strsec; 3368 Move *move; 3369 3370 if (shdr->sh_type != SHT_SUNW_move) 3371 continue; 3372 if (!match(MATCH_F_ALL, _cache->c_name, cnt, shdr->sh_type)) 3373 continue; 3374 3375 /* 3376 * Determine the move data and number. 3377 */ 3378 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 3379 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3380 file, _cache->c_name); 3381 continue; 3382 } 3383 if (_cache->c_data == NULL) 3384 continue; 3385 3386 move = (Move *)_cache->c_data->d_buf; 3387 movenum = shdr->sh_size / shdr->sh_entsize; 3388 3389 /* 3390 * Get the data buffer for the associated symbol table and 3391 * string table. 3392 */ 3393 if (stringtbl(cache, 1, cnt, shnum, file, 3394 &symnum, &symsec, &strsec) == 0) 3395 return; 3396 3397 syms = (Sym *)symsec->c_data->d_buf; 3398 3399 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3400 dbg_print(0, MSG_INTL(MSG_ELF_SCN_MOVE), _cache->c_name); 3401 dbg_print(0, MSG_INTL(MSG_MOVE_TITLE)); 3402 3403 if (fmt == NULL) 3404 fmt = MSG_INTL(MSG_MOVE_ENTRY); 3405 3406 for (ndx = 0; ndx < movenum; move++, ndx++) { 3407 const char *symname; 3408 char index[MAXNDXSIZE], section[BUFSIZ]; 3409 Word symndx, shndx; 3410 Sym *sym; 3411 3412 /* 3413 * Check for null entries 3414 */ 3415 if ((move->m_info == 0) && (move->m_value == 0) && 3416 (move->m_poffset == 0) && (move->m_repeat == 0) && 3417 (move->m_stride == 0)) { 3418 dbg_print(0, fmt, MSG_ORIG(MSG_STR_EMPTY), 3419 EC_XWORD(move->m_poffset), 0, 0, 0, 3420 EC_LWORD(0), MSG_ORIG(MSG_STR_EMPTY)); 3421 continue; 3422 } 3423 if (((symndx = ELF_M_SYM(move->m_info)) == 0) || 3424 (symndx >= symnum)) { 3425 (void) fprintf(stderr, 3426 MSG_INTL(MSG_ERR_BADMINFO), file, 3427 _cache->c_name, EC_XWORD(move->m_info)); 3428 3429 (void) snprintf(index, MAXNDXSIZE, 3430 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(symndx)); 3431 dbg_print(0, fmt, index, 3432 EC_XWORD(move->m_poffset), 3433 ELF_M_SIZE(move->m_info), move->m_repeat, 3434 move->m_stride, move->m_value, 3435 MSG_INTL(MSG_STR_UNKNOWN)); 3436 continue; 3437 } 3438 3439 symname = relsymname(cache, _cache, strsec, 3440 symndx, symnum, ndx, syms, section, BUFSIZ, file); 3441 sym = (Sym *)(syms + symndx); 3442 3443 /* 3444 * Additional sanity check. 3445 */ 3446 shndx = sym->st_shndx; 3447 if (!((shndx == SHN_COMMON) || 3448 (((shndx >= 1) && (shndx <= shnum)) && 3449 (cache[shndx].c_shdr)->sh_type == SHT_NOBITS))) { 3450 (void) fprintf(stderr, 3451 MSG_INTL(MSG_ERR_BADSYM2), file, 3452 _cache->c_name, EC_WORD(symndx), 3453 demangle(symname, flags)); 3454 } 3455 3456 (void) snprintf(index, MAXNDXSIZE, 3457 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(symndx)); 3458 dbg_print(0, fmt, index, EC_XWORD(move->m_poffset), 3459 ELF_M_SIZE(move->m_info), move->m_repeat, 3460 move->m_stride, move->m_value, 3461 demangle(symname, flags)); 3462 } 3463 } 3464 } 3465 3466 /* 3467 * parse_note_t is used to track the state used by parse_note_entry() 3468 * between calls, and also to return the results of each call. 3469 */ 3470 typedef struct { 3471 /* pns_ fields track progress through the data */ 3472 const char *pns_file; /* File name */ 3473 Cache *pns_cache; /* Note section cache entry */ 3474 size_t pns_size; /* # unprocessed data bytes */ 3475 Word *pns_data; /* # to next unused data byte */ 3476 3477 /* pn_ fields return the results for a single call */ 3478 Word pn_namesz; /* Value of note namesz field */ 3479 Word pn_descsz; /* Value of note descsz field */ 3480 Word pn_type; /* Value of note type field */ 3481 const char *pn_name; /* if (namesz > 0) ptr to name bytes */ 3482 const char *pn_desc; /* if (descsx > 0) ptr to data bytes */ 3483 } parse_note_t; 3484 3485 /* 3486 * Extract the various sub-parts of a note entry, and advance the 3487 * data pointer past it. 3488 * 3489 * entry: 3490 * The state pns_ fields contain current values for the Note section 3491 * 3492 * exit: 3493 * On success, True (1) is returned, the state pns_ fields have been 3494 * advanced to point at the start of the next entry, and the information 3495 * for the recovered note entry is found in the state pn_ fields. 3496 * 3497 * On failure, False (0) is returned. The values contained in state 3498 * are undefined. 3499 */ 3500 static int 3501 parse_note_entry(parse_note_t *state) 3502 { 3503 size_t pad, noteoff; 3504 3505 noteoff = (Word)state->pns_cache->c_data->d_size - state->pns_size; 3506 /* 3507 * Make sure we can at least reference the 3 initial entries 3508 * (4-byte words) of the note information block. 3509 */ 3510 if (state->pns_size >= (sizeof (Word) * 3)) { 3511 state->pns_size -= (sizeof (Word) * 3); 3512 } else { 3513 (void) fprintf(stderr, MSG_INTL(MSG_NOTE_BADDATASZ), 3514 state->pns_file, state->pns_cache->c_name, 3515 EC_WORD(noteoff)); 3516 return (0); 3517 } 3518 3519 /* 3520 * Make sure any specified name string can be referenced. 3521 */ 3522 if ((state->pn_namesz = *state->pns_data++) != 0) { 3523 if (state->pns_size >= state->pn_namesz) { 3524 state->pns_size -= state->pn_namesz; 3525 } else { 3526 (void) fprintf(stderr, MSG_INTL(MSG_NOTE_BADNMSZ), 3527 state->pns_file, state->pns_cache->c_name, 3528 EC_WORD(noteoff), EC_WORD(state->pn_namesz)); 3529 return (0); 3530 } 3531 } 3532 3533 /* 3534 * Make sure any specified descriptor can be referenced. 3535 */ 3536 if ((state->pn_descsz = *state->pns_data++) != 0) { 3537 /* 3538 * If namesz isn't a 4-byte multiple, account for any 3539 * padding that must exist before the descriptor. 3540 */ 3541 if ((pad = (state->pn_namesz & (sizeof (Word) - 1))) != 0) { 3542 pad = sizeof (Word) - pad; 3543 state->pns_size -= pad; 3544 } 3545 if (state->pns_size >= state->pn_descsz) { 3546 state->pns_size -= state->pn_descsz; 3547 } else { 3548 (void) fprintf(stderr, MSG_INTL(MSG_NOTE_BADDESZ), 3549 state->pns_file, state->pns_cache->c_name, 3550 EC_WORD(noteoff), EC_WORD(state->pn_namesz)); 3551 return (0); 3552 } 3553 } 3554 3555 state->pn_type = *state->pns_data++; 3556 3557 /* Name */ 3558 if (state->pn_namesz) { 3559 state->pn_name = (char *)state->pns_data; 3560 pad = (state->pn_namesz + 3561 (sizeof (Word) - 1)) & ~(sizeof (Word) - 1); 3562 /* LINTED */ 3563 state->pns_data = (Word *)(state->pn_name + pad); 3564 } 3565 3566 /* 3567 * If multiple information blocks exist within a .note section 3568 * account for any padding that must exist before the next 3569 * information block. 3570 */ 3571 if ((pad = (state->pn_descsz & (sizeof (Word) - 1))) != 0) { 3572 pad = sizeof (Word) - pad; 3573 if (state->pns_size > pad) 3574 state->pns_size -= pad; 3575 } 3576 3577 /* Data */ 3578 if (state->pn_descsz) { 3579 state->pn_desc = (const char *)state->pns_data; 3580 /* LINTED */ 3581 state->pns_data = (Word *)(state->pn_desc + 3582 state->pn_descsz + pad); 3583 } 3584 3585 return (1); 3586 } 3587 3588 /* 3589 * Callback function for use with conv_str_to_c_literal() below. 3590 */ 3591 /*ARGSUSED2*/ 3592 static void 3593 c_literal_cb(const void *ptr, size_t size, void *uvalue) 3594 { 3595 (void) fwrite(ptr, size, 1, stdout); 3596 } 3597 3598 /* 3599 * Traverse a note section analyzing each note information block. 3600 * The data buffers size is used to validate references before they are made, 3601 * and is decremented as each element is processed. 3602 */ 3603 void 3604 note_entry(Cache *cache, Word *data, size_t size, Ehdr *ehdr, const char *file) 3605 { 3606 int cnt = 0; 3607 int is_corenote; 3608 int do_swap; 3609 Conv_inv_buf_t inv_buf; 3610 parse_note_t pnstate; 3611 3612 pnstate.pns_file = file; 3613 pnstate.pns_cache = cache; 3614 pnstate.pns_size = size; 3615 pnstate.pns_data = data; 3616 do_swap = _elf_sys_encoding() != ehdr->e_ident[EI_DATA]; 3617 3618 /* 3619 * Print out a single `note' information block. 3620 */ 3621 while (pnstate.pns_size > 0) { 3622 3623 if (parse_note_entry(&pnstate) == 0) 3624 return; 3625 3626 /* 3627 * Is this a Solaris core note? Such notes all have 3628 * the name "CORE". 3629 */ 3630 is_corenote = (ehdr->e_type == ET_CORE) && 3631 (pnstate.pn_namesz == (MSG_STR_CORE_SIZE + 1)) && 3632 (strncmp(MSG_ORIG(MSG_STR_CORE), pnstate.pn_name, 3633 MSG_STR_CORE_SIZE + 1) == 0); 3634 3635 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3636 dbg_print(0, MSG_INTL(MSG_FMT_NOTEENTNDX), EC_WORD(cnt)); 3637 cnt++; 3638 dbg_print(0, MSG_ORIG(MSG_NOTE_NAMESZ), 3639 EC_WORD(pnstate.pn_namesz)); 3640 dbg_print(0, MSG_ORIG(MSG_NOTE_DESCSZ), 3641 EC_WORD(pnstate.pn_descsz)); 3642 3643 if (is_corenote) 3644 dbg_print(0, MSG_ORIG(MSG_NOTE_TYPE_STR), 3645 conv_cnote_type(pnstate.pn_type, 0, &inv_buf)); 3646 else 3647 dbg_print(0, MSG_ORIG(MSG_NOTE_TYPE), 3648 EC_WORD(pnstate.pn_type)); 3649 if (pnstate.pn_namesz) { 3650 dbg_print(0, MSG_ORIG(MSG_NOTE_NAME)); 3651 /* 3652 * The name string can contain embedded 'null' 3653 * bytes and/or unprintable characters. Also, 3654 * the final NULL is documented in the ELF ABI 3655 * as being included in the namesz. So, display 3656 * the name using C literal string notation, and 3657 * include the terminating NULL in the output. 3658 * We don't show surrounding double quotes, as 3659 * that implies the termination that we are showing 3660 * explicitly. 3661 */ 3662 (void) fwrite(MSG_ORIG(MSG_STR_8SP), 3663 MSG_STR_8SP_SIZE, 1, stdout); 3664 conv_str_to_c_literal(pnstate.pn_name, 3665 pnstate.pn_namesz, c_literal_cb, NULL); 3666 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3667 } 3668 3669 if (pnstate.pn_descsz) { 3670 int hexdump = 1; 3671 3672 /* 3673 * If this is a core note, let the corenote() 3674 * function handle it. 3675 */ 3676 if (is_corenote) { 3677 /* We only issue the bad arch error once */ 3678 static int badnote_done = 0; 3679 corenote_ret_t corenote_ret; 3680 3681 corenote_ret = corenote(ehdr->e_machine, 3682 do_swap, pnstate.pn_type, pnstate.pn_desc, 3683 pnstate.pn_descsz); 3684 switch (corenote_ret) { 3685 case CORENOTE_R_OK: 3686 hexdump = 0; 3687 break; 3688 case CORENOTE_R_BADDATA: 3689 (void) fprintf(stderr, 3690 MSG_INTL(MSG_NOTE_BADCOREDATA), 3691 file); 3692 break; 3693 case CORENOTE_R_BADARCH: 3694 if (badnote_done) 3695 break; 3696 (void) fprintf(stderr, 3697 MSG_INTL(MSG_NOTE_BADCOREARCH), 3698 file, 3699 conv_ehdr_mach(ehdr->e_machine, 3700 0, &inv_buf)); 3701 break; 3702 } 3703 } 3704 3705 /* 3706 * The default thing when we don't understand 3707 * the note data is to display it as hex bytes. 3708 */ 3709 if (hexdump) { 3710 dbg_print(0, MSG_ORIG(MSG_NOTE_DESC)); 3711 dump_hex_bytes(pnstate.pn_desc, 3712 pnstate.pn_descsz, 8, 4, 4); 3713 } 3714 } 3715 } 3716 } 3717 3718 /* 3719 * Search for and process .note sections. 3720 * 3721 * Returns the number of note sections seen. 3722 */ 3723 static Word 3724 note(Cache *cache, Word shnum, Ehdr *ehdr, const char *file) 3725 { 3726 Word cnt, note_cnt = 0; 3727 3728 /* 3729 * Otherwise look for any .note sections. 3730 */ 3731 for (cnt = 1; cnt < shnum; cnt++) { 3732 Cache *_cache = &cache[cnt]; 3733 Shdr *shdr = _cache->c_shdr; 3734 3735 if (shdr->sh_type != SHT_NOTE) 3736 continue; 3737 note_cnt++; 3738 if (!match(MATCH_F_ALL, _cache->c_name, cnt, shdr->sh_type)) 3739 continue; 3740 3741 /* 3742 * As these sections are often hand rolled, make sure they're 3743 * properly aligned before proceeding, and issue an error 3744 * as necessary. 3745 * 3746 * Note that we will continue on to display the note even 3747 * if it has bad alignment. We can do this safely, because 3748 * libelf knows the alignment required for SHT_NOTE, and 3749 * takes steps to deliver a properly aligned buffer to us 3750 * even if the actual file is misaligned. 3751 */ 3752 if (shdr->sh_offset & (sizeof (Word) - 1)) 3753 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADALIGN), 3754 file, _cache->c_name); 3755 3756 if (_cache->c_data == NULL) 3757 continue; 3758 3759 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3760 dbg_print(0, MSG_INTL(MSG_ELF_SCN_NOTE), _cache->c_name); 3761 note_entry(_cache, (Word *)_cache->c_data->d_buf, 3762 /* LINTED */ 3763 (Word)_cache->c_data->d_size, ehdr, file); 3764 } 3765 3766 return (note_cnt); 3767 } 3768 3769 /* 3770 * The Linux Standard Base defines a special note named .note.ABI-tag 3771 * that is used to maintain Linux ABI information. Presence of this section 3772 * is a strong indication that the object should be considered to be 3773 * ELFOSABI_LINUX. 3774 * 3775 * This function returns True (1) if such a note is seen, and False (0) 3776 * otherwise. 3777 */ 3778 static int 3779 has_linux_abi_note(Cache *cache, Word shnum, const char *file) 3780 { 3781 Word cnt; 3782 3783 for (cnt = 1; cnt < shnum; cnt++) { 3784 parse_note_t pnstate; 3785 Cache *_cache = &cache[cnt]; 3786 Shdr *shdr = _cache->c_shdr; 3787 3788 /* 3789 * Section must be SHT_NOTE, must have the name 3790 * .note.ABI-tag, and must have data. 3791 */ 3792 if ((shdr->sh_type != SHT_NOTE) || 3793 (strcmp(MSG_ORIG(MSG_STR_NOTEABITAG), 3794 _cache->c_name) != 0) || (_cache->c_data == NULL)) 3795 continue; 3796 3797 pnstate.pns_file = file; 3798 pnstate.pns_cache = _cache; 3799 pnstate.pns_size = _cache->c_data->d_size; 3800 pnstate.pns_data = (Word *)_cache->c_data->d_buf; 3801 3802 while (pnstate.pns_size > 0) { 3803 Word *w; 3804 3805 if (parse_note_entry(&pnstate) == 0) 3806 break; 3807 3808 /* 3809 * The type must be 1, and the name must be "GNU". 3810 * The descsz must be at least 16 bytes. 3811 */ 3812 if ((pnstate.pn_type != 1) || 3813 (pnstate.pn_namesz != (MSG_STR_GNU_SIZE + 1)) || 3814 (strncmp(MSG_ORIG(MSG_STR_GNU), pnstate.pn_name, 3815 MSG_STR_CORE_SIZE + 1) != 0) || 3816 (pnstate.pn_descsz < 16)) 3817 continue; 3818 3819 /* 3820 * desc contains 4 32-bit fields. Field 0 must be 0, 3821 * indicating Linux. The second, third, and fourth 3822 * fields represent the earliest Linux kernel 3823 * version compatible with this object. 3824 */ 3825 /*LINTED*/ 3826 w = (Word *) pnstate.pn_desc; 3827 if (*w == 0) 3828 return (1); 3829 } 3830 } 3831 3832 return (0); 3833 } 3834 3835 /* 3836 * Determine an individual hash entry. This may be the initial hash entry, 3837 * or an associated chain entry. 3838 */ 3839 static void 3840 hash_entry(Cache *refsec, Cache *strsec, const char *hsecname, Word hashndx, 3841 Word symndx, Word symn, Sym *syms, const char *file, ulong_t bkts, 3842 uint_t flags, int chain) 3843 { 3844 Sym *sym; 3845 const char *symname, *str; 3846 char _bucket[MAXNDXSIZE], _symndx[MAXNDXSIZE]; 3847 ulong_t nbkt, nhash; 3848 3849 if (symndx > symn) { 3850 (void) fprintf(stderr, MSG_INTL(MSG_ERR_HSBADSYMNDX), file, 3851 EC_WORD(symndx), EC_WORD(hashndx)); 3852 symname = MSG_INTL(MSG_STR_UNKNOWN); 3853 } else { 3854 sym = (Sym *)(syms + symndx); 3855 symname = string(refsec, symndx, strsec, file, sym->st_name); 3856 } 3857 3858 if (chain == 0) { 3859 (void) snprintf(_bucket, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INTEGER), 3860 hashndx); 3861 str = (const char *)_bucket; 3862 } else 3863 str = MSG_ORIG(MSG_STR_EMPTY); 3864 3865 (void) snprintf(_symndx, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INDEX2), 3866 EC_WORD(symndx)); 3867 dbg_print(0, MSG_ORIG(MSG_FMT_HASH_INFO), str, _symndx, 3868 demangle(symname, flags)); 3869 3870 /* 3871 * Determine if this string is in the correct bucket. 3872 */ 3873 nhash = elf_hash(symname); 3874 nbkt = nhash % bkts; 3875 3876 if (nbkt != hashndx) { 3877 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADHASH), file, 3878 hsecname, symname, EC_WORD(hashndx), nbkt); 3879 } 3880 } 3881 3882 #define MAXCOUNT 500 3883 3884 static void 3885 hash(Cache *cache, Word shnum, const char *file, uint_t flags) 3886 { 3887 static int count[MAXCOUNT]; 3888 Word cnt; 3889 ulong_t ndx, bkts; 3890 char number[MAXNDXSIZE]; 3891 3892 for (cnt = 1; cnt < shnum; cnt++) { 3893 uint_t *hash, *chain; 3894 Cache *_cache = &cache[cnt]; 3895 Shdr *sshdr, *hshdr = _cache->c_shdr; 3896 char *ssecname, *hsecname = _cache->c_name; 3897 Sym *syms; 3898 Word symn; 3899 3900 if (hshdr->sh_type != SHT_HASH) 3901 continue; 3902 3903 /* 3904 * Determine the hash table data and size. 3905 */ 3906 if ((hshdr->sh_entsize == 0) || (hshdr->sh_size == 0)) { 3907 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3908 file, hsecname); 3909 continue; 3910 } 3911 if (_cache->c_data == NULL) 3912 continue; 3913 3914 hash = (uint_t *)_cache->c_data->d_buf; 3915 bkts = *hash; 3916 chain = hash + 2 + bkts; 3917 hash += 2; 3918 3919 /* 3920 * Get the data buffer for the associated symbol table. 3921 */ 3922 if ((hshdr->sh_link == 0) || (hshdr->sh_link >= shnum)) { 3923 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 3924 file, hsecname, EC_WORD(hshdr->sh_link)); 3925 continue; 3926 } 3927 3928 _cache = &cache[hshdr->sh_link]; 3929 ssecname = _cache->c_name; 3930 3931 if (_cache->c_data == NULL) 3932 continue; 3933 3934 if ((syms = (Sym *)_cache->c_data->d_buf) == NULL) { 3935 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3936 file, ssecname); 3937 continue; 3938 } 3939 3940 sshdr = _cache->c_shdr; 3941 /* LINTED */ 3942 symn = (Word)(sshdr->sh_size / sshdr->sh_entsize); 3943 3944 /* 3945 * Get the associated string table section. 3946 */ 3947 if ((sshdr->sh_link == 0) || (sshdr->sh_link >= shnum)) { 3948 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 3949 file, ssecname, EC_WORD(sshdr->sh_link)); 3950 continue; 3951 } 3952 3953 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3954 dbg_print(0, MSG_INTL(MSG_ELF_SCN_HASH), hsecname); 3955 dbg_print(0, MSG_INTL(MSG_ELF_HASH_INFO)); 3956 3957 /* 3958 * Loop through the hash buckets, printing the appropriate 3959 * symbols. 3960 */ 3961 for (ndx = 0; ndx < bkts; ndx++, hash++) { 3962 Word _ndx, _cnt; 3963 3964 if (*hash == 0) { 3965 count[0]++; 3966 continue; 3967 } 3968 3969 hash_entry(_cache, &cache[sshdr->sh_link], hsecname, 3970 ndx, *hash, symn, syms, file, bkts, flags, 0); 3971 3972 /* 3973 * Determine if any other symbols are chained to this 3974 * bucket. 3975 */ 3976 _ndx = chain[*hash]; 3977 _cnt = 1; 3978 while (_ndx) { 3979 hash_entry(_cache, &cache[sshdr->sh_link], 3980 hsecname, ndx, _ndx, symn, syms, file, 3981 bkts, flags, 1); 3982 _ndx = chain[_ndx]; 3983 _cnt++; 3984 } 3985 3986 if (_cnt >= MAXCOUNT) { 3987 (void) fprintf(stderr, 3988 MSG_INTL(MSG_HASH_OVERFLW), file, 3989 _cache->c_name, EC_WORD(ndx), 3990 EC_WORD(_cnt)); 3991 } else 3992 count[_cnt]++; 3993 } 3994 break; 3995 } 3996 3997 /* 3998 * Print out the count information. 3999 */ 4000 bkts = cnt = 0; 4001 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4002 4003 for (ndx = 0; ndx < MAXCOUNT; ndx++) { 4004 Word _cnt; 4005 4006 if ((_cnt = count[ndx]) == 0) 4007 continue; 4008 4009 (void) snprintf(number, MAXNDXSIZE, 4010 MSG_ORIG(MSG_FMT_INTEGER), _cnt); 4011 dbg_print(0, MSG_INTL(MSG_ELF_HASH_BKTS1), number, 4012 EC_WORD(ndx)); 4013 bkts += _cnt; 4014 cnt += (Word)(ndx * _cnt); 4015 } 4016 if (cnt) { 4017 (void) snprintf(number, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INTEGER), 4018 bkts); 4019 dbg_print(0, MSG_INTL(MSG_ELF_HASH_BKTS2), number, 4020 EC_WORD(cnt)); 4021 } 4022 } 4023 4024 static void 4025 group(Cache *cache, Word shnum, const char *file, uint_t flags) 4026 { 4027 Word scnt; 4028 4029 for (scnt = 1; scnt < shnum; scnt++) { 4030 Cache *_cache = &cache[scnt]; 4031 Shdr *shdr = _cache->c_shdr; 4032 Word *grpdata, gcnt, grpcnt, symnum, unknown; 4033 Cache *symsec, *strsec; 4034 Sym *syms, *sym; 4035 char flgstrbuf[MSG_GRP_COMDAT_SIZE + 10]; 4036 const char *grpnam; 4037 4038 if (shdr->sh_type != SHT_GROUP) 4039 continue; 4040 if (!match(MATCH_F_ALL, _cache->c_name, scnt, shdr->sh_type)) 4041 continue; 4042 if ((_cache->c_data == NULL) || 4043 ((grpdata = (Word *)_cache->c_data->d_buf) == NULL)) 4044 continue; 4045 grpcnt = shdr->sh_size / sizeof (Word); 4046 4047 /* 4048 * Get the data buffer for the associated symbol table and 4049 * string table. 4050 */ 4051 if (stringtbl(cache, 1, scnt, shnum, file, 4052 &symnum, &symsec, &strsec) == 0) 4053 return; 4054 4055 syms = symsec->c_data->d_buf; 4056 4057 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4058 dbg_print(0, MSG_INTL(MSG_ELF_SCN_GRP), _cache->c_name); 4059 dbg_print(0, MSG_INTL(MSG_GRP_TITLE)); 4060 4061 /* 4062 * The first element of the group defines the group. The 4063 * associated symbol is defined by the sh_link field. 4064 */ 4065 if ((shdr->sh_info == SHN_UNDEF) || (shdr->sh_info > symnum)) { 4066 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHINFO), 4067 file, _cache->c_name, EC_WORD(shdr->sh_info)); 4068 return; 4069 } 4070 4071 (void) strcpy(flgstrbuf, MSG_ORIG(MSG_STR_OSQBRKT)); 4072 if (grpdata[0] & GRP_COMDAT) { 4073 (void) strcat(flgstrbuf, MSG_ORIG(MSG_GRP_COMDAT)); 4074 } 4075 if ((unknown = (grpdata[0] & ~GRP_COMDAT)) != 0) { 4076 size_t len = strlen(flgstrbuf); 4077 4078 (void) snprintf(&flgstrbuf[len], 4079 (MSG_GRP_COMDAT_SIZE + 10 - len), 4080 MSG_ORIG(MSG_GRP_UNKNOWN), unknown); 4081 } 4082 (void) strcat(flgstrbuf, MSG_ORIG(MSG_STR_CSQBRKT)); 4083 sym = (Sym *)(syms + shdr->sh_info); 4084 4085 /* 4086 * The GNU assembler can use section symbols as the signature 4087 * symbol as described by this comment in the gold linker 4088 * (found via google): 4089 * 4090 * It seems that some versions of gas will create a 4091 * section group associated with a section symbol, and 4092 * then fail to give a name to the section symbol. In 4093 * such a case, use the name of the section. 4094 * 4095 * In order to support such objects, we do the same. 4096 */ 4097 grpnam = string(_cache, 0, strsec, file, sym->st_name); 4098 if (((sym->st_name == 0) || (*grpnam == '\0')) && 4099 (ELF_ST_TYPE(sym->st_info) == STT_SECTION)) 4100 grpnam = cache[sym->st_shndx].c_name; 4101 4102 dbg_print(0, MSG_INTL(MSG_GRP_SIGNATURE), flgstrbuf, 4103 demangle(grpnam, flags)); 4104 4105 for (gcnt = 1; gcnt < grpcnt; gcnt++) { 4106 char index[MAXNDXSIZE]; 4107 const char *name; 4108 4109 (void) snprintf(index, MAXNDXSIZE, 4110 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(gcnt)); 4111 4112 if (grpdata[gcnt] >= shnum) 4113 name = MSG_INTL(MSG_GRP_INVALSCN); 4114 else 4115 name = cache[grpdata[gcnt]].c_name; 4116 4117 (void) printf(MSG_ORIG(MSG_GRP_ENTRY), index, name, 4118 EC_XWORD(grpdata[gcnt])); 4119 } 4120 } 4121 } 4122 4123 static void 4124 got(Cache *cache, Word shnum, Ehdr *ehdr, const char *file) 4125 { 4126 Cache *gotcache = NULL, *symtab = NULL; 4127 Addr gotbgn, gotend; 4128 Shdr *gotshdr; 4129 Word cnt, gotents, gotndx; 4130 size_t gentsize; 4131 Got_info *gottable; 4132 char *gotdata; 4133 Sym *gotsym; 4134 Xword gotsymaddr; 4135 uint_t sys_encoding; 4136 4137 /* 4138 * First, find the got. 4139 */ 4140 for (cnt = 1; cnt < shnum; cnt++) { 4141 if (strncmp(cache[cnt].c_name, MSG_ORIG(MSG_ELF_GOT), 4142 MSG_ELF_GOT_SIZE) == 0) { 4143 gotcache = &cache[cnt]; 4144 break; 4145 } 4146 } 4147 if (gotcache == NULL) 4148 return; 4149 4150 /* 4151 * A got section within a relocatable object is suspicious. 4152 */ 4153 if (ehdr->e_type == ET_REL) { 4154 (void) fprintf(stderr, MSG_INTL(MSG_GOT_UNEXPECTED), file, 4155 gotcache->c_name); 4156 } 4157 4158 gotshdr = gotcache->c_shdr; 4159 if (gotshdr->sh_size == 0) { 4160 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 4161 file, gotcache->c_name); 4162 return; 4163 } 4164 4165 gotbgn = gotshdr->sh_addr; 4166 gotend = gotbgn + gotshdr->sh_size; 4167 4168 /* 4169 * Some architectures don't properly set the sh_entsize for the GOT 4170 * table. If it's not set, default to a size of a pointer. 4171 */ 4172 if ((gentsize = gotshdr->sh_entsize) == 0) 4173 gentsize = sizeof (Xword); 4174 4175 if (gotcache->c_data == NULL) 4176 return; 4177 4178 /* LINTED */ 4179 gotents = (Word)(gotshdr->sh_size / gentsize); 4180 gotdata = gotcache->c_data->d_buf; 4181 4182 if ((gottable = calloc(gotents, sizeof (Got_info))) == 0) { 4183 int err = errno; 4184 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), file, 4185 strerror(err)); 4186 return; 4187 } 4188 4189 /* 4190 * Now we scan through all the sections looking for any relocations 4191 * that may be against the GOT. Since these may not be isolated to a 4192 * .rel[a].got section we check them all. 4193 * While scanning sections save the symbol table entry (a symtab 4194 * overriding a dynsym) so that we can lookup _GLOBAL_OFFSET_TABLE_. 4195 */ 4196 for (cnt = 1; cnt < shnum; cnt++) { 4197 Word type, symnum; 4198 Xword relndx, relnum, relsize; 4199 void *rels; 4200 Sym *syms; 4201 Cache *symsec, *strsec; 4202 Cache *_cache = &cache[cnt]; 4203 Shdr *shdr; 4204 4205 shdr = _cache->c_shdr; 4206 type = shdr->sh_type; 4207 4208 if ((symtab == 0) && (type == SHT_DYNSYM)) { 4209 symtab = _cache; 4210 continue; 4211 } 4212 if (type == SHT_SYMTAB) { 4213 symtab = _cache; 4214 continue; 4215 } 4216 if ((type != SHT_RELA) && (type != SHT_REL)) 4217 continue; 4218 4219 /* 4220 * Decide entry size. 4221 */ 4222 if (((relsize = shdr->sh_entsize) == 0) || 4223 (relsize > shdr->sh_size)) { 4224 if (type == SHT_RELA) 4225 relsize = sizeof (Rela); 4226 else 4227 relsize = sizeof (Rel); 4228 } 4229 4230 /* 4231 * Determine the number of relocations available. 4232 */ 4233 if (shdr->sh_size == 0) { 4234 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 4235 file, _cache->c_name); 4236 continue; 4237 } 4238 if (_cache->c_data == NULL) 4239 continue; 4240 4241 rels = _cache->c_data->d_buf; 4242 relnum = shdr->sh_size / relsize; 4243 4244 /* 4245 * Get the data buffer for the associated symbol table and 4246 * string table. 4247 */ 4248 if (stringtbl(cache, 1, cnt, shnum, file, 4249 &symnum, &symsec, &strsec) == 0) 4250 continue; 4251 4252 syms = symsec->c_data->d_buf; 4253 4254 /* 4255 * Loop through the relocation entries. 4256 */ 4257 for (relndx = 0; relndx < relnum; relndx++, 4258 rels = (void *)((char *)rels + relsize)) { 4259 char section[BUFSIZ]; 4260 Addr offset; 4261 Got_info *gip; 4262 Word symndx, reltype; 4263 Rela *rela; 4264 Rel *rel; 4265 4266 /* 4267 * Unravel the relocation. 4268 */ 4269 if (type == SHT_RELA) { 4270 rela = (Rela *)rels; 4271 symndx = ELF_R_SYM(rela->r_info); 4272 reltype = ELF_R_TYPE(rela->r_info, 4273 ehdr->e_machine); 4274 offset = rela->r_offset; 4275 } else { 4276 rel = (Rel *)rels; 4277 symndx = ELF_R_SYM(rel->r_info); 4278 reltype = ELF_R_TYPE(rel->r_info, 4279 ehdr->e_machine); 4280 offset = rel->r_offset; 4281 } 4282 4283 /* 4284 * Only pay attention to relocations against the GOT. 4285 */ 4286 if ((offset < gotbgn) || (offset >= gotend)) 4287 continue; 4288 4289 /* LINTED */ 4290 gotndx = (Word)((offset - gotbgn) / 4291 gotshdr->sh_entsize); 4292 gip = &gottable[gotndx]; 4293 4294 if (gip->g_reltype != 0) { 4295 (void) fprintf(stderr, 4296 MSG_INTL(MSG_GOT_MULTIPLE), file, 4297 EC_WORD(gotndx), EC_ADDR(offset)); 4298 continue; 4299 } 4300 4301 if (symndx) 4302 gip->g_symname = relsymname(cache, _cache, 4303 strsec, symndx, symnum, relndx, syms, 4304 section, BUFSIZ, file); 4305 gip->g_reltype = reltype; 4306 gip->g_rel = rels; 4307 } 4308 } 4309 4310 if (symlookup(MSG_ORIG(MSG_SYM_GOT), cache, shnum, &gotsym, NULL, 4311 symtab, file)) 4312 gotsymaddr = gotsym->st_value; 4313 else 4314 gotsymaddr = gotbgn; 4315 4316 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4317 dbg_print(0, MSG_INTL(MSG_ELF_SCN_GOT), gotcache->c_name); 4318 Elf_got_title(0); 4319 4320 sys_encoding = _elf_sys_encoding(); 4321 for (gotndx = 0; gotndx < gotents; gotndx++) { 4322 Got_info *gip; 4323 Sword gindex; 4324 Addr gaddr; 4325 Xword gotentry; 4326 4327 gip = &gottable[gotndx]; 4328 4329 gaddr = gotbgn + (gotndx * gentsize); 4330 gindex = (Sword)(gaddr - gotsymaddr) / (Sword)gentsize; 4331 4332 if (gentsize == sizeof (Word)) 4333 /* LINTED */ 4334 gotentry = (Xword)(*((Word *)(gotdata) + gotndx)); 4335 else 4336 /* LINTED */ 4337 gotentry = *((Xword *)(gotdata) + gotndx); 4338 4339 Elf_got_entry(0, gindex, gaddr, gotentry, ehdr->e_machine, 4340 ehdr->e_ident[EI_DATA], sys_encoding, 4341 gip->g_reltype, gip->g_rel, gip->g_symname); 4342 } 4343 free(gottable); 4344 } 4345 4346 void 4347 checksum(Elf *elf) 4348 { 4349 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4350 dbg_print(0, MSG_INTL(MSG_STR_CHECKSUM), elf_checksum(elf)); 4351 } 4352 4353 /* 4354 * This variable is used by regular() to communicate the address of 4355 * the section header cache to sort_shdr_ndx_arr(). Unfortunately, 4356 * the qsort() interface does not include a userdata argument by which 4357 * such arbitrary data can be passed, so we are stuck using global data. 4358 */ 4359 static Cache *sort_shdr_ndx_arr_cache; 4360 4361 4362 /* 4363 * Used with qsort() to sort the section indices so that they can be 4364 * used to access the section headers in order of increasing data offset. 4365 * 4366 * entry: 4367 * sort_shdr_ndx_arr_cache - Contains address of 4368 * section header cache. 4369 * v1, v2 - Point at elements of sort_shdr_bits array to be compared. 4370 * 4371 * exit: 4372 * Returns -1 (less than), 0 (equal) or 1 (greater than). 4373 */ 4374 static int 4375 sort_shdr_ndx_arr(const void *v1, const void *v2) 4376 { 4377 Cache *cache1 = sort_shdr_ndx_arr_cache + *((size_t *)v1); 4378 Cache *cache2 = sort_shdr_ndx_arr_cache + *((size_t *)v2); 4379 4380 if (cache1->c_shdr->sh_offset < cache2->c_shdr->sh_offset) 4381 return (-1); 4382 4383 if (cache1->c_shdr->sh_offset > cache2->c_shdr->sh_offset) 4384 return (1); 4385 4386 return (0); 4387 } 4388 4389 4390 static int 4391 shdr_cache(const char *file, Elf *elf, Ehdr *ehdr, size_t shstrndx, 4392 size_t shnum, Cache **cache_ret, Word flags) 4393 { 4394 Elf_Scn *scn; 4395 Elf_Data *data; 4396 size_t ndx; 4397 Shdr *nameshdr; 4398 char *names = NULL; 4399 Cache *cache, *_cache; 4400 size_t *shdr_ndx_arr, shdr_ndx_arr_cnt; 4401 4402 4403 /* 4404 * Obtain the .shstrtab data buffer to provide the required section 4405 * name strings. 4406 */ 4407 if (shstrndx == SHN_UNDEF) { 4408 /* 4409 * It is rare, but legal, for an object to lack a 4410 * header string table section. 4411 */ 4412 names = NULL; 4413 (void) fprintf(stderr, MSG_INTL(MSG_ERR_NOSHSTRSEC), file); 4414 } else if ((scn = elf_getscn(elf, shstrndx)) == NULL) { 4415 failure(file, MSG_ORIG(MSG_ELF_GETSCN)); 4416 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SHDR), 4417 EC_XWORD(shstrndx)); 4418 4419 } else if ((data = elf_getdata(scn, NULL)) == NULL) { 4420 failure(file, MSG_ORIG(MSG_ELF_GETDATA)); 4421 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_DATA), 4422 EC_XWORD(shstrndx)); 4423 4424 } else if ((nameshdr = elf_getshdr(scn)) == NULL) { 4425 failure(file, MSG_ORIG(MSG_ELF_GETSHDR)); 4426 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCN), 4427 EC_WORD(elf_ndxscn(scn))); 4428 4429 } else if ((names = data->d_buf) == NULL) 4430 (void) fprintf(stderr, MSG_INTL(MSG_ERR_SHSTRNULL), file); 4431 4432 /* 4433 * Allocate a cache to maintain a descriptor for each section. 4434 */ 4435 if ((*cache_ret = cache = malloc(shnum * sizeof (Cache))) == NULL) { 4436 int err = errno; 4437 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 4438 file, strerror(err)); 4439 return (0); 4440 } 4441 4442 *cache = cache_init; 4443 _cache = cache; 4444 _cache++; 4445 4446 /* 4447 * Allocate an array that will hold the section index for 4448 * each section that has data in the ELF file: 4449 * 4450 * - Is not a NOBITS section 4451 * - Data has non-zero length 4452 * 4453 * Note that shnum is an upper bound on the size required. It 4454 * is likely that we won't use a few of these array elements. 4455 * Allocating a modest amount of extra memory in this case means 4456 * that we can avoid an extra loop to count the number of needed 4457 * items, and can fill this array immediately in the first loop 4458 * below. 4459 */ 4460 if ((shdr_ndx_arr = malloc(shnum * sizeof (*shdr_ndx_arr))) == NULL) { 4461 int err = errno; 4462 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 4463 file, strerror(err)); 4464 return (0); 4465 } 4466 shdr_ndx_arr_cnt = 0; 4467 4468 /* 4469 * Traverse the sections of the file. This gathering of data is 4470 * carried out in two passes. First, the section headers are captured 4471 * and the section header names are evaluated. A verification pass is 4472 * then carried out over the section information. Files have been 4473 * known to exhibit overlapping (and hence erroneous) section header 4474 * information. 4475 * 4476 * Finally, the data for each section is obtained. This processing is 4477 * carried out after section verification because should any section 4478 * header overlap occur, and a file needs translating (ie. xlate'ing 4479 * information from a non-native architecture file), then the process 4480 * of translation can corrupt the section header information. Of 4481 * course, if there is any section overlap, the data related to the 4482 * sections is going to be compromised. However, it is the translation 4483 * of this data that has caused problems with elfdump()'s ability to 4484 * extract the data. 4485 */ 4486 for (ndx = 1, scn = NULL; scn = elf_nextscn(elf, scn); 4487 ndx++, _cache++) { 4488 char scnndxnm[100]; 4489 4490 _cache->c_ndx = ndx; 4491 _cache->c_scn = scn; 4492 4493 if ((_cache->c_shdr = elf_getshdr(scn)) == NULL) { 4494 failure(file, MSG_ORIG(MSG_ELF_GETSHDR)); 4495 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCN), 4496 EC_WORD(elf_ndxscn(scn))); 4497 } 4498 4499 /* 4500 * If this section has data in the file, include it in 4501 * the array of sections to check for address overlap. 4502 */ 4503 if ((_cache->c_shdr->sh_size != 0) && 4504 (_cache->c_shdr->sh_type != SHT_NOBITS)) 4505 shdr_ndx_arr[shdr_ndx_arr_cnt++] = ndx; 4506 4507 /* 4508 * If a shstrtab exists, assign the section name. 4509 */ 4510 if (names && _cache->c_shdr) { 4511 if (_cache->c_shdr->sh_name && 4512 /* LINTED */ 4513 (nameshdr->sh_size > _cache->c_shdr->sh_name)) { 4514 const char *symname; 4515 char *secname; 4516 4517 secname = names + _cache->c_shdr->sh_name; 4518 4519 /* 4520 * A SUN naming convention employs a "%" within 4521 * a section name to indicate a section/symbol 4522 * name. This originated from the compilers 4523 * -xF option, that places functions into their 4524 * own sections. This convention (which has no 4525 * formal standard) has also been followed for 4526 * COMDAT sections. To demangle the symbol 4527 * name, the name must be separated from the 4528 * section name. 4529 */ 4530 if (((flags & FLG_CTL_DEMANGLE) == 0) || 4531 ((symname = strchr(secname, '%')) == NULL)) 4532 _cache->c_name = secname; 4533 else { 4534 size_t secsz = ++symname - secname; 4535 size_t strsz; 4536 4537 symname = demangle(symname, flags); 4538 strsz = secsz + strlen(symname) + 1; 4539 4540 if ((_cache->c_name = 4541 malloc(strsz)) == NULL) { 4542 int err = errno; 4543 (void) fprintf(stderr, 4544 MSG_INTL(MSG_ERR_MALLOC), 4545 file, strerror(err)); 4546 return (0); 4547 } 4548 (void) snprintf(_cache->c_name, strsz, 4549 MSG_ORIG(MSG_FMT_SECSYM), 4550 EC_WORD(secsz), secname, symname); 4551 } 4552 4553 continue; 4554 } 4555 4556 /* 4557 * Generate an error if the section name index is zero 4558 * or exceeds the shstrtab data. Fall through to 4559 * fabricate a section name. 4560 */ 4561 if ((_cache->c_shdr->sh_name == 0) || 4562 /* LINTED */ 4563 (nameshdr->sh_size <= _cache->c_shdr->sh_name)) { 4564 (void) fprintf(stderr, 4565 MSG_INTL(MSG_ERR_BADSHNAME), file, 4566 EC_WORD(ndx), 4567 EC_XWORD(_cache->c_shdr->sh_name)); 4568 } 4569 } 4570 4571 /* 4572 * If there exists no shstrtab data, or a section header has no 4573 * name (an invalid index of 0), then compose a name for the 4574 * section. 4575 */ 4576 (void) snprintf(scnndxnm, sizeof (scnndxnm), 4577 MSG_INTL(MSG_FMT_SCNNDX), ndx); 4578 4579 if ((_cache->c_name = malloc(strlen(scnndxnm) + 1)) == NULL) { 4580 int err = errno; 4581 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 4582 file, strerror(err)); 4583 return (0); 4584 } 4585 (void) strcpy(_cache->c_name, scnndxnm); 4586 } 4587 4588 /* 4589 * Having collected all the sections, validate their address range. 4590 * Cases have existed where the section information has been invalid. 4591 * This can lead to all sorts of other, hard to diagnose errors, as 4592 * each section is processed individually (ie. with elf_getdata()). 4593 * Here, we carry out some address comparisons to catch a family of 4594 * overlapping memory issues we have observed (likely, there are others 4595 * that we have yet to discover). 4596 * 4597 * Note, should any memory overlap occur, obtaining any additional 4598 * data from the file is questionable. However, it might still be 4599 * possible to inspect the ELF header, Programs headers, or individual 4600 * sections, so rather than bailing on an error condition, continue 4601 * processing to see if any data can be salvaged. 4602 */ 4603 if (shdr_ndx_arr_cnt > 1) { 4604 sort_shdr_ndx_arr_cache = cache; 4605 qsort(shdr_ndx_arr, shdr_ndx_arr_cnt, 4606 sizeof (*shdr_ndx_arr), sort_shdr_ndx_arr); 4607 } 4608 for (ndx = 0; ndx < shdr_ndx_arr_cnt; ndx++) { 4609 Cache *_cache = cache + shdr_ndx_arr[ndx]; 4610 Shdr *shdr = _cache->c_shdr; 4611 Off bgn1, bgn = shdr->sh_offset; 4612 Off end1, end = shdr->sh_offset + shdr->sh_size; 4613 size_t ndx1; 4614 4615 /* 4616 * Check the section against all following ones, reporting 4617 * any overlaps. Since we've sorted the sections by offset, 4618 * we can stop after the first comparison that fails. There 4619 * are no overlaps in a properly formed ELF file, in which 4620 * case this algorithm runs in O(n) time. This will degenerate 4621 * to O(n^2) for a completely broken file. Such a file is 4622 * (1) highly unlikely, and (2) unusable, so it is reasonable 4623 * for the analysis to take longer. 4624 */ 4625 for (ndx1 = ndx + 1; ndx1 < shdr_ndx_arr_cnt; ndx1++) { 4626 Cache *_cache1 = cache + shdr_ndx_arr[ndx1]; 4627 Shdr *shdr1 = _cache1->c_shdr; 4628 4629 bgn1 = shdr1->sh_offset; 4630 end1 = shdr1->sh_offset + shdr1->sh_size; 4631 4632 if (((bgn1 <= bgn) && (end1 > bgn)) || 4633 ((bgn1 < end) && (end1 >= end))) { 4634 (void) fprintf(stderr, 4635 MSG_INTL(MSG_ERR_SECMEMOVER), file, 4636 EC_WORD(elf_ndxscn(_cache->c_scn)), 4637 _cache->c_name, EC_OFF(bgn), EC_OFF(end), 4638 EC_WORD(elf_ndxscn(_cache1->c_scn)), 4639 _cache1->c_name, EC_OFF(bgn1), 4640 EC_OFF(end1)); 4641 } else { /* No overlap, so can stop */ 4642 break; 4643 } 4644 } 4645 4646 /* 4647 * In addition to checking for sections overlapping 4648 * each other (done above), we should also make sure 4649 * the section doesn't overlap the section header array. 4650 */ 4651 bgn1 = ehdr->e_shoff; 4652 end1 = ehdr->e_shoff + (ehdr->e_shentsize * ehdr->e_shnum); 4653 4654 if (((bgn1 <= bgn) && (end1 > bgn)) || 4655 ((bgn1 < end) && (end1 >= end))) { 4656 (void) fprintf(stderr, 4657 MSG_INTL(MSG_ERR_SHDRMEMOVER), file, EC_OFF(bgn1), 4658 EC_OFF(end1), 4659 EC_WORD(elf_ndxscn(_cache->c_scn)), 4660 _cache->c_name, EC_OFF(bgn), EC_OFF(end)); 4661 } 4662 } 4663 4664 /* 4665 * Obtain the data for each section. 4666 */ 4667 for (ndx = 1; ndx < shnum; ndx++) { 4668 Cache *_cache = &cache[ndx]; 4669 Elf_Scn *scn = _cache->c_scn; 4670 4671 if ((_cache->c_data = elf_getdata(scn, NULL)) == NULL) { 4672 failure(file, MSG_ORIG(MSG_ELF_GETDATA)); 4673 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCNDATA), 4674 EC_WORD(elf_ndxscn(scn))); 4675 } 4676 4677 /* 4678 * If a string table, verify that it has NULL first and 4679 * final bytes. 4680 */ 4681 if ((_cache->c_shdr->sh_type == SHT_STRTAB) && 4682 (_cache->c_data->d_buf != NULL) && 4683 (_cache->c_data->d_size > 0)) { 4684 const char *s = _cache->c_data->d_buf; 4685 4686 if ((*s != '\0') || 4687 (*(s + _cache->c_data->d_size - 1) != '\0')) 4688 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALSTR), 4689 file, _cache->c_name); 4690 } 4691 } 4692 4693 return (1); 4694 } 4695 4696 4697 4698 /* 4699 * Generate a cache of section headers and related information 4700 * for use by the rest of elfdump. If requested (or the file 4701 * contains no section headers), we generate a fake set of 4702 * headers from the information accessible from the program headers. 4703 * Otherwise, we use the real section headers contained in the file. 4704 */ 4705 static int 4706 create_cache(const char *file, int fd, Elf *elf, Ehdr *ehdr, Cache **cache, 4707 size_t shstrndx, size_t *shnum, uint_t *flags) 4708 { 4709 /* 4710 * If there are no section headers, then resort to synthesizing 4711 * section headers from the program headers. This is normally 4712 * only done by explicit request, but in this case there's no 4713 * reason not to go ahead, since the alternative is simply to quit. 4714 */ 4715 if ((*shnum <= 1) && ((*flags & FLG_CTL_FAKESHDR) == 0)) { 4716 (void) fprintf(stderr, MSG_INTL(MSG_ERR_NOSHDR), file); 4717 *flags |= FLG_CTL_FAKESHDR; 4718 } 4719 4720 if (*flags & FLG_CTL_FAKESHDR) { 4721 if (fake_shdr_cache(file, fd, elf, ehdr, cache, shnum) == 0) 4722 return (0); 4723 } else { 4724 if (shdr_cache(file, elf, ehdr, shstrndx, *shnum, 4725 cache, *flags) == 0) 4726 return (0); 4727 } 4728 4729 return (1); 4730 } 4731 4732 int 4733 regular(const char *file, int fd, Elf *elf, uint_t flags, 4734 const char *wname, int wfd, uchar_t osabi) 4735 { 4736 enum { CACHE_NEEDED, CACHE_OK, CACHE_FAIL} cache_state = CACHE_NEEDED; 4737 Elf_Scn *scn; 4738 Ehdr *ehdr; 4739 size_t ndx, shstrndx, shnum, phnum; 4740 Shdr *shdr; 4741 Cache *cache; 4742 VERSYM_STATE versym; 4743 int ret = 0; 4744 int addr_align; 4745 4746 if ((ehdr = elf_getehdr(elf)) == NULL) { 4747 failure(file, MSG_ORIG(MSG_ELF_GETEHDR)); 4748 return (ret); 4749 } 4750 4751 if (elf_getshdrnum(elf, &shnum) == -1) { 4752 failure(file, MSG_ORIG(MSG_ELF_GETSHDRNUM)); 4753 return (ret); 4754 } 4755 4756 if (elf_getshdrstrndx(elf, &shstrndx) == -1) { 4757 failure(file, MSG_ORIG(MSG_ELF_GETSHDRSTRNDX)); 4758 return (ret); 4759 } 4760 4761 if (elf_getphdrnum(elf, &phnum) == -1) { 4762 failure(file, MSG_ORIG(MSG_ELF_GETPHDRNUM)); 4763 return (ret); 4764 } 4765 /* 4766 * If the user requested section headers derived from the 4767 * program headers (-P option) and this file doesn't have 4768 * any program headers (i.e. ET_REL), then we can't do it. 4769 */ 4770 if ((phnum == 0) && (flags & FLG_CTL_FAKESHDR)) { 4771 (void) fprintf(stderr, MSG_INTL(MSG_ERR_PNEEDSPH), file); 4772 return (ret); 4773 } 4774 4775 4776 if ((scn = elf_getscn(elf, 0)) != NULL) { 4777 if ((shdr = elf_getshdr(scn)) == NULL) { 4778 failure(file, MSG_ORIG(MSG_ELF_GETSHDR)); 4779 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCN), 0); 4780 return (ret); 4781 } 4782 } else 4783 shdr = NULL; 4784 4785 /* 4786 * Print the elf header. 4787 */ 4788 if (flags & FLG_SHOW_EHDR) 4789 Elf_ehdr(0, ehdr, shdr); 4790 4791 /* 4792 * If the section headers or program headers have inadequate 4793 * alignment for the class of object, print a warning. libelf 4794 * can handle such files, but programs that use them can crash 4795 * when they dereference unaligned items. 4796 * 4797 * Note that the AMD64 ABI, although it is a 64-bit architecture, 4798 * allows access to data types smaller than 128-bits to be on 4799 * word alignment. 4800 */ 4801 if (ehdr->e_machine == EM_AMD64) 4802 addr_align = sizeof (Word); 4803 else 4804 addr_align = sizeof (Addr); 4805 4806 if (ehdr->e_phoff & (addr_align - 1)) 4807 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADPHDRALIGN), file); 4808 if (ehdr->e_shoff & (addr_align - 1)) 4809 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHDRALIGN), file); 4810 4811 4812 /* 4813 * Determine the Operating System ABI (osabi) we will use to 4814 * interpret the object. 4815 */ 4816 if (flags & FLG_CTL_OSABI) { 4817 /* 4818 * If the user explicitly specifies '-O none', we need 4819 * to display a completely generic view of the file. 4820 * However, libconv is written to assume that ELFOSABI_NONE 4821 * is equivalent to ELFOSABI_SOLARIS. To get the desired 4822 * effect, we use an osabi that libconv has no knowledge of. 4823 */ 4824 if (osabi == ELFOSABI_NONE) 4825 osabi = ELFOSABI_UNKNOWN4; 4826 } else { 4827 /* Determine osabi from file */ 4828 osabi = ehdr->e_ident[EI_OSABI]; 4829 if (osabi == ELFOSABI_NONE) { 4830 /* 4831 * Chicken/Egg scenario: 4832 * 4833 * Ideally, we wait to create the section header cache 4834 * until after the program headers are printed. If we 4835 * only output program headers, we can skip building 4836 * the cache entirely. 4837 * 4838 * Proper interpretation of program headers requires 4839 * the osabi, which is supposed to be in the ELF header. 4840 * However, many systems (Solaris and Linux included) 4841 * have a history of setting the osabi to the generic 4842 * SysV ABI (ELFOSABI_NONE). We assume ELFOSABI_SOLARIS 4843 * in such cases, but would like to check the object 4844 * to see if it has a Linux .note.ABI-tag section, 4845 * which implies ELFOSABI_LINUX. This requires a 4846 * section header cache. 4847 * 4848 * To break the cycle, we create section headers now 4849 * if osabi is ELFOSABI_NONE, and later otherwise. 4850 * If it succeeds, we use them, if not, we defer 4851 * exiting until after the program headers are out. 4852 */ 4853 if (create_cache(file, fd, elf, ehdr, &cache, 4854 shstrndx, &shnum, &flags) == 0) { 4855 cache_state = CACHE_FAIL; 4856 } else { 4857 cache_state = CACHE_OK; 4858 if (has_linux_abi_note(cache, shnum, file)) { 4859 Conv_inv_buf_t ibuf1, ibuf2; 4860 4861 (void) fprintf(stderr, 4862 MSG_INTL(MSG_INFO_LINUXOSABI), file, 4863 conv_ehdr_osabi(osabi, 0, &ibuf1), 4864 conv_ehdr_osabi(ELFOSABI_LINUX, 4865 0, &ibuf2)); 4866 osabi = ELFOSABI_LINUX; 4867 } 4868 } 4869 } 4870 /* 4871 * We treat ELFOSABI_NONE identically to ELFOSABI_SOLARIS. 4872 * Mapping NONE to SOLARIS simplifies the required test. 4873 */ 4874 if (osabi == ELFOSABI_NONE) 4875 osabi = ELFOSABI_SOLARIS; 4876 } 4877 4878 /* 4879 * Print the program headers. 4880 */ 4881 if ((flags & FLG_SHOW_PHDR) && (phnum != 0)) { 4882 Phdr *phdr; 4883 4884 if ((phdr = elf_getphdr(elf)) == NULL) { 4885 failure(file, MSG_ORIG(MSG_ELF_GETPHDR)); 4886 return (ret); 4887 } 4888 4889 for (ndx = 0; ndx < phnum; phdr++, ndx++) { 4890 if (!match(MATCH_F_PHDR| MATCH_F_NDX | MATCH_F_TYPE, 4891 NULL, ndx, phdr->p_type)) 4892 continue; 4893 4894 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4895 dbg_print(0, MSG_INTL(MSG_ELF_PHDR), EC_WORD(ndx)); 4896 Elf_phdr(0, osabi, ehdr->e_machine, phdr); 4897 } 4898 } 4899 4900 /* 4901 * If we have flag bits set that explicitly require a show or calc 4902 * operation, but none of them require the section headers, then 4903 * we are done and can return now. 4904 */ 4905 if (((flags & (FLG_MASK_SHOW | FLG_MASK_CALC)) != 0) && 4906 ((flags & (FLG_MASK_SHOW_SHDR | FLG_MASK_CALC_SHDR)) == 0)) 4907 return (ret); 4908 4909 /* 4910 * Everything from this point on requires section headers. 4911 * If we have no section headers, there is no reason to continue. 4912 * 4913 * If we tried above to create the section header cache and failed, 4914 * it is time to exit. Otherwise, create it if needed. 4915 */ 4916 switch (cache_state) { 4917 case CACHE_NEEDED: 4918 if (create_cache(file, fd, elf, ehdr, &cache, shstrndx, 4919 &shnum, &flags) == 0) 4920 return (ret); 4921 break; 4922 case CACHE_FAIL: 4923 return (ret); 4924 } 4925 if (shnum <= 1) 4926 goto done; 4927 4928 /* 4929 * If -w was specified, find and write out the section(s) data. 4930 */ 4931 if (wfd) { 4932 for (ndx = 1; ndx < shnum; ndx++) { 4933 Cache *_cache = &cache[ndx]; 4934 4935 if (match(MATCH_F_STRICT | MATCH_F_ALL, _cache->c_name, 4936 ndx, _cache->c_shdr->sh_type) && 4937 _cache->c_data && _cache->c_data->d_buf) { 4938 if (write(wfd, _cache->c_data->d_buf, 4939 _cache->c_data->d_size) != 4940 _cache->c_data->d_size) { 4941 int err = errno; 4942 (void) fprintf(stderr, 4943 MSG_INTL(MSG_ERR_WRITE), wname, 4944 strerror(err)); 4945 /* 4946 * Return an exit status of 1, because 4947 * the failure is not related to the 4948 * ELF file, but by system resources. 4949 */ 4950 ret = 1; 4951 goto done; 4952 } 4953 } 4954 } 4955 } 4956 4957 /* 4958 * If we have no flag bits set that explicitly require a show or calc 4959 * operation, but match options (-I, -N, -T) were used, then run 4960 * through the section headers and see if we can't deduce show flags 4961 * from the match options given. 4962 * 4963 * We don't do this if -w was specified, because (-I, -N, -T) used 4964 * with -w in lieu of some other option is supposed to be quiet. 4965 */ 4966 if ((wfd == 0) && (flags & FLG_CTL_MATCH) && 4967 ((flags & (FLG_MASK_SHOW | FLG_MASK_CALC)) == 0)) { 4968 for (ndx = 1; ndx < shnum; ndx++) { 4969 Cache *_cache = &cache[ndx]; 4970 4971 if (!match(MATCH_F_STRICT | MATCH_F_ALL, _cache->c_name, 4972 ndx, _cache->c_shdr->sh_type)) 4973 continue; 4974 4975 switch (_cache->c_shdr->sh_type) { 4976 case SHT_PROGBITS: 4977 /* 4978 * Heuristic time: It is usually bad form 4979 * to assume the meaning/format of a PROGBITS 4980 * section based on its name. However, there 4981 * are ABI mandated exceptions. Check for 4982 * these special names. 4983 */ 4984 4985 /* The ELF ABI specifies .interp and .got */ 4986 if (strcmp(_cache->c_name, 4987 MSG_ORIG(MSG_ELF_INTERP)) == 0) { 4988 flags |= FLG_SHOW_INTERP; 4989 break; 4990 } 4991 if (strcmp(_cache->c_name, 4992 MSG_ORIG(MSG_ELF_GOT)) == 0) { 4993 flags |= FLG_SHOW_GOT; 4994 break; 4995 } 4996 /* 4997 * The GNU compilers, and amd64 ABI, define 4998 * .eh_frame and .eh_frame_hdr. The Sun 4999 * C++ ABI defines .exception_ranges. 5000 */ 5001 if ((strncmp(_cache->c_name, 5002 MSG_ORIG(MSG_SCN_FRM), 5003 MSG_SCN_FRM_SIZE) == 0) || 5004 (strncmp(_cache->c_name, 5005 MSG_ORIG(MSG_SCN_EXRANGE), 5006 MSG_SCN_EXRANGE_SIZE) == 0)) { 5007 flags |= FLG_SHOW_UNWIND; 5008 break; 5009 } 5010 break; 5011 5012 case SHT_SYMTAB: 5013 case SHT_DYNSYM: 5014 case SHT_SUNW_LDYNSYM: 5015 case SHT_SUNW_versym: 5016 case SHT_SYMTAB_SHNDX: 5017 flags |= FLG_SHOW_SYMBOLS; 5018 break; 5019 5020 case SHT_RELA: 5021 case SHT_REL: 5022 flags |= FLG_SHOW_RELOC; 5023 break; 5024 5025 case SHT_HASH: 5026 flags |= FLG_SHOW_HASH; 5027 break; 5028 5029 case SHT_DYNAMIC: 5030 flags |= FLG_SHOW_DYNAMIC; 5031 break; 5032 5033 case SHT_NOTE: 5034 flags |= FLG_SHOW_NOTE; 5035 break; 5036 5037 case SHT_GROUP: 5038 flags |= FLG_SHOW_GROUP; 5039 break; 5040 5041 case SHT_SUNW_symsort: 5042 case SHT_SUNW_tlssort: 5043 flags |= FLG_SHOW_SORT; 5044 break; 5045 5046 case SHT_SUNW_cap: 5047 flags |= FLG_SHOW_CAP; 5048 break; 5049 5050 case SHT_SUNW_move: 5051 flags |= FLG_SHOW_MOVE; 5052 break; 5053 5054 case SHT_SUNW_syminfo: 5055 flags |= FLG_SHOW_SYMINFO; 5056 break; 5057 5058 case SHT_SUNW_verdef: 5059 case SHT_SUNW_verneed: 5060 flags |= FLG_SHOW_VERSIONS; 5061 break; 5062 5063 case SHT_AMD64_UNWIND: 5064 flags |= FLG_SHOW_UNWIND; 5065 break; 5066 } 5067 } 5068 } 5069 5070 5071 if (flags & FLG_SHOW_SHDR) 5072 sections(file, cache, shnum, ehdr, osabi); 5073 5074 if (flags & FLG_SHOW_INTERP) 5075 interp(file, cache, shnum, phnum, elf); 5076 5077 if ((osabi == ELFOSABI_SOLARIS) || (osabi == ELFOSABI_LINUX)) 5078 versions(cache, shnum, file, flags, &versym); 5079 5080 if (flags & FLG_SHOW_SYMBOLS) 5081 symbols(cache, shnum, ehdr, osabi, &versym, file, flags); 5082 5083 if ((flags & FLG_SHOW_SORT) && (osabi == ELFOSABI_SOLARIS)) 5084 sunw_sort(cache, shnum, ehdr, osabi, &versym, file, flags); 5085 5086 if (flags & FLG_SHOW_HASH) 5087 hash(cache, shnum, file, flags); 5088 5089 if (flags & FLG_SHOW_GOT) 5090 got(cache, shnum, ehdr, file); 5091 5092 if (flags & FLG_SHOW_GROUP) 5093 group(cache, shnum, file, flags); 5094 5095 if (flags & FLG_SHOW_SYMINFO) 5096 syminfo(cache, shnum, ehdr, osabi, file); 5097 5098 if (flags & FLG_SHOW_RELOC) 5099 reloc(cache, shnum, ehdr, file); 5100 5101 if (flags & FLG_SHOW_DYNAMIC) 5102 dynamic(cache, shnum, ehdr, osabi, file); 5103 5104 if (flags & FLG_SHOW_NOTE) { 5105 Word note_cnt; 5106 size_t note_shnum; 5107 Cache *note_cache; 5108 5109 note_cnt = note(cache, shnum, ehdr, file); 5110 5111 /* 5112 * Solaris core files have section headers, but these 5113 * headers do not include SHT_NOTE sections that reference 5114 * the core note sections. This means that note() won't 5115 * find the core notes. Fake section headers (-P option) 5116 * recover these sections, but it is inconvenient to require 5117 * users to specify -P in this situation. If the following 5118 * are all true: 5119 * 5120 * - No note sections were found 5121 * - This is a core file 5122 * - We are not already using fake section headers 5123 * 5124 * then we will automatically generate fake section headers 5125 * and then process them in a second call to note(). 5126 */ 5127 if ((note_cnt == 0) && (ehdr->e_type == ET_CORE) && 5128 !(flags & FLG_CTL_FAKESHDR) && 5129 (fake_shdr_cache(file, fd, elf, ehdr, 5130 ¬e_cache, ¬e_shnum) != 0)) { 5131 (void) note(note_cache, note_shnum, ehdr, file); 5132 fake_shdr_cache_free(note_cache, note_shnum); 5133 } 5134 } 5135 5136 if ((flags & FLG_SHOW_MOVE) && (osabi == ELFOSABI_SOLARIS)) 5137 move(cache, shnum, file, flags); 5138 5139 if (flags & FLG_CALC_CHECKSUM) 5140 checksum(elf); 5141 5142 if ((flags & FLG_SHOW_CAP) && (osabi == ELFOSABI_SOLARIS)) 5143 cap(file, cache, shnum, phnum, ehdr, osabi, elf, flags); 5144 5145 if ((flags & FLG_SHOW_UNWIND) && 5146 ((osabi == ELFOSABI_SOLARIS) || (osabi == ELFOSABI_LINUX))) 5147 unwind(cache, shnum, phnum, ehdr, osabi, file, elf, flags); 5148 5149 5150 /* Release the memory used to cache section headers */ 5151 done: 5152 if (flags & FLG_CTL_FAKESHDR) 5153 fake_shdr_cache_free(cache, shnum); 5154 else 5155 free(cache); 5156 5157 return (ret); 5158 } 5159