1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 /* 28 * Copyright (c) 2015, Joyent, Inc. All rights reserved. 29 */ 30 31 /* 32 * Dump an elf file. 33 */ 34 #include <stddef.h> 35 #include <sys/elf_386.h> 36 #include <sys/elf_amd64.h> 37 #include <sys/elf_SPARC.h> 38 #include <_libelf.h> 39 #include <dwarf.h> 40 #include <stdio.h> 41 #include <unistd.h> 42 #include <errno.h> 43 #include <strings.h> 44 #include <debug.h> 45 #include <conv.h> 46 #include <msg.h> 47 #include <_elfdump.h> 48 49 50 /* 51 * VERSYM_STATE is used to maintain information about the VERSYM section 52 * in the object being analyzed. It is filled in by versions(), and used 53 * by init_symtbl_state() when displaying symbol information. 54 * 55 * There are three forms of symbol versioning known to us: 56 * 57 * 1) The original form, introduced with Solaris 2.5, in which 58 * the Versym contains indexes to Verdef records, and the 59 * Versym values for UNDEF symbols resolved by other objects 60 * are all set to 0. 61 * 2) The GNU form, which is backward compatible with the original 62 * Solaris form, but which adds several extensions: 63 * - The Versym also contains indexes to Verneed records, recording 64 * which object/version contributed the external symbol at 65 * link time. These indexes start with the next value following 66 * the final Verdef index. The index is written to the previously 67 * reserved vna_other field of the ELF Vernaux structure. 68 * - The top bit of the Versym value is no longer part of the index, 69 * but is used as a "hidden bit" to prevent binding to the symbol. 70 * - Multiple implementations of a given symbol, contained in varying 71 * versions are allowed, using special assembler pseudo ops, 72 * and encoded in the symbol name using '@' characters. 73 * 3) Modified Solaris form, in which we adopt the first GNU extension 74 * (Versym indexes to Verneed records), but not the others. 75 * 76 * elfdump can handle any of these cases. The presence of a DT_VERSYM 77 * dynamic element indicates a full GNU object. An object that lacks 78 * a DT_VERSYM entry, but which has non-zero vna_other fields in the Vernaux 79 * structures is a modified Solaris object. An object that has neither of 80 * these uses the original form. 81 * 82 * max_verndx contains the largest version index that can appear 83 * in a Versym entry. This can never be less than 1: In the case where 84 * there is no verdef/verneed sections, the [0] index is reserved 85 * for local symbols, and the [1] index for globals. If the original 86 * Solaris versioning rules are in effect and there is a verdef section, 87 * then max_verndex is the number of defined versions. If one of the 88 * other versioning forms is in effect, then: 89 * 1) If there is no verneed section, it is the same as for 90 * original Solaris versioning. 91 * 2) If there is a verneed section, the vna_other field of the 92 * Vernaux structs contain versions, and max_verndx is the 93 * largest such index. 94 * 95 * If gnu_full is True, the object uses the full GNU form of versioning. 96 * The value of the gnu_full field is based on the presence of 97 * a DT_VERSYM entry in the dynamic section: GNU ld produces these, and 98 * Solaris ld does not. 99 * 100 * The gnu_needed field is True if the Versym contains indexes to 101 * Verneed records, as indicated by non-zero vna_other fields in the Verneed 102 * section. If gnu_full is True, then gnu_needed will always be true. 103 * However, gnu_needed can be true without gnu_full. This is the modified 104 * Solaris form. 105 */ 106 typedef struct { 107 Cache *cache; /* Pointer to cache entry for VERSYM */ 108 Versym *data; /* Pointer to versym array */ 109 int gnu_full; /* True if object uses GNU versioning rules */ 110 int gnu_needed; /* True if object uses VERSYM indexes for */ 111 /* VERNEED (subset of gnu_full) */ 112 int max_verndx; /* largest versym index value */ 113 } VERSYM_STATE; 114 115 /* 116 * SYMTBL_STATE is used to maintain information about a single symbol 117 * table section, for use by the routines that display symbol information. 118 */ 119 typedef struct { 120 const char *file; /* Name of file */ 121 Ehdr *ehdr; /* ELF header for file */ 122 Cache *cache; /* Cache of all section headers */ 123 uchar_t osabi; /* OSABI to use */ 124 Word shnum; /* # of sections in cache */ 125 Cache *seccache; /* Cache of symbol table section hdr */ 126 Word secndx; /* Index of symbol table section hdr */ 127 const char *secname; /* Name of section */ 128 uint_t flags; /* Command line option flags */ 129 struct { /* Extended section index data */ 130 int checked; /* TRUE if already checked for shxndx */ 131 Word *data; /* NULL, or extended section index */ 132 /* used for symbol table entries */ 133 uint_t n; /* # items in shxndx.data */ 134 } shxndx; 135 VERSYM_STATE *versym; /* NULL, or associated VERSYM section */ 136 Sym *sym; /* Array of symbols */ 137 Word symn; /* # of symbols */ 138 } SYMTBL_STATE; 139 140 /* 141 * A variable of this type is used to track information related to 142 * .eh_frame and .eh_frame_hdr sections across calls to unwind_eh_frame(). 143 */ 144 typedef struct { 145 Word frame_cnt; /* # .eh_frame sections seen */ 146 Word frame_ndx; /* Section index of 1st .eh_frame */ 147 Word hdr_cnt; /* # .eh_frame_hdr sections seen */ 148 Word hdr_ndx; /* Section index of 1st .eh_frame_hdr */ 149 uint64_t frame_ptr; /* Value of FramePtr field from first */ 150 /* .eh_frame_hdr section */ 151 uint64_t frame_base; /* Data addr of 1st .eh_frame */ 152 } gnu_eh_state_t; 153 154 /* 155 * C++ .exception_ranges entries make use of the signed ptrdiff_t 156 * type to record self-relative pointer values. We need a type 157 * for this that is matched to the ELFCLASS being processed. 158 */ 159 #if defined(_ELF64) 160 typedef int64_t PTRDIFF_T; 161 #else 162 typedef int32_t PTRDIFF_T; 163 #endif 164 165 /* 166 * The Sun C++ ABI uses this struct to define each .exception_ranges 167 * entry. From the ABI: 168 * 169 * The field ret_addr is a self relative pointer to the start of the address 170 * range. The name was chosen because in the current implementation the range 171 * typically starts at the return address for a call site. 172 * 173 * The field length is the difference, in bytes, between the pc of the last 174 * instruction covered by the exception range and the first. When only a 175 * single call site is represented without optimization, this will equal zero. 176 * 177 * The field handler_addr is a relative pointer which stores the difference 178 * between the start of the exception range and the address of all code to 179 * catch exceptions and perform the cleanup for stack unwinding. 180 * 181 * The field type_block is a relative pointer which stores the difference 182 * between the start of the exception range and the address of an array used 183 * for storing a list of the types of exceptions which can be caught within 184 * the exception range. 185 */ 186 typedef struct { 187 PTRDIFF_T ret_addr; 188 Xword length; 189 PTRDIFF_T handler_addr; 190 PTRDIFF_T type_block; 191 Xword reserved; 192 } exception_range_entry; 193 194 /* 195 * Focal point for verifying symbol names. 196 */ 197 static const char * 198 string(Cache *refsec, Word ndx, Cache *strsec, const char *file, Word name) 199 { 200 /* 201 * If an error in this routine is due to a property of the string 202 * section, as opposed to a bad offset into the section (a property of 203 * the referencing section), then we will detect the same error on 204 * every call involving those sections. We use these static variables 205 * to retain the information needed to only issue each such error once. 206 */ 207 static Cache *last_refsec; /* Last referencing section seen */ 208 static int strsec_err; /* True if error issued */ 209 210 const char *strs; 211 Word strn; 212 213 if (strsec->c_data == NULL) 214 return (NULL); 215 216 strs = (char *)strsec->c_data->d_buf; 217 strn = strsec->c_data->d_size; 218 219 /* 220 * We only print a diagnostic regarding a bad string table once per 221 * input section being processed. If the refsec has changed, reset 222 * our retained error state. 223 */ 224 if (last_refsec != refsec) { 225 last_refsec = refsec; 226 strsec_err = 0; 227 } 228 229 /* Verify that strsec really is a string table */ 230 if (strsec->c_shdr->sh_type != SHT_STRTAB) { 231 if (!strsec_err) { 232 (void) fprintf(stderr, MSG_INTL(MSG_ERR_NOTSTRTAB), 233 file, strsec->c_ndx, refsec->c_ndx); 234 strsec_err = 1; 235 } 236 return (MSG_INTL(MSG_STR_UNKNOWN)); 237 } 238 239 /* 240 * Is the string table offset within range of the available strings? 241 */ 242 if (name >= strn) { 243 /* 244 * Do we have a empty string table? 245 */ 246 if (strs == NULL) { 247 if (!strsec_err) { 248 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 249 file, strsec->c_name); 250 strsec_err = 1; 251 } 252 } else { 253 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSTOFF), 254 file, refsec->c_name, EC_WORD(ndx), strsec->c_name, 255 EC_WORD(name), EC_WORD(strn - 1)); 256 } 257 258 /* 259 * Return the empty string so that the calling function can 260 * continue it's output diagnostics. 261 */ 262 return (MSG_INTL(MSG_STR_UNKNOWN)); 263 } 264 return (strs + name); 265 } 266 267 /* 268 * Relocations can reference section symbols and standard symbols. If the 269 * former, establish the section name. 270 */ 271 static const char * 272 relsymname(Cache *cache, Cache *csec, Cache *strsec, Word symndx, Word symnum, 273 Word relndx, Sym *syms, char *secstr, size_t secsz, const char *file) 274 { 275 Sym *sym; 276 const char *name; 277 278 if (symndx >= symnum) { 279 (void) fprintf(stderr, MSG_INTL(MSG_ERR_RELBADSYMNDX), 280 file, EC_WORD(symndx), EC_WORD(relndx)); 281 return (MSG_INTL(MSG_STR_UNKNOWN)); 282 } 283 284 sym = (Sym *)(syms + symndx); 285 name = string(csec, symndx, strsec, file, sym->st_name); 286 287 /* 288 * If the symbol represents a section offset construct an appropriate 289 * string. Note, although section symbol table entries typically have 290 * a NULL name pointer, entries do exist that point into the string 291 * table to their own NULL strings. 292 */ 293 if ((ELF_ST_TYPE(sym->st_info) == STT_SECTION) && 294 ((sym->st_name == 0) || (*name == '\0'))) { 295 (void) snprintf(secstr, secsz, MSG_INTL(MSG_STR_SECTION), 296 cache[sym->st_shndx].c_name); 297 return ((const char *)secstr); 298 } 299 300 return (name); 301 } 302 303 /* 304 * Focal point for establishing a string table section. Data such as the 305 * dynamic information simply points to a string table. Data such as 306 * relocations, reference a symbol table, which in turn is associated with a 307 * string table. 308 */ 309 static int 310 stringtbl(Cache *cache, int symtab, Word ndx, Word shnum, const char *file, 311 Word *symnum, Cache **symsec, Cache **strsec) 312 { 313 Shdr *shdr = cache[ndx].c_shdr; 314 315 /* 316 * If symtab is non-zero, the ndx we are called with represents a 317 * shdr which links to a symbol table (which then links to a string 318 * table) 319 */ 320 if (symtab != 0) { 321 /* 322 * Validate the symbol table linkage. 323 */ 324 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 325 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 326 file, cache[ndx].c_name, EC_WORD(shdr->sh_link)); 327 return (0); 328 } 329 330 /* 331 * Establish the symbol table index. 332 */ 333 ndx = shdr->sh_link; 334 shdr = cache[ndx].c_shdr; 335 336 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 337 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 338 file, cache[ndx].c_name); 339 return (0); 340 } 341 342 /* 343 * Obtain, and verify the symbol table data. 344 */ 345 if ((cache[ndx].c_data == NULL) || 346 (cache[ndx].c_data->d_buf == NULL)) { 347 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 348 file, cache[ndx].c_name); 349 return (0); 350 } 351 352 /* 353 * Return symbol table information. 354 */ 355 if (symnum) 356 *symnum = (shdr->sh_size / shdr->sh_entsize); 357 if (symsec) 358 *symsec = &cache[ndx]; 359 } 360 361 /* 362 * Validate the string table linkage. 363 */ 364 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 365 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 366 file, cache[ndx].c_name, EC_WORD(shdr->sh_link)); 367 return (0); 368 } 369 370 if (strsec) 371 *strsec = &cache[shdr->sh_link]; 372 373 return (1); 374 } 375 376 /* 377 * Lookup a symbol and set Sym accordingly. 378 * 379 * entry: 380 * name - Name of symbol to lookup 381 * cache - Cache of all section headers 382 * shnum - # of sections in cache 383 * sym - Address of pointer to receive symbol 384 * target - NULL, or section to which the symbol must be associated. 385 * symtab - Symbol table to search for symbol 386 * file - Name of file 387 * 388 * exit: 389 * If the symbol is found, *sym is set to reference it, and True is 390 * returned. If target is non-NULL, the symbol must reference the given 391 * section --- otherwise the section is not checked. 392 * 393 * If no symbol is found, False is returned. 394 */ 395 static int 396 symlookup(const char *name, Cache *cache, Word shnum, Sym **sym, 397 Cache *target, Cache *symtab, const char *file) 398 { 399 Shdr *shdr; 400 Word symn, cnt; 401 Sym *syms; 402 403 if (symtab == 0) 404 return (0); 405 406 shdr = symtab->c_shdr; 407 408 /* 409 * Determine the symbol data and number. 410 */ 411 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 412 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 413 file, symtab->c_name); 414 return (0); 415 } 416 if (symtab->c_data == NULL) 417 return (0); 418 419 /* LINTED */ 420 symn = (Word)(shdr->sh_size / shdr->sh_entsize); 421 syms = (Sym *)symtab->c_data->d_buf; 422 423 /* 424 * Get the associated string table section. 425 */ 426 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 427 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 428 file, symtab->c_name, EC_WORD(shdr->sh_link)); 429 return (0); 430 } 431 432 /* 433 * Loop through the symbol table to find a match. 434 */ 435 *sym = NULL; 436 for (cnt = 0; cnt < symn; syms++, cnt++) { 437 const char *symname; 438 439 symname = string(symtab, cnt, &cache[shdr->sh_link], file, 440 syms->st_name); 441 442 if (symname && (strcmp(name, symname) == 0) && 443 ((target == NULL) || (target->c_ndx == syms->st_shndx))) { 444 /* 445 * It is possible, though rare, for a local and 446 * global symbol of the same name to exist, each 447 * contributed by a different input object. If the 448 * symbol just found is local, remember it, but 449 * continue looking. 450 */ 451 *sym = syms; 452 if (ELF_ST_BIND(syms->st_info) != STB_LOCAL) 453 break; 454 } 455 } 456 457 return (*sym != NULL); 458 } 459 460 /* 461 * Print section headers. 462 */ 463 static void 464 sections(const char *file, Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi) 465 { 466 size_t seccnt; 467 468 for (seccnt = 1; seccnt < shnum; seccnt++) { 469 Cache *_cache = &cache[seccnt]; 470 Shdr *shdr = _cache->c_shdr; 471 const char *secname = _cache->c_name; 472 473 /* 474 * Although numerous section header entries can be zero, it's 475 * usually a sign of trouble if the type is zero. 476 */ 477 if (shdr->sh_type == 0) { 478 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHTYPE), 479 file, secname, EC_WORD(shdr->sh_type)); 480 } 481 482 if (!match(MATCH_F_ALL, secname, seccnt, shdr->sh_type)) 483 continue; 484 485 /* 486 * Identify any sections that are suspicious. A .got section 487 * shouldn't exist in a relocatable object. 488 */ 489 if (ehdr->e_type == ET_REL) { 490 if (strncmp(secname, MSG_ORIG(MSG_ELF_GOT), 491 MSG_ELF_GOT_SIZE) == 0) { 492 (void) fprintf(stderr, 493 MSG_INTL(MSG_GOT_UNEXPECTED), file, 494 secname); 495 } 496 } 497 498 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 499 dbg_print(0, MSG_INTL(MSG_ELF_SHDR), EC_WORD(seccnt), secname); 500 Elf_shdr(0, osabi, ehdr->e_machine, shdr); 501 } 502 } 503 504 /* 505 * Obtain a specified Phdr entry. 506 */ 507 static Phdr * 508 getphdr(Word phnum, Word *type_arr, Word type_cnt, const char *file, Elf *elf) 509 { 510 Word cnt, tcnt; 511 Phdr *phdr; 512 513 if ((phdr = elf_getphdr(elf)) == NULL) { 514 failure(file, MSG_ORIG(MSG_ELF_GETPHDR)); 515 return (NULL); 516 } 517 518 for (cnt = 0; cnt < phnum; phdr++, cnt++) { 519 for (tcnt = 0; tcnt < type_cnt; tcnt++) { 520 if (phdr->p_type == type_arr[tcnt]) 521 return (phdr); 522 } 523 } 524 return (NULL); 525 } 526 527 /* 528 * Display the contents of GNU/amd64 .eh_frame and .eh_frame_hdr 529 * sections. 530 * 531 * entry: 532 * cache - Cache of all section headers 533 * shndx - Index of .eh_frame or .eh_frame_hdr section to be displayed 534 * shnum - Total number of sections which exist 535 * uphdr - NULL, or unwind program header associated with 536 * the .eh_frame_hdr section. 537 * ehdr - ELF header for file 538 * eh_state - Data used across calls to this routine. The 539 * caller should zero it before the first call, and 540 * pass it on every call. 541 * osabi - OSABI to use in displaying information 542 * file - Name of file 543 * flags - Command line option flags 544 */ 545 static void 546 unwind_eh_frame(Cache *cache, Word shndx, Word shnum, Phdr *uphdr, Ehdr *ehdr, 547 gnu_eh_state_t *eh_state, uchar_t osabi, const char *file, uint_t flags) 548 { 549 #if defined(_ELF64) 550 #define MSG_UNW_BINSRTAB2 MSG_UNW_BINSRTAB2_64 551 #define MSG_UNW_BINSRTABENT MSG_UNW_BINSRTABENT_64 552 #else 553 #define MSG_UNW_BINSRTAB2 MSG_UNW_BINSRTAB2_32 554 #define MSG_UNW_BINSRTABENT MSG_UNW_BINSRTABENT_32 555 #endif 556 557 Cache *_cache = &cache[shndx]; 558 Shdr *shdr = _cache->c_shdr; 559 uchar_t *data = (uchar_t *)(_cache->c_data->d_buf); 560 size_t datasize = _cache->c_data->d_size; 561 Conv_dwarf_ehe_buf_t dwarf_ehe_buf; 562 uint64_t ndx, frame_ptr, fde_cnt, tabndx; 563 uint_t vers, frame_ptr_enc, fde_cnt_enc, table_enc; 564 uint64_t initloc, initloc0 = 0; 565 uint64_t gotaddr = 0; 566 int cnt; 567 568 for (cnt = 1; cnt < shnum; cnt++) { 569 if (strncmp(cache[cnt].c_name, MSG_ORIG(MSG_ELF_GOT), 570 MSG_ELF_GOT_SIZE) == 0) { 571 gotaddr = cache[cnt].c_shdr->sh_addr; 572 break; 573 } 574 } 575 576 if ((data == NULL) || (datasize == 0)) { 577 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 578 file, _cache ->c_name); 579 return; 580 } 581 582 /* 583 * Is this a .eh_frame_hdr? 584 */ 585 if ((uphdr && (shdr->sh_addr == uphdr->p_vaddr)) || 586 (strncmp(_cache->c_name, MSG_ORIG(MSG_SCN_FRMHDR), 587 MSG_SCN_FRMHDR_SIZE) == 0)) { 588 /* 589 * There can only be a single .eh_frame_hdr. 590 * Flag duplicates. 591 */ 592 if (++eh_state->hdr_cnt > 1) 593 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MULTEHFRMHDR), 594 file, EC_WORD(shndx), _cache->c_name); 595 596 dbg_print(0, MSG_ORIG(MSG_UNW_FRMHDR)); 597 ndx = 0; 598 599 vers = data[ndx++]; 600 frame_ptr_enc = data[ndx++]; 601 fde_cnt_enc = data[ndx++]; 602 table_enc = data[ndx++]; 603 604 dbg_print(0, MSG_ORIG(MSG_UNW_FRMVERS), vers); 605 606 switch (dwarf_ehe_extract(data, datasize, &ndx, 607 &frame_ptr, frame_ptr_enc, ehdr->e_ident, B_TRUE, 608 shdr->sh_addr, ndx, gotaddr)) { 609 case DW_OVERFLOW: 610 (void) fprintf(stderr, MSG_INTL(MSG_ERR_DWOVRFLW), 611 file, _cache->c_name); 612 return; 613 case DW_BAD_ENCODING: 614 (void) fprintf(stderr, MSG_INTL(MSG_ERR_DWBADENC), 615 file, _cache->c_name, frame_ptr_enc); 616 return; 617 case DW_SUCCESS: 618 break; 619 } 620 if (eh_state->hdr_cnt == 1) { 621 eh_state->hdr_ndx = shndx; 622 eh_state->frame_ptr = frame_ptr; 623 } 624 625 dbg_print(0, MSG_ORIG(MSG_UNW_FRPTRENC), 626 conv_dwarf_ehe(frame_ptr_enc, &dwarf_ehe_buf), 627 EC_XWORD(frame_ptr)); 628 629 switch (dwarf_ehe_extract(data, datasize, &ndx, &fde_cnt, 630 fde_cnt_enc, ehdr->e_ident, B_TRUE, shdr->sh_addr, ndx, 631 gotaddr)) { 632 case DW_OVERFLOW: 633 (void) fprintf(stderr, MSG_INTL(MSG_ERR_DWOVRFLW), 634 file, _cache->c_name); 635 return; 636 case DW_BAD_ENCODING: 637 (void) fprintf(stderr, MSG_INTL(MSG_ERR_DWBADENC), 638 file, _cache->c_name, fde_cnt_enc); 639 return; 640 case DW_SUCCESS: 641 break; 642 } 643 644 dbg_print(0, MSG_ORIG(MSG_UNW_FDCNENC), 645 conv_dwarf_ehe(fde_cnt_enc, &dwarf_ehe_buf), 646 EC_XWORD(fde_cnt)); 647 dbg_print(0, MSG_ORIG(MSG_UNW_TABENC), 648 conv_dwarf_ehe(table_enc, &dwarf_ehe_buf)); 649 dbg_print(0, MSG_ORIG(MSG_UNW_BINSRTAB1)); 650 dbg_print(0, MSG_ORIG(MSG_UNW_BINSRTAB2)); 651 652 for (tabndx = 0; tabndx < fde_cnt; tabndx++) { 653 uint64_t table; 654 655 switch (dwarf_ehe_extract(data, datasize, &ndx, 656 &initloc, table_enc, ehdr->e_ident, B_TRUE, 657 shdr->sh_addr, ndx, gotaddr)) { 658 case DW_OVERFLOW: 659 (void) fprintf(stderr, 660 MSG_INTL(MSG_ERR_DWOVRFLW), file, 661 _cache->c_name); 662 return; 663 case DW_BAD_ENCODING: 664 (void) fprintf(stderr, 665 MSG_INTL(MSG_ERR_DWBADENC), file, 666 _cache->c_name, table_enc); 667 return; 668 case DW_SUCCESS: 669 break; 670 } 671 if ((tabndx != 0) && (initloc0 > initloc)) 672 (void) fprintf(stderr, 673 MSG_INTL(MSG_ERR_BADSORT), file, 674 _cache->c_name, EC_WORD(tabndx)); 675 switch (dwarf_ehe_extract(data, datasize, &ndx, &table, 676 table_enc, ehdr->e_ident, B_TRUE, shdr->sh_addr, 677 ndx, gotaddr)) { 678 case DW_OVERFLOW: 679 (void) fprintf(stderr, 680 MSG_INTL(MSG_ERR_DWOVRFLW), file, 681 _cache->c_name); 682 return; 683 case DW_BAD_ENCODING: 684 (void) fprintf(stderr, 685 MSG_INTL(MSG_ERR_DWBADENC), file, 686 _cache->c_name, table_enc); 687 return; 688 case DW_SUCCESS: 689 break; 690 } 691 692 dbg_print(0, MSG_ORIG(MSG_UNW_BINSRTABENT), 693 EC_XWORD(initloc), 694 EC_XWORD(table)); 695 initloc0 = initloc; 696 } 697 } else { /* Display the .eh_frame section */ 698 eh_state->frame_cnt++; 699 if (eh_state->frame_cnt == 1) { 700 eh_state->frame_ndx = shndx; 701 eh_state->frame_base = shdr->sh_addr; 702 } else if ((eh_state->frame_cnt > 1) && 703 (ehdr->e_type != ET_REL)) { 704 Conv_inv_buf_t inv_buf; 705 706 (void) fprintf(stderr, MSG_INTL(MSG_WARN_MULTEHFRM), 707 file, EC_WORD(shndx), _cache->c_name, 708 conv_ehdr_type(osabi, ehdr->e_type, 0, &inv_buf)); 709 } 710 dump_eh_frame(file, _cache->c_name, data, datasize, 711 shdr->sh_addr, ehdr->e_machine, ehdr->e_ident, gotaddr); 712 } 713 714 /* 715 * If we've seen the .eh_frame_hdr and the first .eh_frame section, 716 * compare the header frame_ptr to the address of the actual frame 717 * section to ensure the link-editor got this right. Note, this 718 * diagnostic is only produced when unwind information is explicitly 719 * asked for, as shared objects built with an older ld(1) may reveal 720 * this inconsistency. Although an inconsistency, it doesn't seem to 721 * have any adverse effect on existing tools. 722 */ 723 if (((flags & FLG_MASK_SHOW) != FLG_MASK_SHOW) && 724 (eh_state->hdr_cnt > 0) && (eh_state->frame_cnt > 0) && 725 (eh_state->frame_ptr != eh_state->frame_base)) 726 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADEHFRMPTR), 727 file, EC_WORD(eh_state->hdr_ndx), 728 cache[eh_state->hdr_ndx].c_name, 729 EC_XWORD(eh_state->frame_ptr), 730 EC_WORD(eh_state->frame_ndx), 731 cache[eh_state->frame_ndx].c_name, 732 EC_XWORD(eh_state->frame_base)); 733 #undef MSG_UNW_BINSRTAB2 734 #undef MSG_UNW_BINSRTABENT 735 } 736 737 /* 738 * Convert a self relative pointer into an address. A self relative 739 * pointer adds the address where the pointer resides to the offset 740 * contained in the pointer. The benefit is that the value of the 741 * pointer does not require relocation. 742 * 743 * entry: 744 * base_addr - Address of the pointer. 745 * delta - Offset relative to base_addr giving desired address 746 * 747 * exit: 748 * The computed address is returned. 749 * 750 * note: 751 * base_addr is an unsigned value, while ret_addr is signed. This routine 752 * used explicit testing and casting to explicitly control type 753 * conversion, and ensure that we handle the maximum possible range. 754 */ 755 static Addr 756 srelptr(Addr base_addr, PTRDIFF_T delta) 757 { 758 if (delta < 0) 759 return (base_addr - (Addr) (-delta)); 760 761 return (base_addr + (Addr) delta); 762 } 763 764 /* 765 * Byte swap a PTRDIFF_T value. 766 */ 767 static PTRDIFF_T 768 swap_ptrdiff(PTRDIFF_T value) 769 { 770 PTRDIFF_T r; 771 uchar_t *dst = (uchar_t *)&r; 772 uchar_t *src = (uchar_t *)&value; 773 774 UL_ASSIGN_BSWAP_XWORD(dst, src); 775 return (r); 776 } 777 778 /* 779 * Display exception_range_entry items from the .exception_ranges section 780 * of a Sun C++ object. 781 */ 782 static void 783 unwind_exception_ranges(Cache *_cache, const char *file, int do_swap) 784 { 785 /* 786 * Translate a PTRDIFF_T self-relative address field of 787 * an exception_range_entry struct into an address. 788 * 789 * entry: 790 * exc_addr - Address of base of exception_range_entry struct 791 * cur_ent - Pointer to data in the struct to be translated 792 * 793 * _f - Field of struct to be translated 794 */ 795 #define SRELPTR(_f) \ 796 srelptr(exc_addr + offsetof(exception_range_entry, _f), cur_ent->_f) 797 798 #if defined(_ELF64) 799 #define MSG_EXR_TITLE MSG_EXR_TITLE_64 800 #define MSG_EXR_ENTRY MSG_EXR_ENTRY_64 801 #else 802 #define MSG_EXR_TITLE MSG_EXR_TITLE_32 803 #define MSG_EXR_ENTRY MSG_EXR_ENTRY_32 804 #endif 805 806 exception_range_entry scratch, *ent, *cur_ent = &scratch; 807 char index[MAXNDXSIZE]; 808 Word i, nelts; 809 Addr addr, addr0 = 0, offset = 0; 810 Addr exc_addr = _cache->c_shdr->sh_addr; 811 812 dbg_print(0, MSG_INTL(MSG_EXR_TITLE)); 813 ent = (exception_range_entry *)(_cache->c_data->d_buf); 814 nelts = _cache->c_data->d_size / sizeof (exception_range_entry); 815 816 for (i = 0; i < nelts; i++, ent++) { 817 if (do_swap) { 818 /* 819 * Copy byte swapped values into the scratch buffer. 820 * The reserved field is not used, so we skip it. 821 */ 822 scratch.ret_addr = swap_ptrdiff(ent->ret_addr); 823 scratch.length = BSWAP_XWORD(ent->length); 824 scratch.handler_addr = swap_ptrdiff(ent->handler_addr); 825 scratch.type_block = swap_ptrdiff(ent->type_block); 826 } else { 827 cur_ent = ent; 828 } 829 830 /* 831 * The table is required to be sorted by the address 832 * derived from ret_addr, to allow binary searching. Ensure 833 * that addresses grow monotonically. 834 */ 835 addr = SRELPTR(ret_addr); 836 if ((i != 0) && (addr0 > addr)) 837 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSORT), 838 file, _cache->c_name, EC_WORD(i)); 839 840 (void) snprintf(index, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INDEX), 841 EC_XWORD(i)); 842 dbg_print(0, MSG_INTL(MSG_EXR_ENTRY), index, EC_ADDR(offset), 843 EC_ADDR(addr), EC_ADDR(cur_ent->length), 844 EC_ADDR(SRELPTR(handler_addr)), 845 EC_ADDR(SRELPTR(type_block))); 846 847 addr0 = addr; 848 exc_addr += sizeof (exception_range_entry); 849 offset += sizeof (exception_range_entry); 850 } 851 852 #undef SRELPTR 853 #undef MSG_EXR_TITLE 854 #undef MSG_EXR_ENTRY 855 } 856 857 /* 858 * Display information from unwind/exception sections: 859 * 860 * - GNU/amd64 .eh_frame and .eh_frame_hdr 861 * - Sun C++ .exception_ranges 862 * 863 */ 864 static void 865 unwind(Cache *cache, Word shnum, Word phnum, Ehdr *ehdr, uchar_t osabi, 866 const char *file, Elf *elf, uint_t flags) 867 { 868 static Word phdr_types[] = { PT_SUNW_UNWIND, PT_SUNW_EH_FRAME }; 869 870 Word cnt; 871 Phdr *uphdr = NULL; 872 gnu_eh_state_t eh_state; 873 874 /* 875 * Historical background: .eh_frame and .eh_frame_hdr sections 876 * come from the GNU compilers (particularly C++), and are used 877 * under all architectures. Their format is based on DWARF. When 878 * the amd64 ABI was defined, these sections were adopted wholesale 879 * from the existing practice. 880 * 881 * When amd64 support was added to Solaris, support for these 882 * sections was added, using the SHT_AMD64_UNWIND section type 883 * to identify them. At first, we ignored them in objects for 884 * non-amd64 targets, but later broadened our support to include 885 * other architectures in order to better support gcc-generated 886 * objects. 887 * 888 * .exception_ranges implement the same basic concepts, but 889 * were invented at Sun for the Sun C++ compiler. 890 * 891 * We match these sections by name, rather than section type, 892 * because they can come in as either SHT_AMD64_UNWIND, or as 893 * SHT_PROGBITS, and because the type isn't enough to determine 894 * how they should be interpreted. 895 */ 896 /* Find the program header for .eh_frame_hdr if present */ 897 if (phnum) 898 uphdr = getphdr(phnum, phdr_types, 899 sizeof (phdr_types) / sizeof (*phdr_types), file, elf); 900 901 /* 902 * eh_state is used to retain data used by unwind_eh_frame() 903 * across calls. 904 */ 905 bzero(&eh_state, sizeof (eh_state)); 906 907 for (cnt = 1; cnt < shnum; cnt++) { 908 Cache *_cache = &cache[cnt]; 909 Shdr *shdr = _cache->c_shdr; 910 int is_exrange; 911 912 /* 913 * Skip sections of the wrong type. On amd64, they 914 * can be SHT_AMD64_UNWIND. On all platforms, they 915 * can be SHT_PROGBITS (including amd64, if using 916 * the GNU compilers). 917 * 918 * Skip anything other than these two types. The name 919 * test below will thin out the SHT_PROGBITS that don't apply. 920 */ 921 if ((shdr->sh_type != SHT_PROGBITS) && 922 (shdr->sh_type != SHT_AMD64_UNWIND)) 923 continue; 924 925 /* 926 * Only sections with certain well known names are of interest. 927 * These are: 928 * 929 * .eh_frame - amd64/GNU-compiler unwind sections 930 * .eh_frame_hdr - Sorted table referencing .eh_frame 931 * .exception_ranges - Sun C++ unwind sections 932 * 933 * We do a prefix comparison, allowing for naming conventions 934 * like .eh_frame.foo, hence the use of strncmp() rather than 935 * strcmp(). This means that we only really need to test for 936 * .eh_frame, as it's a prefix of .eh_frame_hdr. 937 */ 938 is_exrange = strncmp(_cache->c_name, 939 MSG_ORIG(MSG_SCN_EXRANGE), MSG_SCN_EXRANGE_SIZE) == 0; 940 if ((strncmp(_cache->c_name, MSG_ORIG(MSG_SCN_FRM), 941 MSG_SCN_FRM_SIZE) != 0) && !is_exrange) 942 continue; 943 944 if (!match(MATCH_F_ALL, _cache->c_name, cnt, shdr->sh_type)) 945 continue; 946 947 if (_cache->c_data == NULL) 948 continue; 949 950 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 951 dbg_print(0, MSG_INTL(MSG_ELF_SCN_UNWIND), _cache->c_name); 952 953 if (is_exrange) 954 unwind_exception_ranges(_cache, file, 955 _elf_sys_encoding() != ehdr->e_ident[EI_DATA]); 956 else 957 unwind_eh_frame(cache, cnt, shnum, uphdr, ehdr, 958 &eh_state, osabi, file, flags); 959 } 960 } 961 962 /* 963 * Initialize a symbol table state structure 964 * 965 * entry: 966 * state - State structure to be initialized 967 * cache - Cache of all section headers 968 * shnum - # of sections in cache 969 * secndx - Index of symbol table section 970 * ehdr - ELF header for file 971 * versym - Information about versym section 972 * file - Name of file 973 * flags - Command line option flags 974 */ 975 static int 976 init_symtbl_state(SYMTBL_STATE *state, Cache *cache, Word shnum, Word secndx, 977 Ehdr *ehdr, uchar_t osabi, VERSYM_STATE *versym, const char *file, 978 uint_t flags) 979 { 980 Shdr *shdr; 981 982 state->file = file; 983 state->ehdr = ehdr; 984 state->cache = cache; 985 state->osabi = osabi; 986 state->shnum = shnum; 987 state->seccache = &cache[secndx]; 988 state->secndx = secndx; 989 state->secname = state->seccache->c_name; 990 state->flags = flags; 991 state->shxndx.checked = 0; 992 state->shxndx.data = NULL; 993 state->shxndx.n = 0; 994 995 shdr = state->seccache->c_shdr; 996 997 /* 998 * Check the symbol data and per-item size. 999 */ 1000 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 1001 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 1002 file, state->secname); 1003 return (0); 1004 } 1005 if (state->seccache->c_data == NULL) 1006 return (0); 1007 1008 /* LINTED */ 1009 state->symn = (Word)(shdr->sh_size / shdr->sh_entsize); 1010 state->sym = (Sym *)state->seccache->c_data->d_buf; 1011 1012 /* 1013 * Check associated string table section. 1014 */ 1015 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 1016 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1017 file, state->secname, EC_WORD(shdr->sh_link)); 1018 return (0); 1019 } 1020 1021 /* 1022 * Determine if there is a associated Versym section 1023 * with this Symbol Table. 1024 */ 1025 if (versym && versym->cache && 1026 (versym->cache->c_shdr->sh_link == state->secndx)) 1027 state->versym = versym; 1028 else 1029 state->versym = NULL; 1030 1031 1032 return (1); 1033 } 1034 1035 /* 1036 * Determine the extended section index used for symbol tables entries. 1037 */ 1038 static void 1039 symbols_getxindex(SYMTBL_STATE *state) 1040 { 1041 uint_t symn; 1042 Word symcnt; 1043 1044 state->shxndx.checked = 1; /* Note that we've been called */ 1045 for (symcnt = 1; symcnt < state->shnum; symcnt++) { 1046 Cache *_cache = &state->cache[symcnt]; 1047 Shdr *shdr = _cache->c_shdr; 1048 1049 if ((shdr->sh_type != SHT_SYMTAB_SHNDX) || 1050 (shdr->sh_link != state->secndx)) 1051 continue; 1052 1053 if ((shdr->sh_entsize) && 1054 /* LINTED */ 1055 ((symn = (uint_t)(shdr->sh_size / shdr->sh_entsize)) == 0)) 1056 continue; 1057 1058 if (_cache->c_data == NULL) 1059 continue; 1060 1061 state->shxndx.data = _cache->c_data->d_buf; 1062 state->shxndx.n = symn; 1063 return; 1064 } 1065 } 1066 1067 /* 1068 * Produce a line of output for the given symbol 1069 * 1070 * entry: 1071 * state - Symbol table state 1072 * symndx - Index of symbol within the table 1073 * info - Value of st_info (indicates local/global range) 1074 * symndx_disp - Index to display. This may not be the same 1075 * as symndx if the display is relative to the logical 1076 * combination of the SUNW_ldynsym/dynsym tables. 1077 * sym - Symbol to display 1078 */ 1079 static void 1080 output_symbol(SYMTBL_STATE *state, Word symndx, Word info, Word disp_symndx, 1081 Sym *sym) 1082 { 1083 /* 1084 * Symbol types for which we check that the specified 1085 * address/size land inside the target section. 1086 */ 1087 static const int addr_symtype[] = { 1088 0, /* STT_NOTYPE */ 1089 1, /* STT_OBJECT */ 1090 1, /* STT_FUNC */ 1091 0, /* STT_SECTION */ 1092 0, /* STT_FILE */ 1093 1, /* STT_COMMON */ 1094 0, /* STT_TLS */ 1095 0, /* 7 */ 1096 0, /* 8 */ 1097 0, /* 9 */ 1098 0, /* 10 */ 1099 0, /* 11 */ 1100 0, /* 12 */ 1101 0, /* STT_SPARC_REGISTER */ 1102 0, /* 14 */ 1103 0, /* 15 */ 1104 }; 1105 #if STT_NUM != (STT_TLS + 1) 1106 #error "STT_NUM has grown. Update addr_symtype[]" 1107 #endif 1108 1109 char index[MAXNDXSIZE]; 1110 const char *symname, *sec; 1111 Versym verndx; 1112 int gnuver; 1113 uchar_t type; 1114 Shdr *tshdr; 1115 Word shndx; 1116 Conv_inv_buf_t inv_buf; 1117 1118 /* Ensure symbol index is in range */ 1119 if (symndx >= state->symn) { 1120 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSYMNDX), 1121 state->file, state->secname, EC_WORD(symndx)); 1122 return; 1123 } 1124 1125 /* 1126 * If we are using extended symbol indexes, find the 1127 * corresponding SHN_SYMTAB_SHNDX table. 1128 */ 1129 if ((sym->st_shndx == SHN_XINDEX) && (state->shxndx.checked == 0)) 1130 symbols_getxindex(state); 1131 1132 /* LINTED */ 1133 symname = string(state->seccache, symndx, 1134 &state->cache[state->seccache->c_shdr->sh_link], state->file, 1135 sym->st_name); 1136 1137 tshdr = NULL; 1138 sec = NULL; 1139 1140 if (state->ehdr->e_type == ET_CORE) { 1141 sec = (char *)MSG_INTL(MSG_STR_UNKNOWN); 1142 } else if (state->flags & FLG_CTL_FAKESHDR) { 1143 /* 1144 * If we are using fake section headers derived from 1145 * the program headers, then the section indexes 1146 * in the symbols do not correspond to these headers. 1147 * The section names are not available, so all we can 1148 * do is to display them in numeric form. 1149 */ 1150 sec = conv_sym_shndx(state->osabi, state->ehdr->e_machine, 1151 sym->st_shndx, CONV_FMT_DECIMAL, &inv_buf); 1152 } else if ((sym->st_shndx < SHN_LORESERVE) && 1153 (sym->st_shndx < state->shnum)) { 1154 shndx = sym->st_shndx; 1155 tshdr = state->cache[shndx].c_shdr; 1156 sec = state->cache[shndx].c_name; 1157 } else if (sym->st_shndx == SHN_XINDEX) { 1158 if (state->shxndx.data) { 1159 Word _shxndx; 1160 1161 if (symndx > state->shxndx.n) { 1162 (void) fprintf(stderr, 1163 MSG_INTL(MSG_ERR_BADSYMXINDEX1), 1164 state->file, state->secname, 1165 EC_WORD(symndx)); 1166 } else if ((_shxndx = 1167 state->shxndx.data[symndx]) > state->shnum) { 1168 (void) fprintf(stderr, 1169 MSG_INTL(MSG_ERR_BADSYMXINDEX2), 1170 state->file, state->secname, 1171 EC_WORD(symndx), EC_WORD(_shxndx)); 1172 } else { 1173 shndx = _shxndx; 1174 tshdr = state->cache[shndx].c_shdr; 1175 sec = state->cache[shndx].c_name; 1176 } 1177 } else { 1178 (void) fprintf(stderr, 1179 MSG_INTL(MSG_ERR_BADSYMXINDEX3), 1180 state->file, state->secname, EC_WORD(symndx)); 1181 } 1182 } else if ((sym->st_shndx < SHN_LORESERVE) && 1183 (sym->st_shndx >= state->shnum)) { 1184 (void) fprintf(stderr, 1185 MSG_INTL(MSG_ERR_BADSYM5), state->file, 1186 state->secname, EC_WORD(symndx), 1187 demangle(symname, state->flags), sym->st_shndx); 1188 } 1189 1190 /* 1191 * If versioning is available display the 1192 * version index. If not, then use 0. 1193 */ 1194 if (state->versym) { 1195 Versym test_verndx; 1196 1197 verndx = test_verndx = state->versym->data[symndx]; 1198 gnuver = state->versym->gnu_full; 1199 1200 /* 1201 * Check to see if this is a defined symbol with a 1202 * version index that is outside the valid range for 1203 * the file. The interpretation of this depends on 1204 * the style of versioning used by the object. 1205 * 1206 * Versions >= VER_NDX_LORESERVE have special meanings, 1207 * and are exempt from this checking. 1208 * 1209 * GNU style version indexes use the top bit of the 1210 * 16-bit index value (0x8000) as the "hidden bit". 1211 * We must mask off this bit in order to compare 1212 * the version against the maximum value. 1213 */ 1214 if (gnuver) 1215 test_verndx &= ~0x8000; 1216 1217 if ((test_verndx > state->versym->max_verndx) && 1218 (verndx < VER_NDX_LORESERVE)) 1219 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADVER), 1220 state->file, state->secname, EC_WORD(symndx), 1221 EC_HALF(test_verndx), state->versym->max_verndx); 1222 } else { 1223 verndx = 0; 1224 gnuver = 0; 1225 } 1226 1227 /* 1228 * Error checking for TLS. 1229 */ 1230 type = ELF_ST_TYPE(sym->st_info); 1231 if (type == STT_TLS) { 1232 if (tshdr && 1233 (sym->st_shndx != SHN_UNDEF) && 1234 ((tshdr->sh_flags & SHF_TLS) == 0)) { 1235 (void) fprintf(stderr, 1236 MSG_INTL(MSG_ERR_BADSYM3), state->file, 1237 state->secname, EC_WORD(symndx), 1238 demangle(symname, state->flags)); 1239 } 1240 } else if ((type != STT_SECTION) && sym->st_size && 1241 tshdr && (tshdr->sh_flags & SHF_TLS)) { 1242 (void) fprintf(stderr, 1243 MSG_INTL(MSG_ERR_BADSYM4), state->file, 1244 state->secname, EC_WORD(symndx), 1245 demangle(symname, state->flags)); 1246 } 1247 1248 /* 1249 * If a symbol with non-zero size has a type that 1250 * specifies an address, then make sure the location 1251 * it references is actually contained within the 1252 * section. UNDEF symbols don't count in this case, 1253 * so we ignore them. 1254 * 1255 * The meaning of the st_value field in a symbol 1256 * depends on the type of object. For a relocatable 1257 * object, it is the offset within the section. 1258 * For sharable objects, it is the offset relative to 1259 * the base of the object, and for other types, it is 1260 * the virtual address. To get an offset within the 1261 * section for non-ET_REL files, we subtract the 1262 * base address of the section. 1263 */ 1264 if (addr_symtype[type] && (sym->st_size > 0) && 1265 (sym->st_shndx != SHN_UNDEF) && ((sym->st_shndx < SHN_LORESERVE) || 1266 (sym->st_shndx == SHN_XINDEX)) && (tshdr != NULL)) { 1267 Word v = sym->st_value; 1268 if (state->ehdr->e_type != ET_REL) 1269 v -= tshdr->sh_addr; 1270 if (((v + sym->st_size) > tshdr->sh_size)) { 1271 (void) fprintf(stderr, 1272 MSG_INTL(MSG_ERR_BADSYM6), state->file, 1273 state->secname, EC_WORD(symndx), 1274 demangle(symname, state->flags), 1275 EC_WORD(shndx), EC_XWORD(tshdr->sh_size), 1276 EC_XWORD(sym->st_value), EC_XWORD(sym->st_size)); 1277 } 1278 } 1279 1280 /* 1281 * A typical symbol table uses the sh_info field to indicate one greater 1282 * than the symbol table index of the last local symbol, STB_LOCAL. 1283 * Therefore, symbol indexes less than sh_info should have local 1284 * binding. Symbol indexes greater than, or equal to sh_info, should 1285 * have global binding. Note, we exclude UNDEF/NOTY symbols with zero 1286 * value and size, as these symbols may be the result of an mcs(1) 1287 * section deletion. 1288 */ 1289 if (info) { 1290 uchar_t bind = ELF_ST_BIND(sym->st_info); 1291 1292 if ((symndx < info) && (bind != STB_LOCAL)) { 1293 (void) fprintf(stderr, 1294 MSG_INTL(MSG_ERR_BADSYM7), state->file, 1295 state->secname, EC_WORD(symndx), 1296 demangle(symname, state->flags), EC_XWORD(info)); 1297 1298 } else if ((symndx >= info) && (bind == STB_LOCAL) && 1299 ((sym->st_shndx != SHN_UNDEF) || 1300 (ELF_ST_TYPE(sym->st_info) != STT_NOTYPE) || 1301 (sym->st_size != 0) || (sym->st_value != 0))) { 1302 (void) fprintf(stderr, 1303 MSG_INTL(MSG_ERR_BADSYM8), state->file, 1304 state->secname, EC_WORD(symndx), 1305 demangle(symname, state->flags), EC_XWORD(info)); 1306 } 1307 } 1308 1309 (void) snprintf(index, MAXNDXSIZE, 1310 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(disp_symndx)); 1311 Elf_syms_table_entry(0, ELF_DBG_ELFDUMP, index, state->osabi, 1312 state->ehdr->e_machine, sym, verndx, gnuver, sec, symname); 1313 } 1314 1315 /* 1316 * Process a SHT_SUNW_cap capabilities section. 1317 */ 1318 static int 1319 cap_section(const char *file, Cache *cache, Word shnum, Cache *ccache, 1320 uchar_t osabi, Ehdr *ehdr, uint_t flags) 1321 { 1322 SYMTBL_STATE state; 1323 Word cnum, capnum, nulls, symcaps; 1324 int descapndx, objcap, title; 1325 Cap *cap = (Cap *)ccache->c_data->d_buf; 1326 Shdr *cishdr, *cshdr = ccache->c_shdr; 1327 Cache *cicache, *strcache; 1328 Capinfo *capinfo = NULL; 1329 Word capinfonum; 1330 const char *strs = NULL; 1331 size_t strs_size; 1332 1333 if ((cshdr->sh_entsize == 0) || (cshdr->sh_size == 0)) { 1334 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 1335 file, ccache->c_name); 1336 return (0); 1337 } 1338 1339 /* 1340 * If this capabilities section is associated with symbols, then the 1341 * sh_link field points to the associated capabilities information 1342 * section. The sh_link field of the capabilities information section 1343 * points to the associated symbol table. 1344 */ 1345 if (cshdr->sh_link) { 1346 Cache *scache; 1347 Shdr *sshdr; 1348 1349 /* 1350 * Validate that the sh_link field points to a capabilities 1351 * information section. 1352 */ 1353 if (cshdr->sh_link >= shnum) { 1354 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1355 file, ccache->c_name, EC_WORD(cshdr->sh_link)); 1356 return (0); 1357 } 1358 1359 cicache = &cache[cshdr->sh_link]; 1360 cishdr = cicache->c_shdr; 1361 1362 if (cishdr->sh_type != SHT_SUNW_capinfo) { 1363 (void) fprintf(stderr, MSG_INTL(MSG_ERR_INVCAP), 1364 file, ccache->c_name, EC_WORD(cshdr->sh_link)); 1365 return (0); 1366 } 1367 1368 capinfo = cicache->c_data->d_buf; 1369 capinfonum = (Word)(cishdr->sh_size / cishdr->sh_entsize); 1370 1371 /* 1372 * Validate that the sh_link field of the capabilities 1373 * information section points to a valid symbol table. 1374 */ 1375 if ((cishdr->sh_link == 0) || (cishdr->sh_link >= shnum)) { 1376 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1377 file, cicache->c_name, EC_WORD(cishdr->sh_link)); 1378 return (0); 1379 } 1380 scache = &cache[cishdr->sh_link]; 1381 sshdr = scache->c_shdr; 1382 1383 if ((sshdr->sh_type != SHT_SYMTAB) && 1384 (sshdr->sh_type != SHT_DYNSYM)) { 1385 (void) fprintf(stderr, MSG_INTL(MSG_ERR_INVCAPINFO1), 1386 file, cicache->c_name, EC_WORD(cishdr->sh_link)); 1387 return (0); 1388 } 1389 1390 if (!init_symtbl_state(&state, cache, shnum, 1391 cishdr->sh_link, ehdr, osabi, NULL, file, flags)) 1392 return (0); 1393 } 1394 1395 /* 1396 * If this capabilities section contains capability string entries, 1397 * then determine the associated string table. Capabilities entries 1398 * that define names require that the capability section indicate 1399 * which string table to use via sh_info. 1400 */ 1401 if (cshdr->sh_info) { 1402 Shdr *strshdr; 1403 1404 /* 1405 * Validate that the sh_info field points to a string table. 1406 */ 1407 if (cshdr->sh_info >= shnum) { 1408 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1409 file, ccache->c_name, EC_WORD(cshdr->sh_info)); 1410 return (0); 1411 } 1412 1413 strcache = &cache[cshdr->sh_info]; 1414 strshdr = strcache->c_shdr; 1415 1416 if (strshdr->sh_type != SHT_STRTAB) { 1417 (void) fprintf(stderr, MSG_INTL(MSG_ERR_INVCAP), 1418 file, ccache->c_name, EC_WORD(cshdr->sh_info)); 1419 return (0); 1420 } 1421 strs = (const char *)strcache->c_data->d_buf; 1422 strs_size = strcache->c_data->d_size; 1423 } 1424 1425 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1426 dbg_print(0, MSG_INTL(MSG_ELF_SCN_CAP), ccache->c_name); 1427 1428 capnum = (Word)(cshdr->sh_size / cshdr->sh_entsize); 1429 1430 nulls = symcaps = 0; 1431 objcap = title = 1; 1432 descapndx = -1; 1433 1434 /* 1435 * Traverse the capabilities section printing each capability group. 1436 * The first capabilities group defines any object capabilities. Any 1437 * following groups define symbol capabilities. In the case where no 1438 * object capabilities exist, but symbol capabilities do, a single 1439 * CA_SUNW_NULL terminator for the object capabilities exists. 1440 */ 1441 for (cnum = 0; cnum < capnum; cap++, cnum++) { 1442 if (cap->c_tag == CA_SUNW_NULL) { 1443 /* 1444 * A CA_SUNW_NULL tag terminates a capabilities group. 1445 * If the first capabilities tag is CA_SUNW_NULL, then 1446 * no object capabilities exist. 1447 */ 1448 if ((nulls++ == 0) && (cnum == 0)) 1449 objcap = 0; 1450 title = 1; 1451 } else { 1452 if (title) { 1453 if (nulls == 0) { 1454 /* 1455 * If this capabilities group represents 1456 * the object capabilities (i.e., no 1457 * CA_SUNW_NULL tag has been processed 1458 * yet), then display an object 1459 * capabilities title. 1460 */ 1461 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1462 dbg_print(0, 1463 MSG_INTL(MSG_OBJ_CAP_TITLE)); 1464 } else { 1465 /* 1466 * If this is a symbols capabilities 1467 * group (i.e., a CA_SUNW_NULL tag has 1468 * already be found that terminates 1469 * the object capabilities group), then 1470 * display a symbol capabilities title, 1471 * and retain this capabilities index 1472 * for later processing. 1473 */ 1474 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1475 dbg_print(0, 1476 MSG_INTL(MSG_SYM_CAP_TITLE)); 1477 descapndx = cnum; 1478 } 1479 Elf_cap_title(0); 1480 title = 0; 1481 } 1482 1483 /* 1484 * Print the capabilities data. 1485 * 1486 * Note that CA_SUNW_PLAT, CA_SUNW_MACH and CA_SUNW_ID 1487 * entries require a string table, which should have 1488 * already been established. 1489 */ 1490 if ((strs == NULL) && ((cap->c_tag == CA_SUNW_PLAT) || 1491 (cap->c_tag == CA_SUNW_MACH) || 1492 (cap->c_tag == CA_SUNW_ID))) { 1493 (void) fprintf(stderr, 1494 MSG_INTL(MSG_WARN_INVCAP4), file, 1495 EC_WORD(elf_ndxscn(ccache->c_scn)), 1496 ccache->c_name, EC_WORD(cshdr->sh_info)); 1497 } 1498 Elf_cap_entry(0, cap, cnum, strs, strs_size, 1499 ehdr->e_machine); 1500 } 1501 1502 /* 1503 * If this CA_SUNW_NULL tag terminates a symbol capabilities 1504 * group, determine the associated symbols. 1505 */ 1506 if ((cap->c_tag == CA_SUNW_NULL) && (nulls > 1) && 1507 (descapndx != -1)) { 1508 Capinfo *cip; 1509 Word inum; 1510 1511 symcaps++; 1512 1513 /* 1514 * Make sure we've discovered a SHT_SUNW_capinfo table. 1515 */ 1516 if ((cip = capinfo) == NULL) { 1517 (void) fprintf(stderr, 1518 MSG_INTL(MSG_ERR_INVCAP), file, 1519 ccache->c_name, EC_WORD(cshdr->sh_link)); 1520 return (0); 1521 } 1522 1523 /* 1524 * Determine what symbols reference this capabilities 1525 * group. 1526 */ 1527 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1528 dbg_print(0, MSG_INTL(MSG_CAPINFO_ENTRIES)); 1529 Elf_syms_table_title(0, ELF_DBG_ELFDUMP); 1530 1531 for (inum = 1, cip++; inum < capinfonum; 1532 inum++, cip++) { 1533 Word gndx = (Word)ELF_C_GROUP(*cip); 1534 1535 if (gndx && (gndx == descapndx)) { 1536 output_symbol(&state, inum, 0, 1537 inum, state.sym + inum); 1538 } 1539 } 1540 descapndx = -1; 1541 continue; 1542 } 1543 1544 /* 1545 * An SF1_SUNW_ADDR32 software capability tag in a 32-bit 1546 * object is suspicious as it has no effect. 1547 */ 1548 if ((cap->c_tag == CA_SUNW_SF_1) && 1549 (ehdr->e_ident[EI_CLASS] == ELFCLASS32) && 1550 (cap->c_un.c_val & SF1_SUNW_ADDR32)) { 1551 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INADDR32SF1), 1552 file, ccache->c_name); 1553 } 1554 } 1555 1556 /* 1557 * If this is a dynamic object, with symbol capabilities, then a 1558 * .SUNW_capchain section should exist. This section contains a chain 1559 * of symbol indexes for each capabilities family. This is the list 1560 * that is searched by ld.so.1 to determine the best capabilities 1561 * candidate. 1562 * 1563 * Note, more than one capabilities lead symbol can point to the same 1564 * family chain. For example, a weak/global pair of symbols can both 1565 * represent the same family of capabilities symbols. Therefore, to 1566 * display all possible families we traverse the capabilities 1567 * information section looking for CAPINFO_SUNW_GLOB lead symbols. 1568 * From these we determine the associated capabilities chain to inspect. 1569 */ 1570 if (symcaps && 1571 ((ehdr->e_type == ET_EXEC) || (ehdr->e_type == ET_DYN))) { 1572 Capinfo *cip; 1573 Capchain *chain; 1574 Cache *chcache; 1575 Shdr *chshdr; 1576 Word chainnum, inum; 1577 1578 /* 1579 * Validate that the sh_info field of the capabilities 1580 * information section points to a capabilities chain section. 1581 */ 1582 if (cishdr->sh_info >= shnum) { 1583 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 1584 file, cicache->c_name, EC_WORD(cishdr->sh_info)); 1585 return (0); 1586 } 1587 1588 chcache = &cache[cishdr->sh_info]; 1589 chshdr = chcache->c_shdr; 1590 1591 if (chshdr->sh_type != SHT_SUNW_capchain) { 1592 (void) fprintf(stderr, MSG_INTL(MSG_ERR_INVCAPINFO2), 1593 file, cicache->c_name, EC_WORD(cishdr->sh_info)); 1594 return (0); 1595 } 1596 1597 chainnum = (Word)(chshdr->sh_size / chshdr->sh_entsize); 1598 chain = (Capchain *)chcache->c_data->d_buf; 1599 1600 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1601 dbg_print(0, MSG_INTL(MSG_ELF_SCN_CAPCHAIN), chcache->c_name); 1602 1603 /* 1604 * Traverse the capabilities information section looking for 1605 * CAPINFO_SUNW_GLOB lead capabilities symbols. 1606 */ 1607 cip = capinfo; 1608 for (inum = 1, cip++; inum < capinfonum; inum++, cip++) { 1609 const char *name; 1610 Sym *sym; 1611 Word sndx, cndx; 1612 Word gndx = (Word)ELF_C_GROUP(*cip); 1613 1614 if ((gndx == 0) || (gndx != CAPINFO_SUNW_GLOB)) 1615 continue; 1616 1617 /* 1618 * Determine the symbol that is associated with this 1619 * capability information entry, and use this to 1620 * identify this capability family. 1621 */ 1622 sym = (Sym *)(state.sym + inum); 1623 name = string(cicache, inum, strcache, file, 1624 sym->st_name); 1625 1626 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1627 dbg_print(0, MSG_INTL(MSG_CAPCHAIN_TITLE), name); 1628 dbg_print(0, MSG_INTL(MSG_CAPCHAIN_ENTRY)); 1629 1630 cndx = (Word)ELF_C_SYM(*cip); 1631 1632 /* 1633 * Traverse this families chain and identify each 1634 * family member. 1635 */ 1636 for (;;) { 1637 char _chain[MAXNDXSIZE], _symndx[MAXNDXSIZE]; 1638 1639 if (cndx >= chainnum) { 1640 (void) fprintf(stderr, 1641 MSG_INTL(MSG_ERR_INVCAPINFO3), file, 1642 cicache->c_name, EC_WORD(inum), 1643 EC_WORD(cndx)); 1644 break; 1645 } 1646 if ((sndx = chain[cndx]) == 0) 1647 break; 1648 1649 /* 1650 * Determine this entries symbol reference. 1651 */ 1652 if (sndx > state.symn) { 1653 (void) fprintf(stderr, 1654 MSG_INTL(MSG_ERR_CHBADSYMNDX), file, 1655 EC_WORD(sndx), chcache->c_name, 1656 EC_WORD(cndx)); 1657 name = MSG_INTL(MSG_STR_UNKNOWN); 1658 } else { 1659 sym = (Sym *)(state.sym + sndx); 1660 name = string(chcache, sndx, 1661 strcache, file, sym->st_name); 1662 } 1663 1664 /* 1665 * Display the family member. 1666 */ 1667 (void) snprintf(_chain, MAXNDXSIZE, 1668 MSG_ORIG(MSG_FMT_INTEGER), cndx); 1669 (void) snprintf(_symndx, MAXNDXSIZE, 1670 MSG_ORIG(MSG_FMT_INDEX2), EC_WORD(sndx)); 1671 dbg_print(0, MSG_ORIG(MSG_FMT_CHAIN_INFO), 1672 _chain, _symndx, demangle(name, flags)); 1673 1674 cndx++; 1675 } 1676 } 1677 } 1678 return (objcap); 1679 } 1680 1681 /* 1682 * Print the capabilities. 1683 * 1684 * A .SUNW_cap section can contain one or more, CA_SUNW_NULL terminated, 1685 * capabilities groups. The first group defines the object capabilities. 1686 * This group defines the minimum capability requirements of the entire 1687 * object file. If this is a dynamic object, this group should be associated 1688 * with a PT_SUNWCAP program header. 1689 * 1690 * Additional capabilities groups define the association of individual symbols 1691 * to specific capabilities. 1692 */ 1693 static void 1694 cap(const char *file, Cache *cache, Word shnum, Word phnum, Ehdr *ehdr, 1695 uchar_t osabi, Elf *elf, uint_t flags) 1696 { 1697 Word cnt; 1698 Shdr *cshdr = NULL; 1699 Cache *ccache; 1700 Off cphdr_off = 0; 1701 Xword cphdr_sz; 1702 1703 /* 1704 * Determine if a global capabilities header exists. 1705 */ 1706 if (phnum) { 1707 Phdr *phdr; 1708 1709 if ((phdr = elf_getphdr(elf)) == NULL) { 1710 failure(file, MSG_ORIG(MSG_ELF_GETPHDR)); 1711 return; 1712 } 1713 1714 for (cnt = 0; cnt < phnum; phdr++, cnt++) { 1715 if (phdr->p_type == PT_SUNWCAP) { 1716 cphdr_off = phdr->p_offset; 1717 cphdr_sz = phdr->p_filesz; 1718 break; 1719 } 1720 } 1721 } 1722 1723 /* 1724 * Determine if a capabilities section exists. 1725 */ 1726 for (cnt = 1; cnt < shnum; cnt++) { 1727 Cache *_cache = &cache[cnt]; 1728 Shdr *shdr = _cache->c_shdr; 1729 1730 /* 1731 * Process any capabilities information. 1732 */ 1733 if (shdr->sh_type == SHT_SUNW_cap) { 1734 if (cap_section(file, cache, shnum, _cache, osabi, 1735 ehdr, flags)) { 1736 /* 1737 * If this section defined an object capability 1738 * group, retain the section information for 1739 * program header validation. 1740 */ 1741 ccache = _cache; 1742 cshdr = shdr; 1743 } 1744 continue; 1745 } 1746 } 1747 1748 if ((cshdr == NULL) && (cphdr_off == 0)) 1749 return; 1750 1751 if (cphdr_off && (cshdr == NULL)) 1752 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVCAP1), file); 1753 1754 /* 1755 * If this object is an executable or shared object, and it provided 1756 * an object capabilities group, then the group should have an 1757 * accompanying PT_SUNWCAP program header. 1758 */ 1759 if (cshdr && ((ehdr->e_type == ET_EXEC) || (ehdr->e_type == ET_DYN))) { 1760 if (cphdr_off == 0) { 1761 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVCAP2), 1762 file, EC_WORD(elf_ndxscn(ccache->c_scn)), 1763 ccache->c_name); 1764 } else if ((cphdr_off != cshdr->sh_offset) || 1765 (cphdr_sz != cshdr->sh_size)) { 1766 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVCAP3), 1767 file, EC_WORD(elf_ndxscn(ccache->c_scn)), 1768 ccache->c_name); 1769 } 1770 } 1771 } 1772 1773 /* 1774 * Print the interpretor. 1775 */ 1776 static void 1777 interp(const char *file, Cache *cache, Word shnum, Word phnum, Elf *elf) 1778 { 1779 static Word phdr_types[] = { PT_INTERP }; 1780 1781 1782 Word cnt; 1783 Shdr *ishdr = NULL; 1784 Cache *icache = NULL; 1785 Off iphdr_off = 0; 1786 Xword iphdr_fsz; 1787 1788 /* 1789 * Determine if an interp header exists. 1790 */ 1791 if (phnum) { 1792 Phdr *phdr; 1793 1794 phdr = getphdr(phnum, phdr_types, 1795 sizeof (phdr_types) / sizeof (*phdr_types), file, elf); 1796 if (phdr != NULL) { 1797 iphdr_off = phdr->p_offset; 1798 iphdr_fsz = phdr->p_filesz; 1799 } 1800 } 1801 1802 if (iphdr_off == 0) 1803 return; 1804 1805 /* 1806 * Determine if an interp section exists. 1807 */ 1808 for (cnt = 1; cnt < shnum; cnt++) { 1809 Cache *_cache = &cache[cnt]; 1810 Shdr *shdr = _cache->c_shdr; 1811 1812 /* 1813 * Scan sections to find a section which contains the PT_INTERP 1814 * string. The target section can't be in a NOBITS section. 1815 */ 1816 if ((shdr->sh_type == SHT_NOBITS) || 1817 (iphdr_off < shdr->sh_offset) || 1818 (iphdr_off + iphdr_fsz) > (shdr->sh_offset + shdr->sh_size)) 1819 continue; 1820 1821 icache = _cache; 1822 ishdr = shdr; 1823 break; 1824 } 1825 1826 /* 1827 * Print the interpreter string based on the offset defined in the 1828 * program header, as this is the offset used by the kernel. 1829 */ 1830 if ((ishdr != NULL) && 1831 (icache != NULL) && 1832 (icache->c_data != NULL) && 1833 (icache->c_data->d_buf != NULL) && 1834 (icache->c_data->d_size > 0)) { 1835 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1836 dbg_print(0, MSG_INTL(MSG_ELF_SCN_INTERP), icache->c_name); 1837 dbg_print(0, MSG_ORIG(MSG_FMT_INDENT), 1838 (char *)icache->c_data->d_buf + 1839 (iphdr_off - ishdr->sh_offset)); 1840 } else 1841 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVINTERP1), file); 1842 1843 /* 1844 * If there are any inconsistences between the program header and 1845 * section information, flag them. 1846 */ 1847 if (ishdr && ((iphdr_off != ishdr->sh_offset) || 1848 (iphdr_fsz != ishdr->sh_size))) { 1849 (void) fprintf(stderr, MSG_INTL(MSG_WARN_INVINTERP2), file, 1850 icache->c_name); 1851 } 1852 } 1853 1854 /* 1855 * Print the syminfo section. 1856 */ 1857 static void 1858 syminfo(Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, const char *file) 1859 { 1860 Shdr *infoshdr; 1861 Syminfo *info; 1862 Sym *syms; 1863 Dyn *dyns; 1864 Word infonum, cnt, ndx, symnum, dynnum; 1865 Cache *infocache = NULL, *dyncache = NULL, *symsec, *strsec; 1866 Boolean *dynerr; 1867 1868 for (cnt = 1; cnt < shnum; cnt++) { 1869 if (cache[cnt].c_shdr->sh_type == SHT_SUNW_syminfo) { 1870 infocache = &cache[cnt]; 1871 break; 1872 } 1873 } 1874 if (infocache == NULL) 1875 return; 1876 1877 infoshdr = infocache->c_shdr; 1878 if ((infoshdr->sh_entsize == 0) || (infoshdr->sh_size == 0)) { 1879 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 1880 file, infocache->c_name); 1881 return; 1882 } 1883 if (infocache->c_data == NULL) 1884 return; 1885 1886 infonum = (Word)(infoshdr->sh_size / infoshdr->sh_entsize); 1887 info = (Syminfo *)infocache->c_data->d_buf; 1888 1889 /* 1890 * If there is no associated dynamic section, determine if one 1891 * is needed, and if so issue a warning. If there is an 1892 * associated dynamic section, validate it and get the data buffer 1893 * for it. 1894 */ 1895 dyns = NULL; 1896 dynnum = 0; 1897 if (infoshdr->sh_info == 0) { 1898 Syminfo *_info = info + 1; 1899 1900 for (ndx = 1; ndx < infonum; ndx++, _info++) { 1901 if ((_info->si_flags == 0) && (_info->si_boundto == 0)) 1902 continue; 1903 1904 if (_info->si_boundto < SYMINFO_BT_LOWRESERVE) 1905 (void) fprintf(stderr, 1906 MSG_INTL(MSG_ERR_BADSHINFO), file, 1907 infocache->c_name, 1908 EC_WORD(infoshdr->sh_info)); 1909 } 1910 } else if ((infoshdr->sh_info >= shnum) || 1911 (cache[infoshdr->sh_info].c_shdr->sh_type != SHT_DYNAMIC)) { 1912 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHINFO), 1913 file, infocache->c_name, EC_WORD(infoshdr->sh_info)); 1914 } else { 1915 dyncache = &cache[infoshdr->sh_info]; 1916 if ((dyncache->c_data == NULL) || 1917 ((dyns = dyncache->c_data->d_buf) == NULL)) { 1918 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 1919 file, dyncache->c_name); 1920 } 1921 if (dyns != NULL) { 1922 if ((dyncache->c_shdr->sh_entsize == 0) || 1923 (dyncache->c_shdr->sh_size == 0)) { 1924 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 1925 file, dyncache->c_name); 1926 return; 1927 } 1928 1929 dynnum = dyncache->c_shdr->sh_size / 1930 dyncache->c_shdr->sh_entsize; 1931 1932 /* 1933 * We validate the type of dynamic elements referenced 1934 * from the syminfo. This array is used report any 1935 * bad dynamic entries. 1936 */ 1937 if ((dynerr = calloc(dynnum, sizeof (*dynerr))) == 1938 NULL) { 1939 int err = errno; 1940 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 1941 file, strerror(err)); 1942 return; 1943 } 1944 } 1945 } 1946 1947 /* 1948 * Get the data buffer for the associated symbol table and string table. 1949 */ 1950 if (stringtbl(cache, 1, cnt, shnum, file, 1951 &symnum, &symsec, &strsec) == 0) 1952 return; 1953 1954 syms = symsec->c_data->d_buf; 1955 1956 /* 1957 * Loop through the syminfo entries. 1958 */ 1959 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 1960 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMINFO), infocache->c_name); 1961 Elf_syminfo_title(0); 1962 1963 for (ndx = 1, info++; ndx < infonum; ndx++, info++) { 1964 Sym *sym; 1965 const char *needed, *name; 1966 Word expect_dt; 1967 Word boundto = info->si_boundto; 1968 1969 if ((info->si_flags == 0) && (boundto == 0)) 1970 continue; 1971 1972 sym = &syms[ndx]; 1973 name = string(infocache, ndx, strsec, file, sym->st_name); 1974 1975 /* Is si_boundto set to one of the reserved values? */ 1976 if (boundto >= SYMINFO_BT_LOWRESERVE) { 1977 Elf_syminfo_entry(0, ndx, info, name, NULL); 1978 continue; 1979 } 1980 1981 /* 1982 * si_boundto is referencing a dynamic section. If we don't 1983 * have one, an error was already issued above, so it suffices 1984 * to display an empty string. If we are out of bounds, then 1985 * report that and then display an empty string. 1986 */ 1987 if ((dyns == NULL) || (boundto >= dynnum)) { 1988 if (dyns != NULL) 1989 (void) fprintf(stderr, 1990 MSG_INTL(MSG_ERR_BADSIDYNNDX), file, 1991 infocache->c_ndx, infocache->c_name, 1992 EC_WORD(ndx), EC_WORD(dynnum - 1), 1993 EC_WORD(boundto)); 1994 Elf_syminfo_entry(0, ndx, info, name, 1995 MSG_ORIG(MSG_STR_EMPTY)); 1996 continue; 1997 } 1998 1999 /* 2000 * The si_boundto reference expects a specific dynamic element 2001 * type at the given index. The dynamic element is always a 2002 * string that gives an object name. The specific type depends 2003 * on the si_flags present. Ensure that we've got the right 2004 * type. 2005 */ 2006 if (info->si_flags & SYMINFO_FLG_FILTER) 2007 expect_dt = DT_SUNW_FILTER; 2008 else if (info->si_flags & SYMINFO_FLG_AUXILIARY) 2009 expect_dt = DT_SUNW_AUXILIARY; 2010 else if (info->si_flags & (SYMINFO_FLG_DIRECT | 2011 SYMINFO_FLG_LAZYLOAD | SYMINFO_FLG_DIRECTBIND)) 2012 expect_dt = DT_NEEDED; 2013 else 2014 expect_dt = DT_NULL; /* means we ignore the type */ 2015 2016 if ((dyns[boundto].d_tag != expect_dt) && 2017 (expect_dt != DT_NULL)) { 2018 Conv_inv_buf_t buf1, buf2; 2019 2020 /* Only complain about each dynamic element once */ 2021 if (!dynerr[boundto]) { 2022 (void) fprintf(stderr, 2023 MSG_INTL(MSG_ERR_BADSIDYNTAG), 2024 file, infocache->c_ndx, infocache->c_name, 2025 EC_WORD(ndx), dyncache->c_ndx, 2026 dyncache->c_name, EC_WORD(boundto), 2027 conv_dyn_tag(expect_dt, osabi, 2028 ehdr->e_machine, CONV_FMT_ALT_CF, &buf1), 2029 conv_dyn_tag(dyns[boundto].d_tag, osabi, 2030 ehdr->e_machine, CONV_FMT_ALT_CF, &buf2)); 2031 dynerr[boundto] = TRUE; 2032 } 2033 } 2034 2035 /* 2036 * Whether or not the DT item we're pointing at is 2037 * of the right type, if it's a type we recognize as 2038 * providing a string, go ahead and show it. Otherwise 2039 * an empty string. 2040 */ 2041 switch (dyns[boundto].d_tag) { 2042 case DT_NEEDED: 2043 case DT_SONAME: 2044 case DT_RPATH: 2045 case DT_RUNPATH: 2046 case DT_CONFIG: 2047 case DT_DEPAUDIT: 2048 case DT_USED: 2049 case DT_AUDIT: 2050 case DT_SUNW_AUXILIARY: 2051 case DT_SUNW_FILTER: 2052 case DT_FILTER: 2053 case DT_AUXILIARY: 2054 needed = string(infocache, boundto, 2055 strsec, file, dyns[boundto].d_un.d_val); 2056 break; 2057 default: 2058 needed = MSG_ORIG(MSG_STR_EMPTY); 2059 } 2060 Elf_syminfo_entry(0, ndx, info, name, needed); 2061 } 2062 if (dyns != NULL) 2063 free(dynerr); 2064 } 2065 2066 /* 2067 * Print version definition section entries. 2068 */ 2069 static void 2070 version_def(Verdef *vdf, Word vdf_num, Cache *vcache, Cache *scache, 2071 const char *file) 2072 { 2073 Word cnt; 2074 char index[MAXNDXSIZE]; 2075 2076 Elf_ver_def_title(0); 2077 2078 for (cnt = 1; cnt <= vdf_num; cnt++, 2079 vdf = (Verdef *)((uintptr_t)vdf + vdf->vd_next)) { 2080 Conv_ver_flags_buf_t ver_flags_buf; 2081 const char *name, *dep; 2082 Half vcnt = vdf->vd_cnt - 1; 2083 Half ndx = vdf->vd_ndx; 2084 Verdaux *vdap = (Verdaux *)((uintptr_t)vdf + vdf->vd_aux); 2085 2086 /* 2087 * Obtain the name and first dependency (if any). 2088 */ 2089 name = string(vcache, cnt, scache, file, vdap->vda_name); 2090 vdap = (Verdaux *)((uintptr_t)vdap + vdap->vda_next); 2091 if (vcnt) 2092 dep = string(vcache, cnt, scache, file, vdap->vda_name); 2093 else 2094 dep = MSG_ORIG(MSG_STR_EMPTY); 2095 2096 (void) snprintf(index, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INDEX), 2097 EC_XWORD(ndx)); 2098 Elf_ver_line_1(0, index, name, dep, 2099 conv_ver_flags(vdf->vd_flags, 0, &ver_flags_buf)); 2100 2101 /* 2102 * Print any additional dependencies. 2103 */ 2104 if (vcnt) { 2105 vdap = (Verdaux *)((uintptr_t)vdap + vdap->vda_next); 2106 for (vcnt--; vcnt; vcnt--, 2107 vdap = (Verdaux *)((uintptr_t)vdap + 2108 vdap->vda_next)) { 2109 dep = string(vcache, cnt, scache, file, 2110 vdap->vda_name); 2111 Elf_ver_line_2(0, MSG_ORIG(MSG_STR_EMPTY), dep); 2112 } 2113 } 2114 } 2115 } 2116 2117 /* 2118 * Print version needed section entries. 2119 * 2120 * entry: 2121 * vnd - Address of verneed data 2122 * vnd_num - # of Verneed entries 2123 * vcache - Cache of verneed section being processed 2124 * scache - Cache of associated string table section 2125 * file - Name of object being processed. 2126 * versym - Information about versym section 2127 * 2128 * exit: 2129 * The versions have been printed. If GNU style versioning 2130 * is in effect, versym->max_verndx has been updated to 2131 * contain the largest version index seen. 2132 * 2133 * note: 2134 * The versym section of an object that follows the original 2135 * Solaris versioning rules only contains indexes into the verdef 2136 * section. Symbols defined in other objects (UNDEF) are given 2137 * a version of 0, indicating that they are not defined by 2138 * this file, and the Verneed entries do not have associated version 2139 * indexes. For these reasons, we do not display a version index 2140 * for original-style Verneed sections. 2141 * 2142 * The GNU versioning extensions alter this: Symbols defined in other 2143 * objects receive a version index in the range above those defined 2144 * by the Verdef section, and the vna_other field of the Vernaux 2145 * structs inside the Verneed section contain the version index for 2146 * that item. We therefore display the index when showing the 2147 * contents of a GNU style Verneed section. You should not 2148 * necessarily expect these indexes to appear in sorted 2149 * order --- it seems that the GNU ld assigns the versions as 2150 * symbols are encountered during linking, and then the results 2151 * are assembled into the Verneed section afterwards. 2152 */ 2153 static void 2154 version_need(Verneed *vnd, Word vnd_num, Cache *vcache, Cache *scache, 2155 const char *file, VERSYM_STATE *versym) 2156 { 2157 Word cnt; 2158 char index[MAXNDXSIZE]; 2159 const char *index_str; 2160 2161 Elf_ver_need_title(0, versym->gnu_needed); 2162 2163 for (cnt = 1; cnt <= vnd_num; cnt++, 2164 vnd = (Verneed *)((uintptr_t)vnd + vnd->vn_next)) { 2165 Conv_ver_flags_buf_t ver_flags_buf; 2166 const char *name, *dep; 2167 Half vcnt = vnd->vn_cnt; 2168 Vernaux *vnap = (Vernaux *)((uintptr_t)vnd + vnd->vn_aux); 2169 2170 /* 2171 * Obtain the name of the needed file and the version name 2172 * within it that we're dependent on. Note that the count 2173 * should be at least one, otherwise this is a pretty bogus 2174 * entry. 2175 */ 2176 name = string(vcache, cnt, scache, file, vnd->vn_file); 2177 if (vcnt) 2178 dep = string(vcache, cnt, scache, file, vnap->vna_name); 2179 else 2180 dep = MSG_INTL(MSG_STR_NULL); 2181 2182 if (vnap->vna_other == 0) { /* Traditional form */ 2183 index_str = MSG_ORIG(MSG_STR_EMPTY); 2184 } else { /* GNU form */ 2185 index_str = index; 2186 /* Format the version index value */ 2187 (void) snprintf(index, MAXNDXSIZE, 2188 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(vnap->vna_other)); 2189 if (vnap->vna_other > versym->max_verndx) 2190 versym->max_verndx = vnap->vna_other; 2191 } 2192 Elf_ver_line_1(0, index_str, name, dep, 2193 conv_ver_flags(vnap->vna_flags, 0, &ver_flags_buf)); 2194 2195 /* 2196 * Print any additional version dependencies. 2197 */ 2198 if (vcnt) { 2199 vnap = (Vernaux *)((uintptr_t)vnap + vnap->vna_next); 2200 for (vcnt--; vcnt; vcnt--, 2201 vnap = (Vernaux *)((uintptr_t)vnap + 2202 vnap->vna_next)) { 2203 dep = string(vcache, cnt, scache, file, 2204 vnap->vna_name); 2205 if (vnap->vna_other > 0) { 2206 /* Format the next index value */ 2207 (void) snprintf(index, MAXNDXSIZE, 2208 MSG_ORIG(MSG_FMT_INDEX), 2209 EC_XWORD(vnap->vna_other)); 2210 Elf_ver_line_1(0, index, 2211 MSG_ORIG(MSG_STR_EMPTY), dep, 2212 conv_ver_flags(vnap->vna_flags, 2213 0, &ver_flags_buf)); 2214 if (vnap->vna_other > 2215 versym->max_verndx) 2216 versym->max_verndx = 2217 vnap->vna_other; 2218 } else { 2219 Elf_ver_line_3(0, 2220 MSG_ORIG(MSG_STR_EMPTY), dep, 2221 conv_ver_flags(vnap->vna_flags, 2222 0, &ver_flags_buf)); 2223 } 2224 } 2225 } 2226 } 2227 } 2228 2229 /* 2230 * Examine the Verneed section for information related to GNU 2231 * style Versym indexing: 2232 * - A non-zero vna_other field indicates that Versym indexes can 2233 * reference Verneed records. 2234 * - If the object uses GNU style Versym indexing, the 2235 * maximum index value is needed to detect bad Versym entries. 2236 * 2237 * entry: 2238 * vnd - Address of verneed data 2239 * vnd_num - # of Verneed entries 2240 * versym - Information about versym section 2241 * 2242 * exit: 2243 * If a non-zero vna_other field is seen, versym->gnu_needed is set. 2244 * 2245 * versym->max_verndx has been updated to contain the largest 2246 * version index seen. 2247 */ 2248 static void 2249 update_gnu_verndx(Verneed *vnd, Word vnd_num, VERSYM_STATE *versym) 2250 { 2251 Word cnt; 2252 2253 for (cnt = 1; cnt <= vnd_num; cnt++, 2254 vnd = (Verneed *)((uintptr_t)vnd + vnd->vn_next)) { 2255 Half vcnt = vnd->vn_cnt; 2256 Vernaux *vnap = (Vernaux *)((uintptr_t)vnd + vnd->vn_aux); 2257 2258 /* 2259 * A non-zero value of vna_other indicates that this 2260 * object references VERNEED items from the VERSYM 2261 * array. 2262 */ 2263 if (vnap->vna_other != 0) { 2264 versym->gnu_needed = 1; 2265 if (vnap->vna_other > versym->max_verndx) 2266 versym->max_verndx = vnap->vna_other; 2267 } 2268 2269 /* 2270 * Check any additional version dependencies. 2271 */ 2272 if (vcnt) { 2273 vnap = (Vernaux *)((uintptr_t)vnap + vnap->vna_next); 2274 for (vcnt--; vcnt; vcnt--, 2275 vnap = (Vernaux *)((uintptr_t)vnap + 2276 vnap->vna_next)) { 2277 if (vnap->vna_other == 0) 2278 continue; 2279 2280 versym->gnu_needed = 1; 2281 if (vnap->vna_other > versym->max_verndx) 2282 versym->max_verndx = vnap->vna_other; 2283 } 2284 } 2285 } 2286 } 2287 2288 /* 2289 * Display version section information if the flags require it. 2290 * Return version information needed by other output. 2291 * 2292 * entry: 2293 * cache - Cache of all section headers 2294 * shnum - # of sections in cache 2295 * file - Name of file 2296 * flags - Command line option flags 2297 * versym - VERSYM_STATE block to be filled in. 2298 */ 2299 static void 2300 versions(Cache *cache, Word shnum, const char *file, uint_t flags, 2301 VERSYM_STATE *versym) 2302 { 2303 GElf_Word cnt; 2304 Cache *verdef_cache = NULL, *verneed_cache = NULL; 2305 2306 2307 /* Gather information about the version sections */ 2308 versym->max_verndx = 1; 2309 for (cnt = 1; cnt < shnum; cnt++) { 2310 Cache *_cache = &cache[cnt]; 2311 Shdr *shdr = _cache->c_shdr; 2312 Dyn *dyn; 2313 ulong_t numdyn; 2314 2315 switch (shdr->sh_type) { 2316 case SHT_DYNAMIC: 2317 /* 2318 * The GNU ld puts a DT_VERSYM entry in the dynamic 2319 * section so that the runtime linker can use it to 2320 * implement their versioning rules. They allow multiple 2321 * incompatible functions with the same name to exist 2322 * in different versions. The Solaris ld does not 2323 * support this mechanism, and as such, does not 2324 * produce DT_VERSYM. We use this fact to determine 2325 * which ld produced this object, and how to interpret 2326 * the version values. 2327 */ 2328 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0) || 2329 (_cache->c_data == NULL)) 2330 continue; 2331 numdyn = shdr->sh_size / shdr->sh_entsize; 2332 dyn = (Dyn *)_cache->c_data->d_buf; 2333 for (; numdyn-- > 0; dyn++) 2334 if (dyn->d_tag == DT_VERSYM) { 2335 versym->gnu_full = 2336 versym->gnu_needed = 1; 2337 break; 2338 } 2339 break; 2340 2341 case SHT_SUNW_versym: 2342 /* Record data address for later symbol processing */ 2343 if (_cache->c_data != NULL) { 2344 versym->cache = _cache; 2345 versym->data = _cache->c_data->d_buf; 2346 continue; 2347 } 2348 break; 2349 2350 case SHT_SUNW_verdef: 2351 case SHT_SUNW_verneed: 2352 /* 2353 * Ensure the data is non-NULL and the number 2354 * of items is non-zero. Otherwise, we don't 2355 * understand the section, and will not use it. 2356 */ 2357 if ((_cache->c_data == NULL) || 2358 (_cache->c_data->d_buf == NULL)) { 2359 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 2360 file, _cache->c_name); 2361 continue; 2362 } 2363 if (shdr->sh_info == 0) { 2364 (void) fprintf(stderr, 2365 MSG_INTL(MSG_ERR_BADSHINFO), 2366 file, _cache->c_name, 2367 EC_WORD(shdr->sh_info)); 2368 continue; 2369 } 2370 2371 /* Make sure the string table index is in range */ 2372 if ((shdr->sh_link == 0) || (shdr->sh_link >= shnum)) { 2373 (void) fprintf(stderr, 2374 MSG_INTL(MSG_ERR_BADSHLINK), file, 2375 _cache->c_name, EC_WORD(shdr->sh_link)); 2376 continue; 2377 } 2378 2379 /* 2380 * The section is usable. Save the cache entry. 2381 */ 2382 if (shdr->sh_type == SHT_SUNW_verdef) { 2383 verdef_cache = _cache; 2384 /* 2385 * Under Solaris rules, if there is a verdef 2386 * section, the max versym index is number 2387 * of version definitions it supplies. 2388 */ 2389 versym->max_verndx = shdr->sh_info; 2390 } else { 2391 verneed_cache = _cache; 2392 } 2393 break; 2394 } 2395 } 2396 2397 /* 2398 * If there is a Verneed section, examine it for information 2399 * related to GNU style versioning. 2400 */ 2401 if (verneed_cache != NULL) 2402 update_gnu_verndx((Verneed *)verneed_cache->c_data->d_buf, 2403 verneed_cache->c_shdr->sh_info, versym); 2404 2405 /* 2406 * Now that all the information is available, display the 2407 * Verdef and Verneed section contents, if requested. 2408 */ 2409 if ((flags & FLG_SHOW_VERSIONS) == 0) 2410 return; 2411 if (verdef_cache != NULL) { 2412 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2413 dbg_print(0, MSG_INTL(MSG_ELF_SCN_VERDEF), 2414 verdef_cache->c_name); 2415 version_def((Verdef *)verdef_cache->c_data->d_buf, 2416 verdef_cache->c_shdr->sh_info, verdef_cache, 2417 &cache[verdef_cache->c_shdr->sh_link], file); 2418 } 2419 if (verneed_cache != NULL) { 2420 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2421 dbg_print(0, MSG_INTL(MSG_ELF_SCN_VERNEED), 2422 verneed_cache->c_name); 2423 /* 2424 * If GNU versioning applies to this object, version_need() 2425 * will update versym->max_verndx, and it is not 2426 * necessary to call update_gnu_verndx(). 2427 */ 2428 version_need((Verneed *)verneed_cache->c_data->d_buf, 2429 verneed_cache->c_shdr->sh_info, verneed_cache, 2430 &cache[verneed_cache->c_shdr->sh_link], file, versym); 2431 } 2432 } 2433 2434 /* 2435 * Search for and process any symbol tables. 2436 */ 2437 void 2438 symbols(Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, 2439 VERSYM_STATE *versym, const char *file, uint_t flags) 2440 { 2441 SYMTBL_STATE state; 2442 Cache *_cache; 2443 Word secndx; 2444 2445 for (secndx = 1; secndx < shnum; secndx++) { 2446 Word symcnt; 2447 Shdr *shdr; 2448 2449 _cache = &cache[secndx]; 2450 shdr = _cache->c_shdr; 2451 2452 if ((shdr->sh_type != SHT_SYMTAB) && 2453 (shdr->sh_type != SHT_DYNSYM) && 2454 ((shdr->sh_type != SHT_SUNW_LDYNSYM) || 2455 (osabi != ELFOSABI_SOLARIS))) 2456 continue; 2457 if (!match(MATCH_F_ALL, _cache->c_name, secndx, shdr->sh_type)) 2458 continue; 2459 2460 if (!init_symtbl_state(&state, cache, shnum, secndx, ehdr, 2461 osabi, versym, file, flags)) 2462 continue; 2463 /* 2464 * Loop through the symbol tables entries. 2465 */ 2466 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2467 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMTAB), state.secname); 2468 Elf_syms_table_title(0, ELF_DBG_ELFDUMP); 2469 2470 for (symcnt = 0; symcnt < state.symn; symcnt++) 2471 output_symbol(&state, symcnt, shdr->sh_info, symcnt, 2472 state.sym + symcnt); 2473 } 2474 } 2475 2476 /* 2477 * Search for and process any SHT_SUNW_symsort or SHT_SUNW_tlssort sections. 2478 * These sections are always associated with the .SUNW_ldynsym./.dynsym pair. 2479 */ 2480 static void 2481 sunw_sort(Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, 2482 VERSYM_STATE *versym, const char *file, uint_t flags) 2483 { 2484 SYMTBL_STATE ldynsym_state, dynsym_state; 2485 Cache *sortcache, *symcache; 2486 Shdr *sortshdr, *symshdr; 2487 Word sortsecndx, symsecndx; 2488 Word ldynsym_cnt; 2489 Word *ndx; 2490 Word ndxn; 2491 int output_cnt = 0; 2492 Conv_inv_buf_t inv_buf; 2493 2494 for (sortsecndx = 1; sortsecndx < shnum; sortsecndx++) { 2495 2496 sortcache = &cache[sortsecndx]; 2497 sortshdr = sortcache->c_shdr; 2498 2499 if ((sortshdr->sh_type != SHT_SUNW_symsort) && 2500 (sortshdr->sh_type != SHT_SUNW_tlssort)) 2501 continue; 2502 if (!match(MATCH_F_ALL, sortcache->c_name, sortsecndx, 2503 sortshdr->sh_type)) 2504 continue; 2505 2506 /* 2507 * If the section references a SUNW_ldynsym, then we 2508 * expect to see the associated .dynsym immediately 2509 * following. If it references a .dynsym, there is no 2510 * SUNW_ldynsym. If it is any other type, then we don't 2511 * know what to do with it. 2512 */ 2513 if ((sortshdr->sh_link == 0) || (sortshdr->sh_link >= shnum)) { 2514 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 2515 file, sortcache->c_name, 2516 EC_WORD(sortshdr->sh_link)); 2517 continue; 2518 } 2519 symcache = &cache[sortshdr->sh_link]; 2520 symshdr = symcache->c_shdr; 2521 symsecndx = sortshdr->sh_link; 2522 ldynsym_cnt = 0; 2523 switch (symshdr->sh_type) { 2524 case SHT_SUNW_LDYNSYM: 2525 if (!init_symtbl_state(&ldynsym_state, cache, shnum, 2526 symsecndx, ehdr, osabi, versym, file, flags)) 2527 continue; 2528 ldynsym_cnt = ldynsym_state.symn; 2529 /* 2530 * We know that the dynsym follows immediately 2531 * after the SUNW_ldynsym, and so, should be at 2532 * (sortshdr->sh_link + 1). However, elfdump is a 2533 * diagnostic tool, so we do the full paranoid 2534 * search instead. 2535 */ 2536 for (symsecndx = 1; symsecndx < shnum; symsecndx++) { 2537 symcache = &cache[symsecndx]; 2538 symshdr = symcache->c_shdr; 2539 if (symshdr->sh_type == SHT_DYNSYM) 2540 break; 2541 } 2542 if (symsecndx >= shnum) { /* Dynsym not found! */ 2543 (void) fprintf(stderr, 2544 MSG_INTL(MSG_ERR_NODYNSYM), 2545 file, sortcache->c_name); 2546 continue; 2547 } 2548 /* Fallthrough to process associated dynsym */ 2549 /* FALLTHROUGH */ 2550 case SHT_DYNSYM: 2551 if (!init_symtbl_state(&dynsym_state, cache, shnum, 2552 symsecndx, ehdr, osabi, versym, file, flags)) 2553 continue; 2554 break; 2555 default: 2556 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADNDXSEC), 2557 file, sortcache->c_name, 2558 conv_sec_type(osabi, ehdr->e_machine, 2559 symshdr->sh_type, 0, &inv_buf)); 2560 continue; 2561 } 2562 2563 /* 2564 * Output header 2565 */ 2566 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2567 if (ldynsym_cnt > 0) { 2568 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMSORT2), 2569 sortcache->c_name, ldynsym_state.secname, 2570 dynsym_state.secname); 2571 /* 2572 * The data for .SUNW_ldynsym and dynsym sections 2573 * is supposed to be adjacent with SUNW_ldynsym coming 2574 * first. Check, and issue a warning if it isn't so. 2575 */ 2576 if (((ldynsym_state.sym + ldynsym_state.symn) 2577 != dynsym_state.sym) && 2578 ((flags & FLG_CTL_FAKESHDR) == 0)) 2579 (void) fprintf(stderr, 2580 MSG_INTL(MSG_ERR_LDYNNOTADJ), file, 2581 ldynsym_state.secname, 2582 dynsym_state.secname); 2583 } else { 2584 dbg_print(0, MSG_INTL(MSG_ELF_SCN_SYMSORT1), 2585 sortcache->c_name, dynsym_state.secname); 2586 } 2587 Elf_syms_table_title(0, ELF_DBG_ELFDUMP); 2588 2589 /* If not first one, insert a line of white space */ 2590 if (output_cnt++ > 0) 2591 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2592 2593 /* 2594 * SUNW_dynsymsort and SUNW_dyntlssort are arrays of 2595 * symbol indices. Iterate over the array entries, 2596 * dispaying the referenced symbols. 2597 */ 2598 ndxn = sortshdr->sh_size / sortshdr->sh_entsize; 2599 ndx = (Word *)sortcache->c_data->d_buf; 2600 for (; ndxn-- > 0; ndx++) { 2601 if (*ndx >= ldynsym_cnt) { 2602 Word sec_ndx = *ndx - ldynsym_cnt; 2603 2604 output_symbol(&dynsym_state, sec_ndx, 0, 2605 *ndx, dynsym_state.sym + sec_ndx); 2606 } else { 2607 output_symbol(&ldynsym_state, *ndx, 0, 2608 *ndx, ldynsym_state.sym + *ndx); 2609 } 2610 } 2611 } 2612 } 2613 2614 /* 2615 * Search for and process any relocation sections. 2616 */ 2617 static void 2618 reloc(Cache *cache, Word shnum, Ehdr *ehdr, const char *file) 2619 { 2620 Word cnt; 2621 2622 for (cnt = 1; cnt < shnum; cnt++) { 2623 Word type, symnum; 2624 Xword relndx, relnum, relsize; 2625 void *rels; 2626 Sym *syms; 2627 Cache *symsec, *strsec; 2628 Cache *_cache = &cache[cnt]; 2629 Shdr *shdr = _cache->c_shdr; 2630 char *relname = _cache->c_name; 2631 Conv_inv_buf_t inv_buf; 2632 2633 if (((type = shdr->sh_type) != SHT_RELA) && 2634 (type != SHT_REL)) 2635 continue; 2636 if (!match(MATCH_F_ALL, relname, cnt, type)) 2637 continue; 2638 2639 /* 2640 * Decide entry size. 2641 */ 2642 if (((relsize = shdr->sh_entsize) == 0) || 2643 (relsize > shdr->sh_size)) { 2644 if (type == SHT_RELA) 2645 relsize = sizeof (Rela); 2646 else 2647 relsize = sizeof (Rel); 2648 } 2649 2650 /* 2651 * Determine the number of relocations available. 2652 */ 2653 if (shdr->sh_size == 0) { 2654 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 2655 file, relname); 2656 continue; 2657 } 2658 if (_cache->c_data == NULL) 2659 continue; 2660 2661 rels = _cache->c_data->d_buf; 2662 relnum = shdr->sh_size / relsize; 2663 2664 /* 2665 * Get the data buffer for the associated symbol table and 2666 * string table. 2667 */ 2668 if (stringtbl(cache, 1, cnt, shnum, file, 2669 &symnum, &symsec, &strsec) == 0) 2670 continue; 2671 2672 syms = symsec->c_data->d_buf; 2673 2674 /* 2675 * Loop through the relocation entries. 2676 */ 2677 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 2678 dbg_print(0, MSG_INTL(MSG_ELF_SCN_RELOC), _cache->c_name); 2679 Elf_reloc_title(0, ELF_DBG_ELFDUMP, type); 2680 2681 for (relndx = 0; relndx < relnum; relndx++, 2682 rels = (void *)((char *)rels + relsize)) { 2683 Half mach = ehdr->e_machine; 2684 char section[BUFSIZ]; 2685 const char *symname; 2686 Word symndx, reltype; 2687 Rela *rela; 2688 Rel *rel; 2689 2690 /* 2691 * Unravel the relocation and determine the symbol with 2692 * which this relocation is associated. 2693 */ 2694 if (type == SHT_RELA) { 2695 rela = (Rela *)rels; 2696 symndx = ELF_R_SYM(rela->r_info); 2697 reltype = ELF_R_TYPE(rela->r_info, mach); 2698 } else { 2699 rel = (Rel *)rels; 2700 symndx = ELF_R_SYM(rel->r_info); 2701 reltype = ELF_R_TYPE(rel->r_info, mach); 2702 } 2703 2704 symname = relsymname(cache, _cache, strsec, symndx, 2705 symnum, relndx, syms, section, BUFSIZ, file); 2706 2707 /* 2708 * A zero symbol index is only valid for a few 2709 * relocations. 2710 */ 2711 if (symndx == 0) { 2712 int badrel = 0; 2713 2714 if ((mach == EM_SPARC) || 2715 (mach == EM_SPARC32PLUS) || 2716 (mach == EM_SPARCV9)) { 2717 if ((reltype != R_SPARC_NONE) && 2718 (reltype != R_SPARC_REGISTER) && 2719 (reltype != R_SPARC_RELATIVE)) 2720 badrel++; 2721 } else if (mach == EM_386) { 2722 if ((reltype != R_386_NONE) && 2723 (reltype != R_386_RELATIVE)) 2724 badrel++; 2725 } else if (mach == EM_AMD64) { 2726 if ((reltype != R_AMD64_NONE) && 2727 (reltype != R_AMD64_RELATIVE)) 2728 badrel++; 2729 } 2730 2731 if (badrel) { 2732 (void) fprintf(stderr, 2733 MSG_INTL(MSG_ERR_BADREL1), file, 2734 conv_reloc_type(mach, reltype, 2735 0, &inv_buf)); 2736 } 2737 } 2738 2739 Elf_reloc_entry_1(0, ELF_DBG_ELFDUMP, 2740 MSG_ORIG(MSG_STR_EMPTY), ehdr->e_machine, type, 2741 rels, relname, symname, 0); 2742 } 2743 } 2744 } 2745 2746 2747 /* 2748 * This value controls which test dyn_test() performs. 2749 */ 2750 typedef enum { DYN_TEST_ADDR, DYN_TEST_SIZE, DYN_TEST_ENTSIZE } dyn_test_t; 2751 2752 /* 2753 * Used by dynamic() to compare the value of a dynamic element against 2754 * the starting address of the section it references. 2755 * 2756 * entry: 2757 * test_type - Specify which dyn item is being tested. 2758 * sh_type - SHT_* type value for required section. 2759 * sec_cache - Cache entry for section, or NULL if the object lacks 2760 * a section of this type. 2761 * dyn - Dyn entry to be tested 2762 * dynsec_cnt - # of dynamic section being examined. The first 2763 * dynamic section is 1, the next is 2, and so on... 2764 * ehdr - ELF header for file 2765 * file - Name of file 2766 */ 2767 static void 2768 dyn_test(dyn_test_t test_type, Word sh_type, Cache *sec_cache, Dyn *dyn, 2769 Word dynsec_cnt, Ehdr *ehdr, uchar_t osabi, const char *file) 2770 { 2771 Conv_inv_buf_t buf1, buf2; 2772 2773 /* 2774 * These tests are based around the implicit assumption that 2775 * there is only one dynamic section in an object, and also only 2776 * one of the sections it references. We have therefore gathered 2777 * all of the necessary information to test this in a single pass 2778 * over the section headers, which is very efficient. We are not 2779 * aware of any case where more than one dynamic section would 2780 * be meaningful in an ELF object, so this is a reasonable solution. 2781 * 2782 * To test multiple dynamic sections correctly would be more 2783 * expensive in code and time. We would have to build a data structure 2784 * containing all the dynamic elements. Then, we would use the address 2785 * to locate the section it references and ensure the section is of 2786 * the right type and that the address in the dynamic element is 2787 * to the start of the section. Then, we could check the size and 2788 * entsize values against those same sections. This is O(n^2), and 2789 * also complicated. 2790 * 2791 * In the highly unlikely case that there is more than one dynamic 2792 * section, we only test the first one, and simply allow the values 2793 * of the subsequent one to be displayed unchallenged. 2794 */ 2795 if (dynsec_cnt != 1) 2796 return; 2797 2798 /* 2799 * A DT_ item that references a section address should always find 2800 * the section in the file. 2801 */ 2802 if (sec_cache == NULL) { 2803 const char *name; 2804 2805 /* 2806 * Supply section names instead of section types for 2807 * things that reference progbits so that the error 2808 * message will make more sense. 2809 */ 2810 switch (dyn->d_tag) { 2811 case DT_INIT: 2812 name = MSG_ORIG(MSG_ELF_INIT); 2813 break; 2814 case DT_FINI: 2815 name = MSG_ORIG(MSG_ELF_FINI); 2816 break; 2817 default: 2818 name = conv_sec_type(osabi, ehdr->e_machine, 2819 sh_type, 0, &buf1); 2820 break; 2821 } 2822 (void) fprintf(stderr, MSG_INTL(MSG_ERR_DYNNOBCKSEC), file, 2823 name, conv_dyn_tag(dyn->d_tag, osabi, ehdr->e_machine, 2824 CONV_FMT_ALT_CF, &buf2)); 2825 return; 2826 } 2827 2828 2829 switch (test_type) { 2830 case DYN_TEST_ADDR: 2831 /* The section address should match the DT_ item value */ 2832 if (dyn->d_un.d_val != sec_cache->c_shdr->sh_addr) 2833 (void) fprintf(stderr, 2834 MSG_INTL(MSG_ERR_DYNBADADDR), file, 2835 conv_dyn_tag(dyn->d_tag, osabi, ehdr->e_machine, 2836 CONV_FMT_ALT_CF, &buf1), EC_ADDR(dyn->d_un.d_val), 2837 sec_cache->c_ndx, sec_cache->c_name, 2838 EC_ADDR(sec_cache->c_shdr->sh_addr)); 2839 break; 2840 2841 case DYN_TEST_SIZE: 2842 /* The section size should match the DT_ item value */ 2843 if (dyn->d_un.d_val != sec_cache->c_shdr->sh_size) 2844 (void) fprintf(stderr, 2845 MSG_INTL(MSG_ERR_DYNBADSIZE), file, 2846 conv_dyn_tag(dyn->d_tag, osabi, ehdr->e_machine, 2847 CONV_FMT_ALT_CF, &buf1), EC_XWORD(dyn->d_un.d_val), 2848 sec_cache->c_ndx, sec_cache->c_name, 2849 EC_XWORD(sec_cache->c_shdr->sh_size)); 2850 break; 2851 2852 case DYN_TEST_ENTSIZE: 2853 /* The sh_entsize value should match the DT_ item value */ 2854 if (dyn->d_un.d_val != sec_cache->c_shdr->sh_entsize) 2855 (void) fprintf(stderr, 2856 MSG_INTL(MSG_ERR_DYNBADENTSIZE), file, 2857 conv_dyn_tag(dyn->d_tag, osabi, ehdr->e_machine, 2858 CONV_FMT_ALT_CF, &buf1), EC_XWORD(dyn->d_un.d_val), 2859 sec_cache->c_ndx, sec_cache->c_name, 2860 EC_XWORD(sec_cache->c_shdr->sh_entsize)); 2861 break; 2862 } 2863 } 2864 2865 /* 2866 * There are some DT_ entries that have corresponding symbols 2867 * (e.g. DT_INIT and _init). It is expected that these items will 2868 * both have the same value if both are present. This routine 2869 * examines the well known symbol tables for such symbols and 2870 * issues warnings for any that don't match. 2871 * 2872 * entry: 2873 * dyn - Dyn entry to be tested 2874 * symname - Name of symbol that corresponds to dyn 2875 * symtab_cache, dynsym_cache, ldynsym_cache - Symbol tables to check 2876 * target_cache - Section the symname section is expected to be 2877 * associated with. 2878 * cache - Cache of all section headers 2879 * shnum - # of sections in cache 2880 * ehdr - ELF header for file 2881 * osabi - OSABI to apply when interpreting object 2882 * file - Name of file 2883 */ 2884 static void 2885 dyn_symtest(Dyn *dyn, const char *symname, Cache *symtab_cache, 2886 Cache *dynsym_cache, Cache *ldynsym_cache, Cache *target_cache, 2887 Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, const char *file) 2888 { 2889 Conv_inv_buf_t buf; 2890 int i; 2891 Sym *sym; 2892 Cache *_cache; 2893 2894 for (i = 0; i < 3; i++) { 2895 switch (i) { 2896 case 0: 2897 _cache = symtab_cache; 2898 break; 2899 case 1: 2900 _cache = dynsym_cache; 2901 break; 2902 case 2: 2903 _cache = ldynsym_cache; 2904 break; 2905 } 2906 2907 if ((_cache != NULL) && 2908 symlookup(symname, cache, shnum, &sym, target_cache, 2909 _cache, file) && (sym->st_value != dyn->d_un.d_val)) 2910 (void) fprintf(stderr, MSG_INTL(MSG_ERR_DYNSYMVAL), 2911 file, _cache->c_name, conv_dyn_tag(dyn->d_tag, 2912 osabi, ehdr->e_machine, CONV_FMT_ALT_CF, &buf), 2913 symname, EC_ADDR(sym->st_value)); 2914 } 2915 } 2916 2917 /* 2918 * Search for and process a .dynamic section. 2919 */ 2920 static void 2921 dynamic(Cache *cache, Word shnum, Ehdr *ehdr, uchar_t osabi, const char *file) 2922 { 2923 struct { 2924 Cache *symtab; 2925 Cache *dynstr; 2926 Cache *dynsym; 2927 Cache *hash; 2928 Cache *fini; 2929 Cache *fini_array; 2930 Cache *init; 2931 Cache *init_array; 2932 Cache *preinit_array; 2933 Cache *rel; 2934 Cache *rela; 2935 Cache *sunw_cap; 2936 Cache *sunw_capinfo; 2937 Cache *sunw_capchain; 2938 Cache *sunw_ldynsym; 2939 Cache *sunw_move; 2940 Cache *sunw_syminfo; 2941 Cache *sunw_symsort; 2942 Cache *sunw_tlssort; 2943 Cache *sunw_verdef; 2944 Cache *sunw_verneed; 2945 Cache *sunw_versym; 2946 } sec; 2947 Word dynsec_ndx; 2948 Word dynsec_num; 2949 int dynsec_cnt; 2950 Word cnt; 2951 int osabi_solaris = osabi == ELFOSABI_SOLARIS; 2952 2953 /* 2954 * Make a pass over all the sections, gathering section information 2955 * we'll need below. 2956 */ 2957 dynsec_num = 0; 2958 bzero(&sec, sizeof (sec)); 2959 for (cnt = 1; cnt < shnum; cnt++) { 2960 Cache *_cache = &cache[cnt]; 2961 2962 switch (_cache->c_shdr->sh_type) { 2963 case SHT_DYNAMIC: 2964 if (dynsec_num == 0) { 2965 dynsec_ndx = cnt; 2966 2967 /* Does it have a valid string table? */ 2968 (void) stringtbl(cache, 0, cnt, shnum, file, 2969 0, 0, &sec.dynstr); 2970 } 2971 dynsec_num++; 2972 break; 2973 2974 2975 case SHT_PROGBITS: 2976 /* 2977 * We want to detect the .init and .fini sections, 2978 * if present. These are SHT_PROGBITS, so all we 2979 * have to go on is the section name. Normally comparing 2980 * names is a bad idea, but there are some special 2981 * names (i.e. .init/.fini/.interp) that are very 2982 * difficult to use in any other context, and for 2983 * these symbols, we do the heuristic match. 2984 */ 2985 if (strcmp(_cache->c_name, 2986 MSG_ORIG(MSG_ELF_INIT)) == 0) { 2987 if (sec.init == NULL) 2988 sec.init = _cache; 2989 } else if (strcmp(_cache->c_name, 2990 MSG_ORIG(MSG_ELF_FINI)) == 0) { 2991 if (sec.fini == NULL) 2992 sec.fini = _cache; 2993 } 2994 break; 2995 2996 case SHT_REL: 2997 /* 2998 * We want the SHT_REL section with the lowest 2999 * offset. The linker gathers them together, 3000 * and puts the address of the first one 3001 * into the DT_REL dynamic element. 3002 */ 3003 if ((sec.rel == NULL) || 3004 (_cache->c_shdr->sh_offset < 3005 sec.rel->c_shdr->sh_offset)) 3006 sec.rel = _cache; 3007 break; 3008 3009 case SHT_RELA: 3010 /* RELA is handled just like RELA above */ 3011 if ((sec.rela == NULL) || 3012 (_cache->c_shdr->sh_offset < 3013 sec.rela->c_shdr->sh_offset)) 3014 sec.rela = _cache; 3015 break; 3016 3017 /* 3018 * The GRAB macro is used for the simple case in which 3019 * we simply grab the first section of the desired type. 3020 */ 3021 #define GRAB(_sec_type, _sec_field) \ 3022 case _sec_type: \ 3023 if (sec._sec_field == NULL) \ 3024 sec._sec_field = _cache; \ 3025 break 3026 GRAB(SHT_SYMTAB, symtab); 3027 GRAB(SHT_DYNSYM, dynsym); 3028 GRAB(SHT_FINI_ARRAY, fini_array); 3029 GRAB(SHT_HASH, hash); 3030 GRAB(SHT_INIT_ARRAY, init_array); 3031 GRAB(SHT_SUNW_move, sunw_move); 3032 GRAB(SHT_PREINIT_ARRAY, preinit_array); 3033 GRAB(SHT_SUNW_cap, sunw_cap); 3034 GRAB(SHT_SUNW_capinfo, sunw_capinfo); 3035 GRAB(SHT_SUNW_capchain, sunw_capchain); 3036 GRAB(SHT_SUNW_LDYNSYM, sunw_ldynsym); 3037 GRAB(SHT_SUNW_syminfo, sunw_syminfo); 3038 GRAB(SHT_SUNW_symsort, sunw_symsort); 3039 GRAB(SHT_SUNW_tlssort, sunw_tlssort); 3040 GRAB(SHT_SUNW_verdef, sunw_verdef); 3041 GRAB(SHT_SUNW_verneed, sunw_verneed); 3042 GRAB(SHT_SUNW_versym, sunw_versym); 3043 #undef GRAB 3044 } 3045 } 3046 3047 /* 3048 * If no dynamic section, return immediately. If more than one 3049 * dynamic section, then something odd is going on and an error 3050 * is in order, but then continue on and display them all. 3051 */ 3052 if (dynsec_num == 0) 3053 return; 3054 if (dynsec_num > 1) 3055 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MULTDYN), 3056 file, EC_WORD(dynsec_num)); 3057 3058 3059 dynsec_cnt = 0; 3060 for (cnt = dynsec_ndx; (cnt < shnum) && (dynsec_cnt < dynsec_num); 3061 cnt++) { 3062 Dyn *dyn; 3063 ulong_t numdyn; 3064 int ndx, end_ndx; 3065 Cache *_cache = &cache[cnt], *strsec; 3066 Shdr *shdr = _cache->c_shdr; 3067 int dumped = 0; 3068 3069 if (shdr->sh_type != SHT_DYNAMIC) 3070 continue; 3071 dynsec_cnt++; 3072 3073 /* 3074 * Verify the associated string table section. 3075 */ 3076 if (stringtbl(cache, 0, cnt, shnum, file, 0, 0, &strsec) == 0) 3077 continue; 3078 3079 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 3080 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3081 file, _cache->c_name); 3082 continue; 3083 } 3084 if (_cache->c_data == NULL) 3085 continue; 3086 3087 numdyn = shdr->sh_size / shdr->sh_entsize; 3088 dyn = (Dyn *)_cache->c_data->d_buf; 3089 3090 /* 3091 * We expect the REL/RELA entries to reference the reloc 3092 * section with the lowest address. However, this is 3093 * not true for dumped objects. Detect if this object has 3094 * been dumped so that we can skip the reloc address test 3095 * in that case. 3096 */ 3097 for (ndx = 0; ndx < numdyn; dyn++, ndx++) { 3098 if (dyn->d_tag == DT_FLAGS_1) { 3099 dumped = (dyn->d_un.d_val & DF_1_CONFALT) != 0; 3100 break; 3101 } 3102 } 3103 dyn = (Dyn *)_cache->c_data->d_buf; 3104 3105 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3106 dbg_print(0, MSG_INTL(MSG_ELF_SCN_DYNAMIC), _cache->c_name); 3107 3108 Elf_dyn_title(0); 3109 3110 for (ndx = 0; ndx < numdyn; dyn++, ndx++) { 3111 union { 3112 Conv_inv_buf_t inv; 3113 Conv_dyn_flag_buf_t flag; 3114 Conv_dyn_flag1_buf_t flag1; 3115 Conv_dyn_posflag1_buf_t posflag1; 3116 Conv_dyn_feature1_buf_t feature1; 3117 } c_buf; 3118 const char *name = NULL; 3119 3120 /* 3121 * Print the information numerically, and if possible 3122 * as a string. If a string is available, name is 3123 * set to reference it. 3124 * 3125 * Also, take this opportunity to sanity check 3126 * the values of DT elements. In the code above, 3127 * we gathered information on sections that are 3128 * referenced by the dynamic section. Here, we 3129 * compare the attributes of those sections to 3130 * the DT_ items that reference them and report 3131 * on inconsistencies. 3132 * 3133 * Things not currently tested that could be improved 3134 * in later revisions include: 3135 * - We don't check PLT or GOT related items 3136 * - We don't handle computing the lengths of 3137 * relocation arrays. To handle this 3138 * requires examining data that spans 3139 * across sections, in a contiguous span 3140 * within a single segment. 3141 * - DT_VERDEFNUM and DT_VERNEEDNUM can't be 3142 * verified without parsing the sections. 3143 * - We don't handle DT_SUNW_SYMSZ, which would 3144 * be the sum of the lengths of .dynsym and 3145 * .SUNW_ldynsym 3146 * - DT_SUNW_STRPAD can't be verified other than 3147 * to check that it's not larger than 3148 * the string table. 3149 * - Some items come in "all or none" clusters 3150 * that give an address, element size, 3151 * and data length in bytes. We don't 3152 * verify that there are no missing items 3153 * in such groups. 3154 */ 3155 switch (dyn->d_tag) { 3156 case DT_NULL: 3157 /* 3158 * Special case: DT_NULLs can come in groups 3159 * that we prefer to reduce to a single line. 3160 */ 3161 end_ndx = ndx; 3162 while ((end_ndx < (numdyn - 1)) && 3163 ((dyn + 1)->d_tag == DT_NULL)) { 3164 dyn++; 3165 end_ndx++; 3166 } 3167 Elf_dyn_null_entry(0, dyn, ndx, end_ndx); 3168 ndx = end_ndx; 3169 continue; 3170 3171 /* 3172 * String items all reference the dynstr. The string() 3173 * function does the necessary sanity checking. 3174 */ 3175 case DT_NEEDED: 3176 case DT_SONAME: 3177 case DT_FILTER: 3178 case DT_AUXILIARY: 3179 case DT_CONFIG: 3180 case DT_RPATH: 3181 case DT_RUNPATH: 3182 case DT_USED: 3183 case DT_DEPAUDIT: 3184 case DT_AUDIT: 3185 name = string(_cache, ndx, strsec, 3186 file, dyn->d_un.d_ptr); 3187 break; 3188 3189 case DT_SUNW_AUXILIARY: 3190 case DT_SUNW_FILTER: 3191 if (osabi_solaris) 3192 name = string(_cache, ndx, strsec, 3193 file, dyn->d_un.d_ptr); 3194 break; 3195 3196 case DT_FLAGS: 3197 name = conv_dyn_flag(dyn->d_un.d_val, 3198 0, &c_buf.flag); 3199 break; 3200 case DT_FLAGS_1: 3201 name = conv_dyn_flag1(dyn->d_un.d_val, 0, 3202 &c_buf.flag1); 3203 break; 3204 case DT_POSFLAG_1: 3205 name = conv_dyn_posflag1(dyn->d_un.d_val, 0, 3206 &c_buf.posflag1); 3207 break; 3208 case DT_FEATURE_1: 3209 name = conv_dyn_feature1(dyn->d_un.d_val, 0, 3210 &c_buf.feature1); 3211 break; 3212 case DT_DEPRECATED_SPARC_REGISTER: 3213 name = MSG_INTL(MSG_STR_DEPRECATED); 3214 break; 3215 3216 case DT_SUNW_LDMACH: 3217 if (!osabi_solaris) 3218 break; 3219 name = conv_ehdr_mach((Half)dyn->d_un.d_val, 3220 0, &c_buf.inv); 3221 break; 3222 3223 /* 3224 * Cases below this point are strictly sanity checking, 3225 * and do not generate a name string. The TEST_ macros 3226 * are used to hide the boiler plate arguments neeeded 3227 * by dyn_test(). 3228 */ 3229 #define TEST_ADDR(_sh_type, _sec_field) \ 3230 dyn_test(DYN_TEST_ADDR, _sh_type, \ 3231 sec._sec_field, dyn, dynsec_cnt, ehdr, \ 3232 osabi, file) 3233 #define TEST_SIZE(_sh_type, _sec_field) \ 3234 dyn_test(DYN_TEST_SIZE, _sh_type, \ 3235 sec._sec_field, dyn, dynsec_cnt, ehdr, \ 3236 osabi, file) 3237 #define TEST_ENTSIZE(_sh_type, _sec_field) \ 3238 dyn_test(DYN_TEST_ENTSIZE, _sh_type, \ 3239 sec._sec_field, dyn, dynsec_cnt, ehdr, \ 3240 osabi, file) 3241 3242 case DT_FINI: 3243 dyn_symtest(dyn, MSG_ORIG(MSG_SYM_FINI), 3244 sec.symtab, sec.dynsym, sec.sunw_ldynsym, 3245 sec.fini, cache, shnum, ehdr, osabi, file); 3246 TEST_ADDR(SHT_PROGBITS, fini); 3247 break; 3248 3249 case DT_FINI_ARRAY: 3250 TEST_ADDR(SHT_FINI_ARRAY, fini_array); 3251 break; 3252 3253 case DT_FINI_ARRAYSZ: 3254 TEST_SIZE(SHT_FINI_ARRAY, fini_array); 3255 break; 3256 3257 case DT_HASH: 3258 TEST_ADDR(SHT_HASH, hash); 3259 break; 3260 3261 case DT_INIT: 3262 dyn_symtest(dyn, MSG_ORIG(MSG_SYM_INIT), 3263 sec.symtab, sec.dynsym, sec.sunw_ldynsym, 3264 sec.init, cache, shnum, ehdr, osabi, file); 3265 TEST_ADDR(SHT_PROGBITS, init); 3266 break; 3267 3268 case DT_INIT_ARRAY: 3269 TEST_ADDR(SHT_INIT_ARRAY, init_array); 3270 break; 3271 3272 case DT_INIT_ARRAYSZ: 3273 TEST_SIZE(SHT_INIT_ARRAY, init_array); 3274 break; 3275 3276 case DT_MOVEENT: 3277 TEST_ENTSIZE(SHT_SUNW_move, sunw_move); 3278 break; 3279 3280 case DT_MOVESZ: 3281 TEST_SIZE(SHT_SUNW_move, sunw_move); 3282 break; 3283 3284 case DT_MOVETAB: 3285 TEST_ADDR(SHT_SUNW_move, sunw_move); 3286 break; 3287 3288 case DT_PREINIT_ARRAY: 3289 TEST_ADDR(SHT_PREINIT_ARRAY, preinit_array); 3290 break; 3291 3292 case DT_PREINIT_ARRAYSZ: 3293 TEST_SIZE(SHT_PREINIT_ARRAY, preinit_array); 3294 break; 3295 3296 case DT_REL: 3297 if (!dumped) 3298 TEST_ADDR(SHT_REL, rel); 3299 break; 3300 3301 case DT_RELENT: 3302 TEST_ENTSIZE(SHT_REL, rel); 3303 break; 3304 3305 case DT_RELA: 3306 if (!dumped) 3307 TEST_ADDR(SHT_RELA, rela); 3308 break; 3309 3310 case DT_RELAENT: 3311 TEST_ENTSIZE(SHT_RELA, rela); 3312 break; 3313 3314 case DT_STRTAB: 3315 TEST_ADDR(SHT_STRTAB, dynstr); 3316 break; 3317 3318 case DT_STRSZ: 3319 TEST_SIZE(SHT_STRTAB, dynstr); 3320 break; 3321 3322 case DT_SUNW_CAP: 3323 if (osabi_solaris) 3324 TEST_ADDR(SHT_SUNW_cap, sunw_cap); 3325 break; 3326 3327 case DT_SUNW_CAPINFO: 3328 if (osabi_solaris) 3329 TEST_ADDR(SHT_SUNW_capinfo, 3330 sunw_capinfo); 3331 break; 3332 3333 case DT_SUNW_CAPCHAIN: 3334 if (osabi_solaris) 3335 TEST_ADDR(SHT_SUNW_capchain, 3336 sunw_capchain); 3337 break; 3338 3339 case DT_SUNW_SYMTAB: 3340 TEST_ADDR(SHT_SUNW_LDYNSYM, sunw_ldynsym); 3341 break; 3342 3343 case DT_SYMENT: 3344 TEST_ENTSIZE(SHT_DYNSYM, dynsym); 3345 break; 3346 3347 case DT_SYMINENT: 3348 TEST_ENTSIZE(SHT_SUNW_syminfo, sunw_syminfo); 3349 break; 3350 3351 case DT_SYMINFO: 3352 TEST_ADDR(SHT_SUNW_syminfo, sunw_syminfo); 3353 break; 3354 3355 case DT_SYMINSZ: 3356 TEST_SIZE(SHT_SUNW_syminfo, sunw_syminfo); 3357 break; 3358 3359 case DT_SYMTAB: 3360 TEST_ADDR(SHT_DYNSYM, dynsym); 3361 break; 3362 3363 case DT_SUNW_SORTENT: 3364 /* 3365 * This entry is related to both the symsort and 3366 * tlssort sections. 3367 */ 3368 if (osabi_solaris) { 3369 int test_tls = 3370 (sec.sunw_tlssort != NULL); 3371 int test_sym = 3372 (sec.sunw_symsort != NULL) || 3373 !test_tls; 3374 if (test_sym) 3375 TEST_ENTSIZE(SHT_SUNW_symsort, 3376 sunw_symsort); 3377 if (test_tls) 3378 TEST_ENTSIZE(SHT_SUNW_tlssort, 3379 sunw_tlssort); 3380 } 3381 break; 3382 3383 3384 case DT_SUNW_SYMSORT: 3385 if (osabi_solaris) 3386 TEST_ADDR(SHT_SUNW_symsort, 3387 sunw_symsort); 3388 break; 3389 3390 case DT_SUNW_SYMSORTSZ: 3391 if (osabi_solaris) 3392 TEST_SIZE(SHT_SUNW_symsort, 3393 sunw_symsort); 3394 break; 3395 3396 case DT_SUNW_TLSSORT: 3397 if (osabi_solaris) 3398 TEST_ADDR(SHT_SUNW_tlssort, 3399 sunw_tlssort); 3400 break; 3401 3402 case DT_SUNW_TLSSORTSZ: 3403 if (osabi_solaris) 3404 TEST_SIZE(SHT_SUNW_tlssort, 3405 sunw_tlssort); 3406 break; 3407 3408 case DT_VERDEF: 3409 TEST_ADDR(SHT_SUNW_verdef, sunw_verdef); 3410 break; 3411 3412 case DT_VERNEED: 3413 TEST_ADDR(SHT_SUNW_verneed, sunw_verneed); 3414 break; 3415 3416 case DT_VERSYM: 3417 TEST_ADDR(SHT_SUNW_versym, sunw_versym); 3418 break; 3419 #undef TEST_ADDR 3420 #undef TEST_SIZE 3421 #undef TEST_ENTSIZE 3422 } 3423 3424 if (name == NULL) 3425 name = MSG_ORIG(MSG_STR_EMPTY); 3426 Elf_dyn_entry(0, dyn, ndx, name, 3427 osabi, ehdr->e_machine); 3428 } 3429 } 3430 } 3431 3432 /* 3433 * Search for and process a MOVE section. 3434 */ 3435 static void 3436 move(Cache *cache, Word shnum, const char *file, uint_t flags) 3437 { 3438 Word cnt; 3439 const char *fmt = NULL; 3440 3441 for (cnt = 1; cnt < shnum; cnt++) { 3442 Word movenum, symnum, ndx; 3443 Sym *syms; 3444 Cache *_cache = &cache[cnt]; 3445 Shdr *shdr = _cache->c_shdr; 3446 Cache *symsec, *strsec; 3447 Move *move; 3448 3449 if (shdr->sh_type != SHT_SUNW_move) 3450 continue; 3451 if (!match(MATCH_F_ALL, _cache->c_name, cnt, shdr->sh_type)) 3452 continue; 3453 3454 /* 3455 * Determine the move data and number. 3456 */ 3457 if ((shdr->sh_entsize == 0) || (shdr->sh_size == 0)) { 3458 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3459 file, _cache->c_name); 3460 continue; 3461 } 3462 if (_cache->c_data == NULL) 3463 continue; 3464 3465 move = (Move *)_cache->c_data->d_buf; 3466 movenum = shdr->sh_size / shdr->sh_entsize; 3467 3468 /* 3469 * Get the data buffer for the associated symbol table and 3470 * string table. 3471 */ 3472 if (stringtbl(cache, 1, cnt, shnum, file, 3473 &symnum, &symsec, &strsec) == 0) 3474 return; 3475 3476 syms = (Sym *)symsec->c_data->d_buf; 3477 3478 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3479 dbg_print(0, MSG_INTL(MSG_ELF_SCN_MOVE), _cache->c_name); 3480 dbg_print(0, MSG_INTL(MSG_MOVE_TITLE)); 3481 3482 if (fmt == NULL) 3483 fmt = MSG_INTL(MSG_MOVE_ENTRY); 3484 3485 for (ndx = 0; ndx < movenum; move++, ndx++) { 3486 const char *symname; 3487 char index[MAXNDXSIZE], section[BUFSIZ]; 3488 Word symndx, shndx; 3489 Sym *sym; 3490 3491 /* 3492 * Check for null entries 3493 */ 3494 if ((move->m_info == 0) && (move->m_value == 0) && 3495 (move->m_poffset == 0) && (move->m_repeat == 0) && 3496 (move->m_stride == 0)) { 3497 dbg_print(0, fmt, MSG_ORIG(MSG_STR_EMPTY), 3498 EC_XWORD(move->m_poffset), 0, 0, 0, 3499 EC_LWORD(0), MSG_ORIG(MSG_STR_EMPTY)); 3500 continue; 3501 } 3502 if (((symndx = ELF_M_SYM(move->m_info)) == 0) || 3503 (symndx >= symnum)) { 3504 (void) fprintf(stderr, 3505 MSG_INTL(MSG_ERR_BADMINFO), file, 3506 _cache->c_name, EC_XWORD(move->m_info)); 3507 3508 (void) snprintf(index, MAXNDXSIZE, 3509 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(symndx)); 3510 dbg_print(0, fmt, index, 3511 EC_XWORD(move->m_poffset), 3512 ELF_M_SIZE(move->m_info), move->m_repeat, 3513 move->m_stride, move->m_value, 3514 MSG_INTL(MSG_STR_UNKNOWN)); 3515 continue; 3516 } 3517 3518 symname = relsymname(cache, _cache, strsec, 3519 symndx, symnum, ndx, syms, section, BUFSIZ, file); 3520 sym = (Sym *)(syms + symndx); 3521 3522 /* 3523 * Additional sanity check. 3524 */ 3525 shndx = sym->st_shndx; 3526 if (!((shndx == SHN_COMMON) || 3527 (((shndx >= 1) && (shndx <= shnum)) && 3528 (cache[shndx].c_shdr)->sh_type == SHT_NOBITS))) { 3529 (void) fprintf(stderr, 3530 MSG_INTL(MSG_ERR_BADSYM2), file, 3531 _cache->c_name, EC_WORD(symndx), 3532 demangle(symname, flags)); 3533 } 3534 3535 (void) snprintf(index, MAXNDXSIZE, 3536 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(symndx)); 3537 dbg_print(0, fmt, index, EC_XWORD(move->m_poffset), 3538 ELF_M_SIZE(move->m_info), move->m_repeat, 3539 move->m_stride, move->m_value, 3540 demangle(symname, flags)); 3541 } 3542 } 3543 } 3544 3545 /* 3546 * parse_note_t is used to track the state used by parse_note_entry() 3547 * between calls, and also to return the results of each call. 3548 */ 3549 typedef struct { 3550 /* pns_ fields track progress through the data */ 3551 const char *pns_file; /* File name */ 3552 Cache *pns_cache; /* Note section cache entry */ 3553 size_t pns_size; /* # unprocessed data bytes */ 3554 Word *pns_data; /* # to next unused data byte */ 3555 3556 /* pn_ fields return the results for a single call */ 3557 Word pn_namesz; /* Value of note namesz field */ 3558 Word pn_descsz; /* Value of note descsz field */ 3559 Word pn_type; /* Value of note type field */ 3560 const char *pn_name; /* if (namesz > 0) ptr to name bytes */ 3561 const char *pn_desc; /* if (descsx > 0) ptr to data bytes */ 3562 } parse_note_t; 3563 3564 /* 3565 * Extract the various sub-parts of a note entry, and advance the 3566 * data pointer past it. 3567 * 3568 * entry: 3569 * The state pns_ fields contain current values for the Note section 3570 * 3571 * exit: 3572 * On success, True (1) is returned, the state pns_ fields have been 3573 * advanced to point at the start of the next entry, and the information 3574 * for the recovered note entry is found in the state pn_ fields. 3575 * 3576 * On failure, False (0) is returned. The values contained in state 3577 * are undefined. 3578 */ 3579 static int 3580 parse_note_entry(parse_note_t *state) 3581 { 3582 size_t pad, noteoff; 3583 3584 noteoff = (Word)state->pns_cache->c_data->d_size - state->pns_size; 3585 /* 3586 * Make sure we can at least reference the 3 initial entries 3587 * (4-byte words) of the note information block. 3588 */ 3589 if (state->pns_size >= (sizeof (Word) * 3)) { 3590 state->pns_size -= (sizeof (Word) * 3); 3591 } else { 3592 (void) fprintf(stderr, MSG_INTL(MSG_NOTE_BADDATASZ), 3593 state->pns_file, state->pns_cache->c_name, 3594 EC_WORD(noteoff)); 3595 return (0); 3596 } 3597 3598 /* 3599 * Make sure any specified name string can be referenced. 3600 */ 3601 if ((state->pn_namesz = *state->pns_data++) != 0) { 3602 if (state->pns_size >= state->pn_namesz) { 3603 state->pns_size -= state->pn_namesz; 3604 } else { 3605 (void) fprintf(stderr, MSG_INTL(MSG_NOTE_BADNMSZ), 3606 state->pns_file, state->pns_cache->c_name, 3607 EC_WORD(noteoff), EC_WORD(state->pn_namesz)); 3608 return (0); 3609 } 3610 } 3611 3612 /* 3613 * Make sure any specified descriptor can be referenced. 3614 */ 3615 if ((state->pn_descsz = *state->pns_data++) != 0) { 3616 /* 3617 * If namesz isn't a 4-byte multiple, account for any 3618 * padding that must exist before the descriptor. 3619 */ 3620 if ((pad = (state->pn_namesz & (sizeof (Word) - 1))) != 0) { 3621 pad = sizeof (Word) - pad; 3622 state->pns_size -= pad; 3623 } 3624 if (state->pns_size >= state->pn_descsz) { 3625 state->pns_size -= state->pn_descsz; 3626 } else { 3627 (void) fprintf(stderr, MSG_INTL(MSG_NOTE_BADDESZ), 3628 state->pns_file, state->pns_cache->c_name, 3629 EC_WORD(noteoff), EC_WORD(state->pn_namesz)); 3630 return (0); 3631 } 3632 } 3633 3634 state->pn_type = *state->pns_data++; 3635 3636 /* Name */ 3637 if (state->pn_namesz) { 3638 state->pn_name = (char *)state->pns_data; 3639 pad = (state->pn_namesz + 3640 (sizeof (Word) - 1)) & ~(sizeof (Word) - 1); 3641 /* LINTED */ 3642 state->pns_data = (Word *)(state->pn_name + pad); 3643 } 3644 3645 /* 3646 * If multiple information blocks exist within a .note section 3647 * account for any padding that must exist before the next 3648 * information block. 3649 */ 3650 if ((pad = (state->pn_descsz & (sizeof (Word) - 1))) != 0) { 3651 pad = sizeof (Word) - pad; 3652 if (state->pns_size > pad) 3653 state->pns_size -= pad; 3654 } 3655 3656 /* Data */ 3657 if (state->pn_descsz) { 3658 state->pn_desc = (const char *)state->pns_data; 3659 /* LINTED */ 3660 state->pns_data = (Word *)(state->pn_desc + 3661 state->pn_descsz + pad); 3662 } 3663 3664 return (1); 3665 } 3666 3667 /* 3668 * Callback function for use with conv_str_to_c_literal() below. 3669 */ 3670 /*ARGSUSED2*/ 3671 static void 3672 c_literal_cb(const void *ptr, size_t size, void *uvalue) 3673 { 3674 (void) fwrite(ptr, size, 1, stdout); 3675 } 3676 3677 /* 3678 * Traverse a note section analyzing each note information block. 3679 * The data buffers size is used to validate references before they are made, 3680 * and is decremented as each element is processed. 3681 */ 3682 void 3683 note_entry(Cache *cache, Word *data, size_t size, Ehdr *ehdr, const char *file) 3684 { 3685 int cnt = 0; 3686 int is_corenote; 3687 int do_swap; 3688 Conv_inv_buf_t inv_buf; 3689 parse_note_t pnstate; 3690 3691 pnstate.pns_file = file; 3692 pnstate.pns_cache = cache; 3693 pnstate.pns_size = size; 3694 pnstate.pns_data = data; 3695 do_swap = _elf_sys_encoding() != ehdr->e_ident[EI_DATA]; 3696 3697 /* 3698 * Print out a single `note' information block. 3699 */ 3700 while (pnstate.pns_size > 0) { 3701 3702 if (parse_note_entry(&pnstate) == 0) 3703 return; 3704 3705 /* 3706 * Is this a Solaris core note? Such notes all have 3707 * the name "CORE". 3708 */ 3709 is_corenote = (ehdr->e_type == ET_CORE) && 3710 (pnstate.pn_namesz == (MSG_STR_CORE_SIZE + 1)) && 3711 (strncmp(MSG_ORIG(MSG_STR_CORE), pnstate.pn_name, 3712 MSG_STR_CORE_SIZE + 1) == 0); 3713 3714 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3715 dbg_print(0, MSG_INTL(MSG_FMT_NOTEENTNDX), EC_WORD(cnt)); 3716 cnt++; 3717 dbg_print(0, MSG_ORIG(MSG_NOTE_NAMESZ), 3718 EC_WORD(pnstate.pn_namesz)); 3719 dbg_print(0, MSG_ORIG(MSG_NOTE_DESCSZ), 3720 EC_WORD(pnstate.pn_descsz)); 3721 3722 if (is_corenote) 3723 dbg_print(0, MSG_ORIG(MSG_NOTE_TYPE_STR), 3724 conv_cnote_type(pnstate.pn_type, 0, &inv_buf)); 3725 else 3726 dbg_print(0, MSG_ORIG(MSG_NOTE_TYPE), 3727 EC_WORD(pnstate.pn_type)); 3728 if (pnstate.pn_namesz) { 3729 dbg_print(0, MSG_ORIG(MSG_NOTE_NAME)); 3730 /* 3731 * The name string can contain embedded 'null' 3732 * bytes and/or unprintable characters. Also, 3733 * the final NULL is documented in the ELF ABI 3734 * as being included in the namesz. So, display 3735 * the name using C literal string notation, and 3736 * include the terminating NULL in the output. 3737 * We don't show surrounding double quotes, as 3738 * that implies the termination that we are showing 3739 * explicitly. 3740 */ 3741 (void) fwrite(MSG_ORIG(MSG_STR_8SP), 3742 MSG_STR_8SP_SIZE, 1, stdout); 3743 conv_str_to_c_literal(pnstate.pn_name, 3744 pnstate.pn_namesz, c_literal_cb, NULL); 3745 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3746 } 3747 3748 if (pnstate.pn_descsz) { 3749 int hexdump = 1; 3750 3751 /* 3752 * If this is a core note, let the corenote() 3753 * function handle it. 3754 */ 3755 if (is_corenote) { 3756 /* We only issue the bad arch error once */ 3757 static int badnote_done = 0; 3758 corenote_ret_t corenote_ret; 3759 3760 corenote_ret = corenote(ehdr->e_machine, 3761 do_swap, pnstate.pn_type, pnstate.pn_desc, 3762 pnstate.pn_descsz); 3763 switch (corenote_ret) { 3764 case CORENOTE_R_OK_DUMP: 3765 hexdump = 1; 3766 break; 3767 case CORENOTE_R_OK: 3768 hexdump = 0; 3769 break; 3770 case CORENOTE_R_BADDATA: 3771 (void) fprintf(stderr, 3772 MSG_INTL(MSG_NOTE_BADCOREDATA), 3773 file); 3774 break; 3775 case CORENOTE_R_BADARCH: 3776 if (badnote_done) 3777 break; 3778 (void) fprintf(stderr, 3779 MSG_INTL(MSG_NOTE_BADCOREARCH), 3780 file, 3781 conv_ehdr_mach(ehdr->e_machine, 3782 0, &inv_buf)); 3783 break; 3784 case CORENOTE_R_BADTYPE: 3785 (void) fprintf(stderr, 3786 MSG_INTL(MSG_NOTE_BADCORETYPE), 3787 file, 3788 EC_WORD(pnstate.pn_type)); 3789 break; 3790 3791 } 3792 } 3793 3794 /* 3795 * The default thing when we don't understand 3796 * the note data is to display it as hex bytes. 3797 */ 3798 if (hexdump) { 3799 dbg_print(0, MSG_ORIG(MSG_NOTE_DESC)); 3800 dump_hex_bytes(pnstate.pn_desc, 3801 pnstate.pn_descsz, 8, 4, 4); 3802 } 3803 } 3804 } 3805 } 3806 3807 /* 3808 * Search for and process .note sections. 3809 * 3810 * Returns the number of note sections seen. 3811 */ 3812 static Word 3813 note(Cache *cache, Word shnum, Ehdr *ehdr, const char *file) 3814 { 3815 Word cnt, note_cnt = 0; 3816 3817 /* 3818 * Otherwise look for any .note sections. 3819 */ 3820 for (cnt = 1; cnt < shnum; cnt++) { 3821 Cache *_cache = &cache[cnt]; 3822 Shdr *shdr = _cache->c_shdr; 3823 3824 if (shdr->sh_type != SHT_NOTE) 3825 continue; 3826 note_cnt++; 3827 if (!match(MATCH_F_ALL, _cache->c_name, cnt, shdr->sh_type)) 3828 continue; 3829 3830 /* 3831 * As these sections are often hand rolled, make sure they're 3832 * properly aligned before proceeding, and issue an error 3833 * as necessary. 3834 * 3835 * Note that we will continue on to display the note even 3836 * if it has bad alignment. We can do this safely, because 3837 * libelf knows the alignment required for SHT_NOTE, and 3838 * takes steps to deliver a properly aligned buffer to us 3839 * even if the actual file is misaligned. 3840 */ 3841 if (shdr->sh_offset & (sizeof (Word) - 1)) 3842 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADALIGN), 3843 file, _cache->c_name); 3844 3845 if (_cache->c_data == NULL) 3846 continue; 3847 3848 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 3849 dbg_print(0, MSG_INTL(MSG_ELF_SCN_NOTE), _cache->c_name); 3850 note_entry(_cache, (Word *)_cache->c_data->d_buf, 3851 /* LINTED */ 3852 (Word)_cache->c_data->d_size, ehdr, file); 3853 } 3854 3855 return (note_cnt); 3856 } 3857 3858 /* 3859 * The Linux Standard Base defines a special note named .note.ABI-tag 3860 * that is used to maintain Linux ABI information. Presence of this section 3861 * is a strong indication that the object should be considered to be 3862 * ELFOSABI_LINUX. 3863 * 3864 * This function returns True (1) if such a note is seen, and False (0) 3865 * otherwise. 3866 */ 3867 static int 3868 has_linux_abi_note(Cache *cache, Word shnum, const char *file) 3869 { 3870 Word cnt; 3871 3872 for (cnt = 1; cnt < shnum; cnt++) { 3873 parse_note_t pnstate; 3874 Cache *_cache = &cache[cnt]; 3875 Shdr *shdr = _cache->c_shdr; 3876 3877 /* 3878 * Section must be SHT_NOTE, must have the name 3879 * .note.ABI-tag, and must have data. 3880 */ 3881 if ((shdr->sh_type != SHT_NOTE) || 3882 (strcmp(MSG_ORIG(MSG_STR_NOTEABITAG), 3883 _cache->c_name) != 0) || (_cache->c_data == NULL)) 3884 continue; 3885 3886 pnstate.pns_file = file; 3887 pnstate.pns_cache = _cache; 3888 pnstate.pns_size = _cache->c_data->d_size; 3889 pnstate.pns_data = (Word *)_cache->c_data->d_buf; 3890 3891 while (pnstate.pns_size > 0) { 3892 Word *w; 3893 3894 if (parse_note_entry(&pnstate) == 0) 3895 break; 3896 3897 /* 3898 * The type must be 1, and the name must be "GNU". 3899 * The descsz must be at least 16 bytes. 3900 */ 3901 if ((pnstate.pn_type != 1) || 3902 (pnstate.pn_namesz != (MSG_STR_GNU_SIZE + 1)) || 3903 (strncmp(MSG_ORIG(MSG_STR_GNU), pnstate.pn_name, 3904 MSG_STR_CORE_SIZE + 1) != 0) || 3905 (pnstate.pn_descsz < 16)) 3906 continue; 3907 3908 /* 3909 * desc contains 4 32-bit fields. Field 0 must be 0, 3910 * indicating Linux. The second, third, and fourth 3911 * fields represent the earliest Linux kernel 3912 * version compatible with this object. 3913 */ 3914 /*LINTED*/ 3915 w = (Word *) pnstate.pn_desc; 3916 if (*w == 0) 3917 return (1); 3918 } 3919 } 3920 3921 return (0); 3922 } 3923 3924 /* 3925 * Determine an individual hash entry. This may be the initial hash entry, 3926 * or an associated chain entry. 3927 */ 3928 static void 3929 hash_entry(Cache *refsec, Cache *strsec, const char *hsecname, Word hashndx, 3930 Word symndx, Word symn, Sym *syms, const char *file, ulong_t bkts, 3931 uint_t flags, int chain) 3932 { 3933 Sym *sym; 3934 const char *symname, *str; 3935 char _bucket[MAXNDXSIZE], _symndx[MAXNDXSIZE]; 3936 ulong_t nbkt, nhash; 3937 3938 if (symndx > symn) { 3939 (void) fprintf(stderr, MSG_INTL(MSG_ERR_HSBADSYMNDX), file, 3940 EC_WORD(symndx), EC_WORD(hashndx)); 3941 symname = MSG_INTL(MSG_STR_UNKNOWN); 3942 } else { 3943 sym = (Sym *)(syms + symndx); 3944 symname = string(refsec, symndx, strsec, file, sym->st_name); 3945 } 3946 3947 if (chain == 0) { 3948 (void) snprintf(_bucket, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INTEGER), 3949 hashndx); 3950 str = (const char *)_bucket; 3951 } else 3952 str = MSG_ORIG(MSG_STR_EMPTY); 3953 3954 (void) snprintf(_symndx, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INDEX2), 3955 EC_WORD(symndx)); 3956 dbg_print(0, MSG_ORIG(MSG_FMT_HASH_INFO), str, _symndx, 3957 demangle(symname, flags)); 3958 3959 /* 3960 * Determine if this string is in the correct bucket. 3961 */ 3962 nhash = elf_hash(symname); 3963 nbkt = nhash % bkts; 3964 3965 if (nbkt != hashndx) { 3966 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADHASH), file, 3967 hsecname, symname, EC_WORD(hashndx), nbkt); 3968 } 3969 } 3970 3971 #define MAXCOUNT 500 3972 3973 static void 3974 hash(Cache *cache, Word shnum, const char *file, uint_t flags) 3975 { 3976 static int count[MAXCOUNT]; 3977 Word cnt; 3978 ulong_t ndx, bkts; 3979 char number[MAXNDXSIZE]; 3980 3981 for (cnt = 1; cnt < shnum; cnt++) { 3982 uint_t *hash, *chain; 3983 Cache *_cache = &cache[cnt]; 3984 Shdr *sshdr, *hshdr = _cache->c_shdr; 3985 char *ssecname, *hsecname = _cache->c_name; 3986 Sym *syms; 3987 Word symn; 3988 3989 if (hshdr->sh_type != SHT_HASH) 3990 continue; 3991 3992 /* 3993 * Determine the hash table data and size. 3994 */ 3995 if ((hshdr->sh_entsize == 0) || (hshdr->sh_size == 0)) { 3996 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 3997 file, hsecname); 3998 continue; 3999 } 4000 if (_cache->c_data == NULL) 4001 continue; 4002 4003 hash = (uint_t *)_cache->c_data->d_buf; 4004 bkts = *hash; 4005 chain = hash + 2 + bkts; 4006 hash += 2; 4007 4008 /* 4009 * Get the data buffer for the associated symbol table. 4010 */ 4011 if ((hshdr->sh_link == 0) || (hshdr->sh_link >= shnum)) { 4012 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 4013 file, hsecname, EC_WORD(hshdr->sh_link)); 4014 continue; 4015 } 4016 4017 _cache = &cache[hshdr->sh_link]; 4018 ssecname = _cache->c_name; 4019 4020 if (_cache->c_data == NULL) 4021 continue; 4022 4023 if ((syms = (Sym *)_cache->c_data->d_buf) == NULL) { 4024 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 4025 file, ssecname); 4026 continue; 4027 } 4028 4029 sshdr = _cache->c_shdr; 4030 4031 if ((sshdr->sh_entsize == 0) || (sshdr->sh_size == 0)) { 4032 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 4033 file, ssecname); 4034 continue; 4035 } 4036 4037 /* LINTED */ 4038 symn = (Word)(sshdr->sh_size / sshdr->sh_entsize); 4039 4040 /* 4041 * Get the associated string table section. 4042 */ 4043 if ((sshdr->sh_link == 0) || (sshdr->sh_link >= shnum)) { 4044 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHLINK), 4045 file, ssecname, EC_WORD(sshdr->sh_link)); 4046 continue; 4047 } 4048 4049 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4050 dbg_print(0, MSG_INTL(MSG_ELF_SCN_HASH), hsecname); 4051 dbg_print(0, MSG_INTL(MSG_ELF_HASH_INFO)); 4052 4053 /* 4054 * Loop through the hash buckets, printing the appropriate 4055 * symbols. 4056 */ 4057 for (ndx = 0; ndx < bkts; ndx++, hash++) { 4058 Word _ndx, _cnt; 4059 4060 if (*hash == 0) { 4061 count[0]++; 4062 continue; 4063 } 4064 4065 hash_entry(_cache, &cache[sshdr->sh_link], hsecname, 4066 ndx, *hash, symn, syms, file, bkts, flags, 0); 4067 4068 /* 4069 * Determine if any other symbols are chained to this 4070 * bucket. 4071 */ 4072 _ndx = chain[*hash]; 4073 _cnt = 1; 4074 while (_ndx) { 4075 hash_entry(_cache, &cache[sshdr->sh_link], 4076 hsecname, ndx, _ndx, symn, syms, file, 4077 bkts, flags, 1); 4078 _ndx = chain[_ndx]; 4079 _cnt++; 4080 } 4081 4082 if (_cnt >= MAXCOUNT) { 4083 (void) fprintf(stderr, 4084 MSG_INTL(MSG_HASH_OVERFLW), file, 4085 _cache->c_name, EC_WORD(ndx), 4086 EC_WORD(_cnt)); 4087 } else 4088 count[_cnt]++; 4089 } 4090 break; 4091 } 4092 4093 /* 4094 * Print out the count information. 4095 */ 4096 bkts = cnt = 0; 4097 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4098 4099 for (ndx = 0; ndx < MAXCOUNT; ndx++) { 4100 Word _cnt; 4101 4102 if ((_cnt = count[ndx]) == 0) 4103 continue; 4104 4105 (void) snprintf(number, MAXNDXSIZE, 4106 MSG_ORIG(MSG_FMT_INTEGER), _cnt); 4107 dbg_print(0, MSG_INTL(MSG_ELF_HASH_BKTS1), number, 4108 EC_WORD(ndx)); 4109 bkts += _cnt; 4110 cnt += (Word)(ndx * _cnt); 4111 } 4112 if (cnt) { 4113 (void) snprintf(number, MAXNDXSIZE, MSG_ORIG(MSG_FMT_INTEGER), 4114 bkts); 4115 dbg_print(0, MSG_INTL(MSG_ELF_HASH_BKTS2), number, 4116 EC_WORD(cnt)); 4117 } 4118 } 4119 4120 static void 4121 group(Cache *cache, Word shnum, const char *file, uint_t flags) 4122 { 4123 Word scnt; 4124 4125 for (scnt = 1; scnt < shnum; scnt++) { 4126 Cache *_cache = &cache[scnt]; 4127 Shdr *shdr = _cache->c_shdr; 4128 Word *grpdata, gcnt, grpcnt, symnum, unknown; 4129 Cache *symsec, *strsec; 4130 Sym *syms, *sym; 4131 char flgstrbuf[MSG_GRP_COMDAT_SIZE + 10]; 4132 const char *grpnam; 4133 4134 if (shdr->sh_type != SHT_GROUP) 4135 continue; 4136 if (!match(MATCH_F_ALL, _cache->c_name, scnt, shdr->sh_type)) 4137 continue; 4138 if ((_cache->c_data == NULL) || 4139 ((grpdata = (Word *)_cache->c_data->d_buf) == NULL)) 4140 continue; 4141 grpcnt = shdr->sh_size / sizeof (Word); 4142 4143 /* 4144 * Get the data buffer for the associated symbol table and 4145 * string table. 4146 */ 4147 if (stringtbl(cache, 1, scnt, shnum, file, 4148 &symnum, &symsec, &strsec) == 0) 4149 return; 4150 4151 syms = symsec->c_data->d_buf; 4152 4153 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4154 dbg_print(0, MSG_INTL(MSG_ELF_SCN_GRP), _cache->c_name); 4155 dbg_print(0, MSG_INTL(MSG_GRP_TITLE)); 4156 4157 /* 4158 * The first element of the group defines the group. The 4159 * associated symbol is defined by the sh_link field. 4160 */ 4161 if ((shdr->sh_info == SHN_UNDEF) || (shdr->sh_info > symnum)) { 4162 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHINFO), 4163 file, _cache->c_name, EC_WORD(shdr->sh_info)); 4164 return; 4165 } 4166 4167 (void) strcpy(flgstrbuf, MSG_ORIG(MSG_STR_OSQBRKT)); 4168 if (grpdata[0] & GRP_COMDAT) { 4169 (void) strcat(flgstrbuf, MSG_ORIG(MSG_GRP_COMDAT)); 4170 } 4171 if ((unknown = (grpdata[0] & ~GRP_COMDAT)) != 0) { 4172 size_t len = strlen(flgstrbuf); 4173 4174 (void) snprintf(&flgstrbuf[len], 4175 (MSG_GRP_COMDAT_SIZE + 10 - len), 4176 MSG_ORIG(MSG_GRP_UNKNOWN), unknown); 4177 } 4178 (void) strcat(flgstrbuf, MSG_ORIG(MSG_STR_CSQBRKT)); 4179 sym = (Sym *)(syms + shdr->sh_info); 4180 4181 /* 4182 * The GNU assembler can use section symbols as the signature 4183 * symbol as described by this comment in the gold linker 4184 * (found via google): 4185 * 4186 * It seems that some versions of gas will create a 4187 * section group associated with a section symbol, and 4188 * then fail to give a name to the section symbol. In 4189 * such a case, use the name of the section. 4190 * 4191 * In order to support such objects, we do the same. 4192 */ 4193 grpnam = string(_cache, 0, strsec, file, sym->st_name); 4194 if (((sym->st_name == 0) || (*grpnam == '\0')) && 4195 (ELF_ST_TYPE(sym->st_info) == STT_SECTION)) 4196 grpnam = cache[sym->st_shndx].c_name; 4197 4198 dbg_print(0, MSG_INTL(MSG_GRP_SIGNATURE), flgstrbuf, 4199 demangle(grpnam, flags)); 4200 4201 for (gcnt = 1; gcnt < grpcnt; gcnt++) { 4202 char index[MAXNDXSIZE]; 4203 const char *name; 4204 4205 (void) snprintf(index, MAXNDXSIZE, 4206 MSG_ORIG(MSG_FMT_INDEX), EC_XWORD(gcnt)); 4207 4208 if (grpdata[gcnt] >= shnum) 4209 name = MSG_INTL(MSG_GRP_INVALSCN); 4210 else 4211 name = cache[grpdata[gcnt]].c_name; 4212 4213 (void) printf(MSG_ORIG(MSG_GRP_ENTRY), index, name, 4214 EC_XWORD(grpdata[gcnt])); 4215 } 4216 } 4217 } 4218 4219 static void 4220 got(Cache *cache, Word shnum, Ehdr *ehdr, const char *file) 4221 { 4222 Cache *gotcache = NULL, *symtab = NULL; 4223 Addr gotbgn, gotend; 4224 Shdr *gotshdr; 4225 Word cnt, gotents, gotndx; 4226 size_t gentsize; 4227 Got_info *gottable; 4228 char *gotdata; 4229 Sym *gotsym; 4230 Xword gotsymaddr; 4231 uint_t sys_encoding; 4232 4233 /* 4234 * First, find the got. 4235 */ 4236 for (cnt = 1; cnt < shnum; cnt++) { 4237 if (strncmp(cache[cnt].c_name, MSG_ORIG(MSG_ELF_GOT), 4238 MSG_ELF_GOT_SIZE) == 0) { 4239 gotcache = &cache[cnt]; 4240 break; 4241 } 4242 } 4243 if (gotcache == NULL) 4244 return; 4245 4246 /* 4247 * A got section within a relocatable object is suspicious. 4248 */ 4249 if (ehdr->e_type == ET_REL) { 4250 (void) fprintf(stderr, MSG_INTL(MSG_GOT_UNEXPECTED), file, 4251 gotcache->c_name); 4252 } 4253 4254 gotshdr = gotcache->c_shdr; 4255 if (gotshdr->sh_size == 0) { 4256 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 4257 file, gotcache->c_name); 4258 return; 4259 } 4260 4261 gotbgn = gotshdr->sh_addr; 4262 gotend = gotbgn + gotshdr->sh_size; 4263 4264 /* 4265 * Some architectures don't properly set the sh_entsize for the GOT 4266 * table. If it's not set, default to a size of a pointer. 4267 */ 4268 if ((gentsize = gotshdr->sh_entsize) == 0) 4269 gentsize = sizeof (Xword); 4270 4271 if (gotcache->c_data == NULL) 4272 return; 4273 4274 /* LINTED */ 4275 gotents = (Word)(gotshdr->sh_size / gentsize); 4276 gotdata = gotcache->c_data->d_buf; 4277 4278 if ((gottable = calloc(gotents, sizeof (Got_info))) == 0) { 4279 int err = errno; 4280 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), file, 4281 strerror(err)); 4282 return; 4283 } 4284 4285 /* 4286 * Now we scan through all the sections looking for any relocations 4287 * that may be against the GOT. Since these may not be isolated to a 4288 * .rel[a].got section we check them all. 4289 * While scanning sections save the symbol table entry (a symtab 4290 * overriding a dynsym) so that we can lookup _GLOBAL_OFFSET_TABLE_. 4291 */ 4292 for (cnt = 1; cnt < shnum; cnt++) { 4293 Word type, symnum; 4294 Xword relndx, relnum, relsize; 4295 void *rels; 4296 Sym *syms; 4297 Cache *symsec, *strsec; 4298 Cache *_cache = &cache[cnt]; 4299 Shdr *shdr; 4300 4301 shdr = _cache->c_shdr; 4302 type = shdr->sh_type; 4303 4304 if ((symtab == 0) && (type == SHT_DYNSYM)) { 4305 symtab = _cache; 4306 continue; 4307 } 4308 if (type == SHT_SYMTAB) { 4309 symtab = _cache; 4310 continue; 4311 } 4312 if ((type != SHT_RELA) && (type != SHT_REL)) 4313 continue; 4314 4315 /* 4316 * Decide entry size. 4317 */ 4318 if (((relsize = shdr->sh_entsize) == 0) || 4319 (relsize > shdr->sh_size)) { 4320 if (type == SHT_RELA) 4321 relsize = sizeof (Rela); 4322 else 4323 relsize = sizeof (Rel); 4324 } 4325 4326 /* 4327 * Determine the number of relocations available. 4328 */ 4329 if (shdr->sh_size == 0) { 4330 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 4331 file, _cache->c_name); 4332 continue; 4333 } 4334 if (_cache->c_data == NULL) 4335 continue; 4336 4337 rels = _cache->c_data->d_buf; 4338 relnum = shdr->sh_size / relsize; 4339 4340 /* 4341 * Get the data buffer for the associated symbol table and 4342 * string table. 4343 */ 4344 if (stringtbl(cache, 1, cnt, shnum, file, 4345 &symnum, &symsec, &strsec) == 0) 4346 continue; 4347 4348 syms = symsec->c_data->d_buf; 4349 4350 /* 4351 * Loop through the relocation entries. 4352 */ 4353 for (relndx = 0; relndx < relnum; relndx++, 4354 rels = (void *)((char *)rels + relsize)) { 4355 char section[BUFSIZ]; 4356 Addr offset; 4357 Got_info *gip; 4358 Word symndx, reltype; 4359 Rela *rela; 4360 Rel *rel; 4361 4362 /* 4363 * Unravel the relocation. 4364 */ 4365 if (type == SHT_RELA) { 4366 rela = (Rela *)rels; 4367 symndx = ELF_R_SYM(rela->r_info); 4368 reltype = ELF_R_TYPE(rela->r_info, 4369 ehdr->e_machine); 4370 offset = rela->r_offset; 4371 } else { 4372 rel = (Rel *)rels; 4373 symndx = ELF_R_SYM(rel->r_info); 4374 reltype = ELF_R_TYPE(rel->r_info, 4375 ehdr->e_machine); 4376 offset = rel->r_offset; 4377 } 4378 4379 /* 4380 * Only pay attention to relocations against the GOT. 4381 */ 4382 if ((offset < gotbgn) || (offset >= gotend)) 4383 continue; 4384 4385 if ((gotshdr->sh_entsize == 0) || 4386 (gotshdr->sh_size == 0)) { 4387 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSZ), 4388 file, gotcache->c_name); 4389 continue; 4390 } 4391 4392 /* LINTED */ 4393 gotndx = (Word)((offset - gotbgn) / 4394 gotshdr->sh_entsize); 4395 gip = &gottable[gotndx]; 4396 4397 if (gip->g_reltype != 0) { 4398 (void) fprintf(stderr, 4399 MSG_INTL(MSG_GOT_MULTIPLE), file, 4400 EC_WORD(gotndx), EC_ADDR(offset)); 4401 continue; 4402 } 4403 4404 if (symndx) 4405 gip->g_symname = relsymname(cache, _cache, 4406 strsec, symndx, symnum, relndx, syms, 4407 section, BUFSIZ, file); 4408 gip->g_reltype = reltype; 4409 gip->g_rel = rels; 4410 } 4411 } 4412 4413 if (symlookup(MSG_ORIG(MSG_SYM_GOT), cache, shnum, &gotsym, NULL, 4414 symtab, file)) 4415 gotsymaddr = gotsym->st_value; 4416 else 4417 gotsymaddr = gotbgn; 4418 4419 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4420 dbg_print(0, MSG_INTL(MSG_ELF_SCN_GOT), gotcache->c_name); 4421 Elf_got_title(0); 4422 4423 sys_encoding = _elf_sys_encoding(); 4424 for (gotndx = 0; gotndx < gotents; gotndx++) { 4425 Got_info *gip; 4426 Sword gindex; 4427 Addr gaddr; 4428 Xword gotentry; 4429 4430 gip = &gottable[gotndx]; 4431 4432 gaddr = gotbgn + (gotndx * gentsize); 4433 gindex = (Sword)(gaddr - gotsymaddr) / (Sword)gentsize; 4434 4435 if (gentsize == sizeof (Word)) 4436 /* LINTED */ 4437 gotentry = (Xword)(*((Word *)(gotdata) + gotndx)); 4438 else 4439 /* LINTED */ 4440 gotentry = *((Xword *)(gotdata) + gotndx); 4441 4442 Elf_got_entry(0, gindex, gaddr, gotentry, ehdr->e_machine, 4443 ehdr->e_ident[EI_DATA], sys_encoding, 4444 gip->g_reltype, gip->g_rel, gip->g_symname); 4445 } 4446 free(gottable); 4447 } 4448 4449 void 4450 checksum(Elf *elf) 4451 { 4452 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4453 dbg_print(0, MSG_INTL(MSG_STR_CHECKSUM), elf_checksum(elf)); 4454 } 4455 4456 /* 4457 * This variable is used by regular() to communicate the address of 4458 * the section header cache to sort_shdr_ndx_arr(). Unfortunately, 4459 * the qsort() interface does not include a userdata argument by which 4460 * such arbitrary data can be passed, so we are stuck using global data. 4461 */ 4462 static Cache *sort_shdr_ndx_arr_cache; 4463 4464 4465 /* 4466 * Used with qsort() to sort the section indices so that they can be 4467 * used to access the section headers in order of increasing data offset. 4468 * 4469 * entry: 4470 * sort_shdr_ndx_arr_cache - Contains address of 4471 * section header cache. 4472 * v1, v2 - Point at elements of sort_shdr_bits array to be compared. 4473 * 4474 * exit: 4475 * Returns -1 (less than), 0 (equal) or 1 (greater than). 4476 */ 4477 static int 4478 sort_shdr_ndx_arr(const void *v1, const void *v2) 4479 { 4480 Cache *cache1 = sort_shdr_ndx_arr_cache + *((size_t *)v1); 4481 Cache *cache2 = sort_shdr_ndx_arr_cache + *((size_t *)v2); 4482 4483 if (cache1->c_shdr->sh_offset < cache2->c_shdr->sh_offset) 4484 return (-1); 4485 4486 if (cache1->c_shdr->sh_offset > cache2->c_shdr->sh_offset) 4487 return (1); 4488 4489 return (0); 4490 } 4491 4492 4493 static int 4494 shdr_cache(const char *file, Elf *elf, Ehdr *ehdr, size_t shstrndx, 4495 size_t shnum, Cache **cache_ret, Word flags) 4496 { 4497 Elf_Scn *scn; 4498 Elf_Data *data; 4499 size_t ndx; 4500 Shdr *nameshdr; 4501 char *names = NULL; 4502 Cache *cache, *_cache; 4503 size_t *shdr_ndx_arr, shdr_ndx_arr_cnt; 4504 4505 4506 /* 4507 * Obtain the .shstrtab data buffer to provide the required section 4508 * name strings. 4509 */ 4510 if (shstrndx == SHN_UNDEF) { 4511 /* 4512 * It is rare, but legal, for an object to lack a 4513 * header string table section. 4514 */ 4515 names = NULL; 4516 (void) fprintf(stderr, MSG_INTL(MSG_ERR_NOSHSTRSEC), file); 4517 } else if ((scn = elf_getscn(elf, shstrndx)) == NULL) { 4518 failure(file, MSG_ORIG(MSG_ELF_GETSCN)); 4519 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SHDR), 4520 EC_XWORD(shstrndx)); 4521 4522 } else if ((data = elf_getdata(scn, NULL)) == NULL) { 4523 failure(file, MSG_ORIG(MSG_ELF_GETDATA)); 4524 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_DATA), 4525 EC_XWORD(shstrndx)); 4526 4527 } else if ((nameshdr = elf_getshdr(scn)) == NULL) { 4528 failure(file, MSG_ORIG(MSG_ELF_GETSHDR)); 4529 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCN), 4530 EC_WORD(elf_ndxscn(scn))); 4531 4532 } else if ((names = data->d_buf) == NULL) 4533 (void) fprintf(stderr, MSG_INTL(MSG_ERR_SHSTRNULL), file); 4534 4535 /* 4536 * Allocate a cache to maintain a descriptor for each section. 4537 */ 4538 if ((*cache_ret = cache = malloc(shnum * sizeof (Cache))) == NULL) { 4539 int err = errno; 4540 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 4541 file, strerror(err)); 4542 return (0); 4543 } 4544 4545 *cache = cache_init; 4546 _cache = cache; 4547 _cache++; 4548 4549 /* 4550 * Allocate an array that will hold the section index for 4551 * each section that has data in the ELF file: 4552 * 4553 * - Is not a NOBITS section 4554 * - Data has non-zero length 4555 * 4556 * Note that shnum is an upper bound on the size required. It 4557 * is likely that we won't use a few of these array elements. 4558 * Allocating a modest amount of extra memory in this case means 4559 * that we can avoid an extra loop to count the number of needed 4560 * items, and can fill this array immediately in the first loop 4561 * below. 4562 */ 4563 if ((shdr_ndx_arr = malloc(shnum * sizeof (*shdr_ndx_arr))) == NULL) { 4564 int err = errno; 4565 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 4566 file, strerror(err)); 4567 return (0); 4568 } 4569 shdr_ndx_arr_cnt = 0; 4570 4571 /* 4572 * Traverse the sections of the file. This gathering of data is 4573 * carried out in two passes. First, the section headers are captured 4574 * and the section header names are evaluated. A verification pass is 4575 * then carried out over the section information. Files have been 4576 * known to exhibit overlapping (and hence erroneous) section header 4577 * information. 4578 * 4579 * Finally, the data for each section is obtained. This processing is 4580 * carried out after section verification because should any section 4581 * header overlap occur, and a file needs translating (ie. xlate'ing 4582 * information from a non-native architecture file), then the process 4583 * of translation can corrupt the section header information. Of 4584 * course, if there is any section overlap, the data related to the 4585 * sections is going to be compromised. However, it is the translation 4586 * of this data that has caused problems with elfdump()'s ability to 4587 * extract the data. 4588 */ 4589 for (ndx = 1, scn = NULL; scn = elf_nextscn(elf, scn); 4590 ndx++, _cache++) { 4591 char scnndxnm[100]; 4592 4593 _cache->c_ndx = ndx; 4594 _cache->c_scn = scn; 4595 4596 if ((_cache->c_shdr = elf_getshdr(scn)) == NULL) { 4597 failure(file, MSG_ORIG(MSG_ELF_GETSHDR)); 4598 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCN), 4599 EC_WORD(elf_ndxscn(scn))); 4600 } 4601 4602 /* 4603 * If this section has data in the file, include it in 4604 * the array of sections to check for address overlap. 4605 */ 4606 if ((_cache->c_shdr->sh_size != 0) && 4607 (_cache->c_shdr->sh_type != SHT_NOBITS)) 4608 shdr_ndx_arr[shdr_ndx_arr_cnt++] = ndx; 4609 4610 /* 4611 * If a shstrtab exists, assign the section name. 4612 */ 4613 if (names && _cache->c_shdr) { 4614 if (_cache->c_shdr->sh_name && 4615 /* LINTED */ 4616 (nameshdr->sh_size > _cache->c_shdr->sh_name)) { 4617 const char *symname; 4618 char *secname; 4619 4620 secname = names + _cache->c_shdr->sh_name; 4621 4622 /* 4623 * A SUN naming convention employs a "%" within 4624 * a section name to indicate a section/symbol 4625 * name. This originated from the compilers 4626 * -xF option, that places functions into their 4627 * own sections. This convention (which has no 4628 * formal standard) has also been followed for 4629 * COMDAT sections. To demangle the symbol 4630 * name, the name must be separated from the 4631 * section name. 4632 */ 4633 if (((flags & FLG_CTL_DEMANGLE) == 0) || 4634 ((symname = strchr(secname, '%')) == NULL)) 4635 _cache->c_name = secname; 4636 else { 4637 size_t secsz = ++symname - secname; 4638 size_t strsz; 4639 4640 symname = demangle(symname, flags); 4641 strsz = secsz + strlen(symname) + 1; 4642 4643 if ((_cache->c_name = 4644 malloc(strsz)) == NULL) { 4645 int err = errno; 4646 (void) fprintf(stderr, 4647 MSG_INTL(MSG_ERR_MALLOC), 4648 file, strerror(err)); 4649 return (0); 4650 } 4651 (void) snprintf(_cache->c_name, strsz, 4652 MSG_ORIG(MSG_FMT_SECSYM), 4653 EC_WORD(secsz), secname, symname); 4654 } 4655 4656 continue; 4657 } 4658 4659 /* 4660 * Generate an error if the section name index is zero 4661 * or exceeds the shstrtab data. Fall through to 4662 * fabricate a section name. 4663 */ 4664 if ((_cache->c_shdr->sh_name == 0) || 4665 /* LINTED */ 4666 (nameshdr->sh_size <= _cache->c_shdr->sh_name)) { 4667 (void) fprintf(stderr, 4668 MSG_INTL(MSG_ERR_BADSHNAME), file, 4669 EC_WORD(ndx), 4670 EC_XWORD(_cache->c_shdr->sh_name)); 4671 } 4672 } 4673 4674 /* 4675 * If there exists no shstrtab data, or a section header has no 4676 * name (an invalid index of 0), then compose a name for the 4677 * section. 4678 */ 4679 (void) snprintf(scnndxnm, sizeof (scnndxnm), 4680 MSG_INTL(MSG_FMT_SCNNDX), ndx); 4681 4682 if ((_cache->c_name = malloc(strlen(scnndxnm) + 1)) == NULL) { 4683 int err = errno; 4684 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALLOC), 4685 file, strerror(err)); 4686 return (0); 4687 } 4688 (void) strcpy(_cache->c_name, scnndxnm); 4689 } 4690 4691 /* 4692 * Having collected all the sections, validate their address range. 4693 * Cases have existed where the section information has been invalid. 4694 * This can lead to all sorts of other, hard to diagnose errors, as 4695 * each section is processed individually (ie. with elf_getdata()). 4696 * Here, we carry out some address comparisons to catch a family of 4697 * overlapping memory issues we have observed (likely, there are others 4698 * that we have yet to discover). 4699 * 4700 * Note, should any memory overlap occur, obtaining any additional 4701 * data from the file is questionable. However, it might still be 4702 * possible to inspect the ELF header, Programs headers, or individual 4703 * sections, so rather than bailing on an error condition, continue 4704 * processing to see if any data can be salvaged. 4705 */ 4706 if (shdr_ndx_arr_cnt > 1) { 4707 sort_shdr_ndx_arr_cache = cache; 4708 qsort(shdr_ndx_arr, shdr_ndx_arr_cnt, 4709 sizeof (*shdr_ndx_arr), sort_shdr_ndx_arr); 4710 } 4711 for (ndx = 0; ndx < shdr_ndx_arr_cnt; ndx++) { 4712 Cache *_cache = cache + shdr_ndx_arr[ndx]; 4713 Shdr *shdr = _cache->c_shdr; 4714 Off bgn1, bgn = shdr->sh_offset; 4715 Off end1, end = shdr->sh_offset + shdr->sh_size; 4716 size_t ndx1; 4717 4718 /* 4719 * Check the section against all following ones, reporting 4720 * any overlaps. Since we've sorted the sections by offset, 4721 * we can stop after the first comparison that fails. There 4722 * are no overlaps in a properly formed ELF file, in which 4723 * case this algorithm runs in O(n) time. This will degenerate 4724 * to O(n^2) for a completely broken file. Such a file is 4725 * (1) highly unlikely, and (2) unusable, so it is reasonable 4726 * for the analysis to take longer. 4727 */ 4728 for (ndx1 = ndx + 1; ndx1 < shdr_ndx_arr_cnt; ndx1++) { 4729 Cache *_cache1 = cache + shdr_ndx_arr[ndx1]; 4730 Shdr *shdr1 = _cache1->c_shdr; 4731 4732 bgn1 = shdr1->sh_offset; 4733 end1 = shdr1->sh_offset + shdr1->sh_size; 4734 4735 if (((bgn1 <= bgn) && (end1 > bgn)) || 4736 ((bgn1 < end) && (end1 >= end))) { 4737 (void) fprintf(stderr, 4738 MSG_INTL(MSG_ERR_SECMEMOVER), file, 4739 EC_WORD(elf_ndxscn(_cache->c_scn)), 4740 _cache->c_name, EC_OFF(bgn), EC_OFF(end), 4741 EC_WORD(elf_ndxscn(_cache1->c_scn)), 4742 _cache1->c_name, EC_OFF(bgn1), 4743 EC_OFF(end1)); 4744 } else { /* No overlap, so can stop */ 4745 break; 4746 } 4747 } 4748 4749 /* 4750 * In addition to checking for sections overlapping 4751 * each other (done above), we should also make sure 4752 * the section doesn't overlap the section header array. 4753 */ 4754 bgn1 = ehdr->e_shoff; 4755 end1 = ehdr->e_shoff + (ehdr->e_shentsize * ehdr->e_shnum); 4756 4757 if (((bgn1 <= bgn) && (end1 > bgn)) || 4758 ((bgn1 < end) && (end1 >= end))) { 4759 (void) fprintf(stderr, 4760 MSG_INTL(MSG_ERR_SHDRMEMOVER), file, EC_OFF(bgn1), 4761 EC_OFF(end1), 4762 EC_WORD(elf_ndxscn(_cache->c_scn)), 4763 _cache->c_name, EC_OFF(bgn), EC_OFF(end)); 4764 } 4765 } 4766 4767 /* 4768 * Obtain the data for each section. 4769 */ 4770 for (ndx = 1; ndx < shnum; ndx++) { 4771 Cache *_cache = &cache[ndx]; 4772 Elf_Scn *scn = _cache->c_scn; 4773 4774 if ((_cache->c_data = elf_getdata(scn, NULL)) == NULL) { 4775 failure(file, MSG_ORIG(MSG_ELF_GETDATA)); 4776 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCNDATA), 4777 EC_WORD(elf_ndxscn(scn))); 4778 } 4779 4780 /* 4781 * If a string table, verify that it has NULL first and 4782 * final bytes. 4783 */ 4784 if ((_cache->c_shdr->sh_type == SHT_STRTAB) && 4785 (_cache->c_data != NULL) && 4786 (_cache->c_data->d_buf != NULL) && 4787 (_cache->c_data->d_size > 0)) { 4788 const char *s = _cache->c_data->d_buf; 4789 4790 if ((*s != '\0') || 4791 (*(s + _cache->c_data->d_size - 1) != '\0')) 4792 (void) fprintf(stderr, MSG_INTL(MSG_ERR_MALSTR), 4793 file, _cache->c_name); 4794 } 4795 } 4796 4797 return (1); 4798 } 4799 4800 4801 4802 /* 4803 * Generate a cache of section headers and related information 4804 * for use by the rest of elfdump. If requested (or the file 4805 * contains no section headers), we generate a fake set of 4806 * headers from the information accessible from the program headers. 4807 * Otherwise, we use the real section headers contained in the file. 4808 */ 4809 static int 4810 create_cache(const char *file, int fd, Elf *elf, Ehdr *ehdr, Cache **cache, 4811 size_t shstrndx, size_t *shnum, uint_t *flags) 4812 { 4813 /* 4814 * If there are no section headers, then resort to synthesizing 4815 * section headers from the program headers. This is normally 4816 * only done by explicit request, but in this case there's no 4817 * reason not to go ahead, since the alternative is simply to quit. 4818 */ 4819 if ((*shnum <= 1) && ((*flags & FLG_CTL_FAKESHDR) == 0)) { 4820 (void) fprintf(stderr, MSG_INTL(MSG_ERR_NOSHDR), file); 4821 *flags |= FLG_CTL_FAKESHDR; 4822 } 4823 4824 if (*flags & FLG_CTL_FAKESHDR) { 4825 if (fake_shdr_cache(file, fd, elf, ehdr, cache, shnum) == 0) 4826 return (0); 4827 } else { 4828 if (shdr_cache(file, elf, ehdr, shstrndx, *shnum, 4829 cache, *flags) == 0) 4830 return (0); 4831 } 4832 4833 return (1); 4834 } 4835 4836 int 4837 regular(const char *file, int fd, Elf *elf, uint_t flags, 4838 const char *wname, int wfd, uchar_t osabi) 4839 { 4840 enum { CACHE_NEEDED, CACHE_OK, CACHE_FAIL} cache_state = CACHE_NEEDED; 4841 Elf_Scn *scn; 4842 Ehdr *ehdr; 4843 size_t ndx, shstrndx, shnum, phnum; 4844 Shdr *shdr; 4845 Cache *cache; 4846 VERSYM_STATE versym = { 0 }; 4847 int ret = 0; 4848 int addr_align; 4849 4850 if ((ehdr = elf_getehdr(elf)) == NULL) { 4851 failure(file, MSG_ORIG(MSG_ELF_GETEHDR)); 4852 return (ret); 4853 } 4854 4855 if (elf_getshdrnum(elf, &shnum) == -1) { 4856 failure(file, MSG_ORIG(MSG_ELF_GETSHDRNUM)); 4857 return (ret); 4858 } 4859 4860 if (elf_getshdrstrndx(elf, &shstrndx) == -1) { 4861 failure(file, MSG_ORIG(MSG_ELF_GETSHDRSTRNDX)); 4862 return (ret); 4863 } 4864 4865 if (elf_getphdrnum(elf, &phnum) == -1) { 4866 failure(file, MSG_ORIG(MSG_ELF_GETPHDRNUM)); 4867 return (ret); 4868 } 4869 /* 4870 * If the user requested section headers derived from the 4871 * program headers (-P option) and this file doesn't have 4872 * any program headers (i.e. ET_REL), then we can't do it. 4873 */ 4874 if ((phnum == 0) && (flags & FLG_CTL_FAKESHDR)) { 4875 (void) fprintf(stderr, MSG_INTL(MSG_ERR_PNEEDSPH), file); 4876 return (ret); 4877 } 4878 4879 4880 if ((scn = elf_getscn(elf, 0)) != NULL) { 4881 if ((shdr = elf_getshdr(scn)) == NULL) { 4882 failure(file, MSG_ORIG(MSG_ELF_GETSHDR)); 4883 (void) fprintf(stderr, MSG_INTL(MSG_ELF_ERR_SCN), 0); 4884 return (ret); 4885 } 4886 } else 4887 shdr = NULL; 4888 4889 /* 4890 * Print the elf header. 4891 */ 4892 if (flags & FLG_SHOW_EHDR) 4893 Elf_ehdr(0, ehdr, shdr); 4894 4895 /* 4896 * If the section headers or program headers have inadequate 4897 * alignment for the class of object, print a warning. libelf 4898 * can handle such files, but programs that use them can crash 4899 * when they dereference unaligned items. 4900 * 4901 * Note that the AMD64 ABI, although it is a 64-bit architecture, 4902 * allows access to data types smaller than 128-bits to be on 4903 * word alignment. 4904 */ 4905 if (ehdr->e_machine == EM_AMD64) 4906 addr_align = sizeof (Word); 4907 else 4908 addr_align = sizeof (Addr); 4909 4910 if (ehdr->e_phoff & (addr_align - 1)) 4911 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADPHDRALIGN), file); 4912 if (ehdr->e_shoff & (addr_align - 1)) 4913 (void) fprintf(stderr, MSG_INTL(MSG_ERR_BADSHDRALIGN), file); 4914 4915 4916 /* 4917 * Determine the Operating System ABI (osabi) we will use to 4918 * interpret the object. 4919 */ 4920 if (flags & FLG_CTL_OSABI) { 4921 /* 4922 * If the user explicitly specifies '-O none', we need 4923 * to display a completely generic view of the file. 4924 * However, libconv is written to assume that ELFOSABI_NONE 4925 * is equivalent to ELFOSABI_SOLARIS. To get the desired 4926 * effect, we use an osabi that libconv has no knowledge of. 4927 */ 4928 if (osabi == ELFOSABI_NONE) 4929 osabi = ELFOSABI_UNKNOWN4; 4930 } else { 4931 /* Determine osabi from file */ 4932 osabi = ehdr->e_ident[EI_OSABI]; 4933 if (osabi == ELFOSABI_NONE) { 4934 /* 4935 * Chicken/Egg scenario: 4936 * 4937 * Ideally, we wait to create the section header cache 4938 * until after the program headers are printed. If we 4939 * only output program headers, we can skip building 4940 * the cache entirely. 4941 * 4942 * Proper interpretation of program headers requires 4943 * the osabi, which is supposed to be in the ELF header. 4944 * However, many systems (Solaris and Linux included) 4945 * have a history of setting the osabi to the generic 4946 * SysV ABI (ELFOSABI_NONE). We assume ELFOSABI_SOLARIS 4947 * in such cases, but would like to check the object 4948 * to see if it has a Linux .note.ABI-tag section, 4949 * which implies ELFOSABI_LINUX. This requires a 4950 * section header cache. 4951 * 4952 * To break the cycle, we create section headers now 4953 * if osabi is ELFOSABI_NONE, and later otherwise. 4954 * If it succeeds, we use them, if not, we defer 4955 * exiting until after the program headers are out. 4956 */ 4957 if (create_cache(file, fd, elf, ehdr, &cache, 4958 shstrndx, &shnum, &flags) == 0) { 4959 cache_state = CACHE_FAIL; 4960 } else { 4961 cache_state = CACHE_OK; 4962 if (has_linux_abi_note(cache, shnum, file)) { 4963 Conv_inv_buf_t ibuf1, ibuf2; 4964 4965 (void) fprintf(stderr, 4966 MSG_INTL(MSG_INFO_LINUXOSABI), file, 4967 conv_ehdr_osabi(osabi, 0, &ibuf1), 4968 conv_ehdr_osabi(ELFOSABI_LINUX, 4969 0, &ibuf2)); 4970 osabi = ELFOSABI_LINUX; 4971 } 4972 } 4973 } 4974 /* 4975 * We treat ELFOSABI_NONE identically to ELFOSABI_SOLARIS. 4976 * Mapping NONE to SOLARIS simplifies the required test. 4977 */ 4978 if (osabi == ELFOSABI_NONE) 4979 osabi = ELFOSABI_SOLARIS; 4980 } 4981 4982 /* 4983 * Print the program headers. 4984 */ 4985 if ((flags & FLG_SHOW_PHDR) && (phnum != 0)) { 4986 Phdr *phdr; 4987 4988 if ((phdr = elf_getphdr(elf)) == NULL) { 4989 failure(file, MSG_ORIG(MSG_ELF_GETPHDR)); 4990 return (ret); 4991 } 4992 4993 for (ndx = 0; ndx < phnum; phdr++, ndx++) { 4994 if (!match(MATCH_F_PHDR| MATCH_F_NDX | MATCH_F_TYPE, 4995 NULL, ndx, phdr->p_type)) 4996 continue; 4997 4998 dbg_print(0, MSG_ORIG(MSG_STR_EMPTY)); 4999 dbg_print(0, MSG_INTL(MSG_ELF_PHDR), EC_WORD(ndx)); 5000 Elf_phdr(0, osabi, ehdr->e_machine, phdr); 5001 } 5002 } 5003 5004 /* 5005 * If we have flag bits set that explicitly require a show or calc 5006 * operation, but none of them require the section headers, then 5007 * we are done and can return now. 5008 */ 5009 if (((flags & (FLG_MASK_SHOW | FLG_MASK_CALC)) != 0) && 5010 ((flags & (FLG_MASK_SHOW_SHDR | FLG_MASK_CALC_SHDR)) == 0)) 5011 return (ret); 5012 5013 /* 5014 * Everything from this point on requires section headers. 5015 * If we have no section headers, there is no reason to continue. 5016 * 5017 * If we tried above to create the section header cache and failed, 5018 * it is time to exit. Otherwise, create it if needed. 5019 */ 5020 switch (cache_state) { 5021 case CACHE_NEEDED: 5022 if (create_cache(file, fd, elf, ehdr, &cache, shstrndx, 5023 &shnum, &flags) == 0) 5024 return (ret); 5025 break; 5026 case CACHE_OK: 5027 break; 5028 case CACHE_FAIL: 5029 return (ret); 5030 } 5031 if (shnum <= 1) 5032 goto done; 5033 5034 /* 5035 * If -w was specified, find and write out the section(s) data. 5036 */ 5037 if (wfd) { 5038 for (ndx = 1; ndx < shnum; ndx++) { 5039 Cache *_cache = &cache[ndx]; 5040 5041 if (match(MATCH_F_STRICT | MATCH_F_ALL, _cache->c_name, 5042 ndx, _cache->c_shdr->sh_type) && 5043 _cache->c_data && _cache->c_data->d_buf) { 5044 if (write(wfd, _cache->c_data->d_buf, 5045 _cache->c_data->d_size) != 5046 _cache->c_data->d_size) { 5047 int err = errno; 5048 (void) fprintf(stderr, 5049 MSG_INTL(MSG_ERR_WRITE), wname, 5050 strerror(err)); 5051 /* 5052 * Return an exit status of 1, because 5053 * the failure is not related to the 5054 * ELF file, but by system resources. 5055 */ 5056 ret = 1; 5057 goto done; 5058 } 5059 } 5060 } 5061 } 5062 5063 /* 5064 * If we have no flag bits set that explicitly require a show or calc 5065 * operation, but match options (-I, -N, -T) were used, then run 5066 * through the section headers and see if we can't deduce show flags 5067 * from the match options given. 5068 * 5069 * We don't do this if -w was specified, because (-I, -N, -T) used 5070 * with -w in lieu of some other option is supposed to be quiet. 5071 */ 5072 if ((wfd == 0) && (flags & FLG_CTL_MATCH) && 5073 ((flags & (FLG_MASK_SHOW | FLG_MASK_CALC)) == 0)) { 5074 for (ndx = 1; ndx < shnum; ndx++) { 5075 Cache *_cache = &cache[ndx]; 5076 5077 if (!match(MATCH_F_STRICT | MATCH_F_ALL, _cache->c_name, 5078 ndx, _cache->c_shdr->sh_type)) 5079 continue; 5080 5081 switch (_cache->c_shdr->sh_type) { 5082 case SHT_PROGBITS: 5083 /* 5084 * Heuristic time: It is usually bad form 5085 * to assume the meaning/format of a PROGBITS 5086 * section based on its name. However, there 5087 * are ABI mandated exceptions. Check for 5088 * these special names. 5089 */ 5090 5091 /* The ELF ABI specifies .interp and .got */ 5092 if (strcmp(_cache->c_name, 5093 MSG_ORIG(MSG_ELF_INTERP)) == 0) { 5094 flags |= FLG_SHOW_INTERP; 5095 break; 5096 } 5097 if (strcmp(_cache->c_name, 5098 MSG_ORIG(MSG_ELF_GOT)) == 0) { 5099 flags |= FLG_SHOW_GOT; 5100 break; 5101 } 5102 /* 5103 * The GNU compilers, and amd64 ABI, define 5104 * .eh_frame and .eh_frame_hdr. The Sun 5105 * C++ ABI defines .exception_ranges. 5106 */ 5107 if ((strncmp(_cache->c_name, 5108 MSG_ORIG(MSG_SCN_FRM), 5109 MSG_SCN_FRM_SIZE) == 0) || 5110 (strncmp(_cache->c_name, 5111 MSG_ORIG(MSG_SCN_EXRANGE), 5112 MSG_SCN_EXRANGE_SIZE) == 0)) { 5113 flags |= FLG_SHOW_UNWIND; 5114 break; 5115 } 5116 break; 5117 5118 case SHT_SYMTAB: 5119 case SHT_DYNSYM: 5120 case SHT_SUNW_LDYNSYM: 5121 case SHT_SUNW_versym: 5122 case SHT_SYMTAB_SHNDX: 5123 flags |= FLG_SHOW_SYMBOLS; 5124 break; 5125 5126 case SHT_RELA: 5127 case SHT_REL: 5128 flags |= FLG_SHOW_RELOC; 5129 break; 5130 5131 case SHT_HASH: 5132 flags |= FLG_SHOW_HASH; 5133 break; 5134 5135 case SHT_DYNAMIC: 5136 flags |= FLG_SHOW_DYNAMIC; 5137 break; 5138 5139 case SHT_NOTE: 5140 flags |= FLG_SHOW_NOTE; 5141 break; 5142 5143 case SHT_GROUP: 5144 flags |= FLG_SHOW_GROUP; 5145 break; 5146 5147 case SHT_SUNW_symsort: 5148 case SHT_SUNW_tlssort: 5149 flags |= FLG_SHOW_SORT; 5150 break; 5151 5152 case SHT_SUNW_cap: 5153 flags |= FLG_SHOW_CAP; 5154 break; 5155 5156 case SHT_SUNW_move: 5157 flags |= FLG_SHOW_MOVE; 5158 break; 5159 5160 case SHT_SUNW_syminfo: 5161 flags |= FLG_SHOW_SYMINFO; 5162 break; 5163 5164 case SHT_SUNW_verdef: 5165 case SHT_SUNW_verneed: 5166 flags |= FLG_SHOW_VERSIONS; 5167 break; 5168 5169 case SHT_AMD64_UNWIND: 5170 flags |= FLG_SHOW_UNWIND; 5171 break; 5172 } 5173 } 5174 } 5175 5176 5177 if (flags & FLG_SHOW_SHDR) 5178 sections(file, cache, shnum, ehdr, osabi); 5179 5180 if (flags & FLG_SHOW_INTERP) 5181 interp(file, cache, shnum, phnum, elf); 5182 5183 if ((osabi == ELFOSABI_SOLARIS) || (osabi == ELFOSABI_LINUX)) 5184 versions(cache, shnum, file, flags, &versym); 5185 5186 if (flags & FLG_SHOW_SYMBOLS) 5187 symbols(cache, shnum, ehdr, osabi, &versym, file, flags); 5188 5189 if ((flags & FLG_SHOW_SORT) && (osabi == ELFOSABI_SOLARIS)) 5190 sunw_sort(cache, shnum, ehdr, osabi, &versym, file, flags); 5191 5192 if (flags & FLG_SHOW_HASH) 5193 hash(cache, shnum, file, flags); 5194 5195 if (flags & FLG_SHOW_GOT) 5196 got(cache, shnum, ehdr, file); 5197 5198 if (flags & FLG_SHOW_GROUP) 5199 group(cache, shnum, file, flags); 5200 5201 if (flags & FLG_SHOW_SYMINFO) 5202 syminfo(cache, shnum, ehdr, osabi, file); 5203 5204 if (flags & FLG_SHOW_RELOC) 5205 reloc(cache, shnum, ehdr, file); 5206 5207 if (flags & FLG_SHOW_DYNAMIC) 5208 dynamic(cache, shnum, ehdr, osabi, file); 5209 5210 if (flags & FLG_SHOW_NOTE) { 5211 Word note_cnt; 5212 size_t note_shnum; 5213 Cache *note_cache; 5214 5215 note_cnt = note(cache, shnum, ehdr, file); 5216 5217 /* 5218 * Solaris core files have section headers, but these 5219 * headers do not include SHT_NOTE sections that reference 5220 * the core note sections. This means that note() won't 5221 * find the core notes. Fake section headers (-P option) 5222 * recover these sections, but it is inconvenient to require 5223 * users to specify -P in this situation. If the following 5224 * are all true: 5225 * 5226 * - No note sections were found 5227 * - This is a core file 5228 * - We are not already using fake section headers 5229 * 5230 * then we will automatically generate fake section headers 5231 * and then process them in a second call to note(). 5232 */ 5233 if ((note_cnt == 0) && (ehdr->e_type == ET_CORE) && 5234 !(flags & FLG_CTL_FAKESHDR) && 5235 (fake_shdr_cache(file, fd, elf, ehdr, 5236 ¬e_cache, ¬e_shnum) != 0)) { 5237 (void) note(note_cache, note_shnum, ehdr, file); 5238 fake_shdr_cache_free(note_cache, note_shnum); 5239 } 5240 } 5241 5242 if ((flags & FLG_SHOW_MOVE) && (osabi == ELFOSABI_SOLARIS)) 5243 move(cache, shnum, file, flags); 5244 5245 if (flags & FLG_CALC_CHECKSUM) 5246 checksum(elf); 5247 5248 if ((flags & FLG_SHOW_CAP) && (osabi == ELFOSABI_SOLARIS)) 5249 cap(file, cache, shnum, phnum, ehdr, osabi, elf, flags); 5250 5251 if ((flags & FLG_SHOW_UNWIND) && 5252 ((osabi == ELFOSABI_SOLARIS) || (osabi == ELFOSABI_LINUX))) 5253 unwind(cache, shnum, phnum, ehdr, osabi, file, elf, flags); 5254 5255 5256 /* Release the memory used to cache section headers */ 5257 done: 5258 if (flags & FLG_CTL_FAKESHDR) 5259 fake_shdr_cache_free(cache, shnum); 5260 else 5261 free(cache); 5262 5263 return (ret); 5264 } 5265