1 /* Create descriptor for processing file. 2 Copyright (C) 1998-2010, 2012, 2014 Red Hat, Inc. 3 This file is part of elfutils. 4 Written by Ulrich Drepper <drepper (at) redhat.com>, 1998. 5 6 This file is free software; you can redistribute it and/or modify 7 it under the terms of either 8 9 * the GNU Lesser General Public License as published by the Free 10 Software Foundation; either version 3 of the License, or (at 11 your option) any later version 12 13 or 14 15 * the GNU General Public License as published by the Free 16 Software Foundation; either version 2 of the License, or (at 17 your option) any later version 18 19 or both in parallel, as here. 20 21 elfutils is distributed in the hope that it will be useful, but 22 WITHOUT ANY WARRANTY; without even the implied warranty of 23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 24 General Public License for more details. 25 26 You should have received copies of the GNU General Public License and 27 the GNU Lesser General Public License along with this program. If 28 not, see <http://www.gnu.org/licenses/>. */ 29 30 #ifdef HAVE_CONFIG_H 31 # include <config.h> 32 #endif 33 34 #include <assert.h> 35 #include <ctype.h> 36 #include <errno.h> 37 #include <fcntl.h> 38 #include <stdbool.h> 39 #include <stddef.h> 40 #include <string.h> 41 #include <unistd.h> 42 #include <sys/mman.h> 43 #include <sys/param.h> 44 #include <sys/stat.h> 45 46 #include <system.h> 47 #include "libelfP.h" 48 #include "common.h" 49 50 51 /* Create descriptor for archive in memory. */ 52 static inline Elf * 53 file_read_ar (int fildes, void *map_address, off_t offset, size_t maxsize, 54 Elf_Cmd cmd, Elf *parent) 55 { 56 Elf *elf; 57 58 /* Create a descriptor. */ 59 elf = allocate_elf (fildes, map_address, offset, maxsize, cmd, parent, 60 ELF_K_AR, 0); 61 if (elf != NULL) 62 { 63 /* We don't read all the symbol tables in advance. All this will 64 happen on demand. */ 65 elf->state.ar.offset = offset + SARMAG; 66 67 elf->state.ar.elf_ar_hdr.ar_rawname = elf->state.ar.raw_name; 68 } 69 70 return elf; 71 } 72 73 74 static size_t 75 get_shnum (void *map_address, unsigned char *e_ident, int fildes, off_t offset, 76 size_t maxsize) 77 { 78 size_t result; 79 union 80 { 81 Elf32_Ehdr *e32; 82 Elf64_Ehdr *e64; 83 void *p; 84 } ehdr; 85 union 86 { 87 Elf32_Ehdr e32; 88 Elf64_Ehdr e64; 89 } ehdr_mem; 90 bool is32 = e_ident[EI_CLASS] == ELFCLASS32; 91 92 /* Make the ELF header available. */ 93 if (e_ident[EI_DATA] == MY_ELFDATA 94 && (ALLOW_UNALIGNED 95 || (((size_t) e_ident 96 & ((is32 ? __alignof__ (Elf32_Ehdr) : __alignof__ (Elf64_Ehdr)) 97 - 1)) == 0))) 98 ehdr.p = e_ident; 99 else 100 { 101 /* We already read the ELF header. We have to copy the header 102 since we possibly modify the data here and the caller 103 expects the memory it passes in to be preserved. */ 104 ehdr.p = &ehdr_mem; 105 106 if (is32) 107 { 108 if (ALLOW_UNALIGNED) 109 { 110 ehdr_mem.e32.e_shnum = ((Elf32_Ehdr *) e_ident)->e_shnum; 111 ehdr_mem.e32.e_shoff = ((Elf32_Ehdr *) e_ident)->e_shoff; 112 } 113 else 114 memcpy (&ehdr_mem, e_ident, sizeof (Elf32_Ehdr)); 115 116 if (e_ident[EI_DATA] != MY_ELFDATA) 117 { 118 CONVERT (ehdr_mem.e32.e_shnum); 119 CONVERT (ehdr_mem.e32.e_shoff); 120 } 121 } 122 else 123 { 124 if (ALLOW_UNALIGNED) 125 { 126 ehdr_mem.e64.e_shnum = ((Elf64_Ehdr *) e_ident)->e_shnum; 127 ehdr_mem.e64.e_shoff = ((Elf64_Ehdr *) e_ident)->e_shoff; 128 } 129 else 130 memcpy (&ehdr_mem, e_ident, sizeof (Elf64_Ehdr)); 131 132 if (e_ident[EI_DATA] != MY_ELFDATA) 133 { 134 CONVERT (ehdr_mem.e64.e_shnum); 135 CONVERT (ehdr_mem.e64.e_shoff); 136 } 137 } 138 } 139 140 if (is32) 141 { 142 /* Get the number of sections from the ELF header. */ 143 result = ehdr.e32->e_shnum; 144 145 if (unlikely (result == 0) && ehdr.e32->e_shoff != 0) 146 { 147 if (unlikely (ehdr.e32->e_shoff >= maxsize) 148 || unlikely (maxsize - ehdr.e32->e_shoff < sizeof (Elf32_Shdr))) 149 /* Cannot read the first section header. */ 150 return 0; 151 152 if (likely (map_address != NULL) && e_ident[EI_DATA] == MY_ELFDATA 153 && (ALLOW_UNALIGNED 154 || (((size_t) ((char *) map_address + offset)) 155 & (__alignof__ (Elf32_Ehdr) - 1)) == 0)) 156 /* We can directly access the memory. */ 157 result = ((Elf32_Shdr *) ((char *) map_address + ehdr.e32->e_shoff 158 + offset))->sh_size; 159 else 160 { 161 Elf32_Word size; 162 163 if (likely (map_address != NULL)) 164 /* gcc will optimize the memcpy to a simple memory 165 access while taking care of alignment issues. */ 166 memcpy (&size, &((Elf32_Shdr *) ((char *) map_address 167 + ehdr.e32->e_shoff 168 + offset))->sh_size, 169 sizeof (Elf32_Word)); 170 else 171 if (unlikely (pread_retry (fildes, &size, sizeof (Elf32_Word), 172 offset + ehdr.e32->e_shoff 173 + offsetof (Elf32_Shdr, sh_size)) 174 != sizeof (Elf32_Word))) 175 return (size_t) -1l; 176 177 if (e_ident[EI_DATA] != MY_ELFDATA) 178 CONVERT (size); 179 180 result = size; 181 } 182 } 183 184 /* If the section headers were truncated, pretend none were there. */ 185 if (ehdr.e32->e_shoff > maxsize 186 || maxsize - ehdr.e32->e_shoff < sizeof (Elf32_Shdr) * result) 187 result = 0; 188 } 189 else 190 { 191 /* Get the number of sections from the ELF header. */ 192 result = ehdr.e64->e_shnum; 193 194 if (unlikely (result == 0) && ehdr.e64->e_shoff != 0) 195 { 196 if (unlikely (ehdr.e64->e_shoff >= maxsize) 197 || unlikely (ehdr.e64->e_shoff + sizeof (Elf64_Shdr) > maxsize)) 198 /* Cannot read the first section header. */ 199 return 0; 200 201 Elf64_Xword size; 202 if (likely (map_address != NULL) && e_ident[EI_DATA] == MY_ELFDATA 203 && (ALLOW_UNALIGNED 204 || (((size_t) ((char *) map_address + offset)) 205 & (__alignof__ (Elf64_Ehdr) - 1)) == 0)) 206 /* We can directly access the memory. */ 207 size = ((Elf64_Shdr *) ((char *) map_address + ehdr.e64->e_shoff 208 + offset))->sh_size; 209 else 210 { 211 if (likely (map_address != NULL)) 212 /* gcc will optimize the memcpy to a simple memory 213 access while taking care of alignment issues. */ 214 memcpy (&size, &((Elf64_Shdr *) ((char *) map_address 215 + ehdr.e64->e_shoff 216 + offset))->sh_size, 217 sizeof (Elf64_Xword)); 218 else 219 if (unlikely (pread_retry (fildes, &size, sizeof (Elf64_Word), 220 offset + ehdr.e64->e_shoff 221 + offsetof (Elf64_Shdr, sh_size)) 222 != sizeof (Elf64_Xword))) 223 return (size_t) -1l; 224 225 if (e_ident[EI_DATA] != MY_ELFDATA) 226 CONVERT (size); 227 } 228 229 if (size > ~((GElf_Word) 0)) 230 /* Invalid value, it is too large. */ 231 return (size_t) -1l; 232 233 result = size; 234 } 235 236 /* If the section headers were truncated, pretend none were there. */ 237 if (ehdr.e64->e_shoff > maxsize 238 || maxsize - ehdr.e64->e_shoff < sizeof (Elf64_Shdr) * result) 239 result = 0; 240 } 241 242 return result; 243 } 244 245 246 /* Create descriptor for ELF file in memory. */ 247 static Elf * 248 file_read_elf (int fildes, void *map_address, unsigned char *e_ident, 249 off_t offset, size_t maxsize, Elf_Cmd cmd, Elf *parent) 250 { 251 /* Verify the binary is of the class we can handle. */ 252 if (unlikely ((e_ident[EI_CLASS] != ELFCLASS32 253 && e_ident[EI_CLASS] != ELFCLASS64) 254 /* We also can only handle two encodings. */ 255 || (e_ident[EI_DATA] != ELFDATA2LSB 256 && e_ident[EI_DATA] != ELFDATA2MSB))) 257 { 258 /* Cannot handle this. */ 259 __libelf_seterrno (ELF_E_INVALID_FILE); 260 return NULL; 261 } 262 263 /* Determine the number of sections. */ 264 size_t scncnt = get_shnum (map_address, e_ident, fildes, offset, maxsize); 265 if (scncnt == (size_t) -1l) 266 /* Could not determine the number of sections. */ 267 return NULL; 268 269 /* Check for too many sections. */ 270 if (e_ident[EI_CLASS] == ELFCLASS32) 271 { 272 if (scncnt > SIZE_MAX / (sizeof (Elf_Scn) + sizeof (Elf32_Shdr))) 273 return NULL; 274 } 275 else if (scncnt > SIZE_MAX / (sizeof (Elf_Scn) + sizeof (Elf64_Shdr))) 276 return NULL; 277 278 /* We can now allocate the memory. Even if there are no section headers, 279 we allocate space for a zeroth section in case we need it later. */ 280 const size_t scnmax = (scncnt ?: (cmd == ELF_C_RDWR || cmd == ELF_C_RDWR_MMAP) 281 ? 1 : 0); 282 Elf *elf = allocate_elf (fildes, map_address, offset, maxsize, cmd, parent, 283 ELF_K_ELF, scnmax * sizeof (Elf_Scn)); 284 if (elf == NULL) 285 /* Not enough memory. */ 286 return NULL; 287 288 assert ((unsigned int) scncnt == scncnt); 289 assert (offsetof (struct Elf, state.elf32.scns) 290 == offsetof (struct Elf, state.elf64.scns)); 291 elf->state.elf32.scns.cnt = scncnt; 292 elf->state.elf32.scns.max = scnmax; 293 294 /* Some more or less arbitrary value. */ 295 elf->state.elf.scnincr = 10; 296 297 /* Make the class easily available. */ 298 elf->class = e_ident[EI_CLASS]; 299 300 if (e_ident[EI_CLASS] == ELFCLASS32) 301 { 302 /* This pointer might not be directly usable if the alignment is 303 not sufficient for the architecture. */ 304 Elf32_Ehdr *ehdr = (Elf32_Ehdr *) ((char *) map_address + offset); 305 306 /* This is a 32-bit binary. */ 307 if (map_address != NULL && e_ident[EI_DATA] == MY_ELFDATA 308 && (ALLOW_UNALIGNED 309 || ((((uintptr_t) ehdr) & (__alignof__ (Elf32_Ehdr) - 1)) == 0 310 && ((uintptr_t) ((char *) ehdr + ehdr->e_shoff) 311 & (__alignof__ (Elf32_Shdr) - 1)) == 0 312 && ((uintptr_t) ((char *) ehdr + ehdr->e_phoff) 313 & (__alignof__ (Elf32_Phdr) - 1)) == 0))) 314 { 315 /* We can use the mmapped memory. */ 316 elf->state.elf32.ehdr = ehdr; 317 318 if (unlikely (ehdr->e_shoff >= maxsize) 319 || unlikely (maxsize - ehdr->e_shoff 320 < scncnt * sizeof (Elf32_Shdr))) 321 { 322 free_and_out: 323 free (elf); 324 __libelf_seterrno (ELF_E_INVALID_FILE); 325 return NULL; 326 } 327 elf->state.elf32.shdr 328 = (Elf32_Shdr *) ((char *) ehdr + ehdr->e_shoff); 329 330 /* Don't precache the phdr pointer here. 331 elf32_getphdr will validate it against the size when asked. */ 332 333 for (size_t cnt = 0; cnt < scncnt; ++cnt) 334 { 335 elf->state.elf32.scns.data[cnt].index = cnt; 336 elf->state.elf32.scns.data[cnt].elf = elf; 337 elf->state.elf32.scns.data[cnt].shdr.e32 = 338 &elf->state.elf32.shdr[cnt]; 339 if (likely (elf->state.elf32.shdr[cnt].sh_offset < maxsize) 340 && likely (elf->state.elf32.shdr[cnt].sh_size 341 <= maxsize - elf->state.elf32.shdr[cnt].sh_offset)) 342 elf->state.elf32.scns.data[cnt].rawdata_base = 343 elf->state.elf32.scns.data[cnt].data_base = 344 ((char *) map_address + offset 345 + elf->state.elf32.shdr[cnt].sh_offset); 346 elf->state.elf32.scns.data[cnt].list = &elf->state.elf32.scns; 347 348 /* If this is a section with an extended index add a 349 reference in the section which uses the extended 350 index. */ 351 if (elf->state.elf32.shdr[cnt].sh_type == SHT_SYMTAB_SHNDX 352 && elf->state.elf32.shdr[cnt].sh_link < scncnt) 353 elf->state.elf32.scns.data[elf->state.elf32.shdr[cnt].sh_link].shndx_index 354 = cnt; 355 356 /* Set the own shndx_index field in case it has not yet 357 been set. */ 358 if (elf->state.elf32.scns.data[cnt].shndx_index == 0) 359 elf->state.elf32.scns.data[cnt].shndx_index = -1; 360 } 361 } 362 else 363 { 364 /* Copy the ELF header. */ 365 elf->state.elf32.ehdr = memcpy (&elf->state.elf32.ehdr_mem, e_ident, 366 sizeof (Elf32_Ehdr)); 367 368 if (e_ident[EI_DATA] != MY_ELFDATA) 369 { 370 CONVERT (elf->state.elf32.ehdr_mem.e_type); 371 CONVERT (elf->state.elf32.ehdr_mem.e_machine); 372 CONVERT (elf->state.elf32.ehdr_mem.e_version); 373 CONVERT (elf->state.elf32.ehdr_mem.e_entry); 374 CONVERT (elf->state.elf32.ehdr_mem.e_phoff); 375 CONVERT (elf->state.elf32.ehdr_mem.e_shoff); 376 CONVERT (elf->state.elf32.ehdr_mem.e_flags); 377 CONVERT (elf->state.elf32.ehdr_mem.e_ehsize); 378 CONVERT (elf->state.elf32.ehdr_mem.e_phentsize); 379 CONVERT (elf->state.elf32.ehdr_mem.e_phnum); 380 CONVERT (elf->state.elf32.ehdr_mem.e_shentsize); 381 CONVERT (elf->state.elf32.ehdr_mem.e_shnum); 382 CONVERT (elf->state.elf32.ehdr_mem.e_shstrndx); 383 } 384 385 for (size_t cnt = 0; cnt < scncnt; ++cnt) 386 { 387 elf->state.elf32.scns.data[cnt].index = cnt; 388 elf->state.elf32.scns.data[cnt].elf = elf; 389 elf->state.elf32.scns.data[cnt].list = &elf->state.elf32.scns; 390 } 391 } 392 393 /* So far only one block with sections. */ 394 elf->state.elf32.scns_last = &elf->state.elf32.scns; 395 } 396 else 397 { 398 /* This pointer might not be directly usable if the alignment is 399 not sufficient for the architecture. */ 400 Elf64_Ehdr *ehdr = (Elf64_Ehdr *) ((char *) map_address + offset); 401 402 /* This is a 64-bit binary. */ 403 if (map_address != NULL && e_ident[EI_DATA] == MY_ELFDATA 404 && (ALLOW_UNALIGNED 405 || ((((uintptr_t) ehdr) & (__alignof__ (Elf64_Ehdr) - 1)) == 0 406 && ((uintptr_t) ((char *) ehdr + ehdr->e_shoff) 407 & (__alignof__ (Elf64_Shdr) - 1)) == 0 408 && ((uintptr_t) ((char *) ehdr + ehdr->e_phoff) 409 & (__alignof__ (Elf64_Phdr) - 1)) == 0))) 410 { 411 /* We can use the mmapped memory. */ 412 elf->state.elf64.ehdr = ehdr; 413 414 if (unlikely (ehdr->e_shoff >= maxsize) 415 || unlikely (maxsize - ehdr->e_shoff 416 < scncnt * sizeof (Elf64_Shdr))) 417 goto free_and_out; 418 elf->state.elf64.shdr 419 = (Elf64_Shdr *) ((char *) ehdr + ehdr->e_shoff); 420 421 /* Don't precache the phdr pointer here. 422 elf64_getphdr will validate it against the size when asked. */ 423 424 for (size_t cnt = 0; cnt < scncnt; ++cnt) 425 { 426 elf->state.elf64.scns.data[cnt].index = cnt; 427 elf->state.elf64.scns.data[cnt].elf = elf; 428 elf->state.elf64.scns.data[cnt].shdr.e64 = 429 &elf->state.elf64.shdr[cnt]; 430 if (likely (elf->state.elf64.shdr[cnt].sh_offset < maxsize) 431 && likely (elf->state.elf64.shdr[cnt].sh_size 432 <= maxsize - elf->state.elf64.shdr[cnt].sh_offset)) 433 elf->state.elf64.scns.data[cnt].rawdata_base = 434 elf->state.elf64.scns.data[cnt].data_base = 435 ((char *) map_address + offset 436 + elf->state.elf64.shdr[cnt].sh_offset); 437 elf->state.elf64.scns.data[cnt].list = &elf->state.elf64.scns; 438 439 /* If this is a section with an extended index add a 440 reference in the section which uses the extended 441 index. */ 442 if (elf->state.elf64.shdr[cnt].sh_type == SHT_SYMTAB_SHNDX 443 && elf->state.elf64.shdr[cnt].sh_link < scncnt) 444 elf->state.elf64.scns.data[elf->state.elf64.shdr[cnt].sh_link].shndx_index 445 = cnt; 446 447 /* Set the own shndx_index field in case it has not yet 448 been set. */ 449 if (elf->state.elf64.scns.data[cnt].shndx_index == 0) 450 elf->state.elf64.scns.data[cnt].shndx_index = -1; 451 } 452 } 453 else 454 { 455 /* Copy the ELF header. */ 456 elf->state.elf64.ehdr = memcpy (&elf->state.elf64.ehdr_mem, e_ident, 457 sizeof (Elf64_Ehdr)); 458 459 if (e_ident[EI_DATA] != MY_ELFDATA) 460 { 461 CONVERT (elf->state.elf64.ehdr_mem.e_type); 462 CONVERT (elf->state.elf64.ehdr_mem.e_machine); 463 CONVERT (elf->state.elf64.ehdr_mem.e_version); 464 CONVERT (elf->state.elf64.ehdr_mem.e_entry); 465 CONVERT (elf->state.elf64.ehdr_mem.e_phoff); 466 CONVERT (elf->state.elf64.ehdr_mem.e_shoff); 467 CONVERT (elf->state.elf64.ehdr_mem.e_flags); 468 CONVERT (elf->state.elf64.ehdr_mem.e_ehsize); 469 CONVERT (elf->state.elf64.ehdr_mem.e_phentsize); 470 CONVERT (elf->state.elf64.ehdr_mem.e_phnum); 471 CONVERT (elf->state.elf64.ehdr_mem.e_shentsize); 472 CONVERT (elf->state.elf64.ehdr_mem.e_shnum); 473 CONVERT (elf->state.elf64.ehdr_mem.e_shstrndx); 474 } 475 476 for (size_t cnt = 0; cnt < scncnt; ++cnt) 477 { 478 elf->state.elf64.scns.data[cnt].index = cnt; 479 elf->state.elf64.scns.data[cnt].elf = elf; 480 elf->state.elf64.scns.data[cnt].list = &elf->state.elf64.scns; 481 } 482 } 483 484 /* So far only one block with sections. */ 485 elf->state.elf64.scns_last = &elf->state.elf64.scns; 486 } 487 488 return elf; 489 } 490 491 492 Elf * 493 internal_function 494 __libelf_read_mmaped_file (int fildes, void *map_address, off_t offset, 495 size_t maxsize, Elf_Cmd cmd, Elf *parent) 496 { 497 /* We have to find out what kind of file this is. We handle ELF 498 files and archives. To find out what we have we must look at the 499 header. The header for an ELF file is EI_NIDENT bytes in size, 500 the header for an archive file SARMAG bytes long. */ 501 unsigned char *e_ident = (unsigned char *) map_address + offset; 502 503 /* See what kind of object we have here. */ 504 Elf_Kind kind = determine_kind (e_ident, maxsize); 505 506 switch (kind) 507 { 508 case ELF_K_ELF: 509 return file_read_elf (fildes, map_address, e_ident, offset, maxsize, 510 cmd, parent); 511 512 case ELF_K_AR: 513 return file_read_ar (fildes, map_address, offset, maxsize, cmd, parent); 514 515 default: 516 break; 517 } 518 519 /* This case is easy. Since we cannot do anything with this file 520 create a dummy descriptor. */ 521 return allocate_elf (fildes, map_address, offset, maxsize, cmd, parent, 522 ELF_K_NONE, 0); 523 } 524 525 526 static Elf * 527 read_unmmaped_file (int fildes, off_t offset, size_t maxsize, Elf_Cmd cmd, 528 Elf *parent) 529 { 530 /* We have to find out what kind of file this is. We handle ELF 531 files and archives. To find out what we have we must read the 532 header. The identification header for an ELF file is EI_NIDENT 533 bytes in size, but we read the whole ELF header since we will 534 need it anyway later. For archives the header in SARMAG bytes 535 long. Read the maximum of these numbers. 536 537 XXX We have to change this for the extended `ar' format some day. 538 539 Use a union to ensure alignment. We might later access the 540 memory as a ElfXX_Ehdr. */ 541 union 542 { 543 Elf64_Ehdr ehdr; 544 unsigned char header[MAX (sizeof (Elf64_Ehdr), SARMAG)]; 545 } mem; 546 547 /* Read the head of the file. */ 548 ssize_t nread = pread_retry (fildes, mem.header, 549 MIN (MAX (sizeof (Elf64_Ehdr), SARMAG), 550 maxsize), 551 offset); 552 if (unlikely (nread == -1)) 553 { 554 /* We cannot even read the head of the file. Maybe FILDES is associated 555 with an unseekable device. This is nothing we can handle. */ 556 __libelf_seterrno (ELF_E_INVALID_FILE); 557 return NULL; 558 } 559 560 /* See what kind of object we have here. */ 561 Elf_Kind kind = determine_kind (mem.header, nread); 562 563 switch (kind) 564 { 565 case ELF_K_AR: 566 return file_read_ar (fildes, NULL, offset, maxsize, cmd, parent); 567 568 case ELF_K_ELF: 569 /* Make sure at least the ELF header is contained in the file. */ 570 if ((size_t) nread >= (mem.header[EI_CLASS] == ELFCLASS32 571 ? sizeof (Elf32_Ehdr) : sizeof (Elf64_Ehdr))) 572 return file_read_elf (fildes, NULL, mem.header, offset, maxsize, cmd, 573 parent); 574 /* FALLTHROUGH */ 575 576 default: 577 break; 578 } 579 580 /* This case is easy. Since we cannot do anything with this file 581 create a dummy descriptor. */ 582 return allocate_elf (fildes, NULL, offset, maxsize, cmd, parent, 583 ELF_K_NONE, 0); 584 } 585 586 587 /* Open a file for reading. If possible we will try to mmap() the file. */ 588 static struct Elf * 589 read_file (int fildes, off_t offset, size_t maxsize, 590 Elf_Cmd cmd, Elf *parent) 591 { 592 void *map_address = NULL; 593 int use_mmap = (cmd == ELF_C_READ_MMAP || cmd == ELF_C_RDWR_MMAP 594 || cmd == ELF_C_WRITE_MMAP 595 || cmd == ELF_C_READ_MMAP_PRIVATE); 596 597 if (use_mmap) 598 { 599 if (parent == NULL) 600 { 601 if (maxsize == ~((size_t) 0)) 602 { 603 /* We don't know in the moment how large the file is. 604 Determine it now. */ 605 struct stat st; 606 607 if (fstat (fildes, &st) == 0 608 && (sizeof (size_t) >= sizeof (st.st_size) 609 || st.st_size <= ~((size_t) 0))) 610 maxsize = (size_t) st.st_size; 611 } 612 613 /* We try to map the file ourself. */ 614 map_address = mmap (NULL, maxsize, (cmd == ELF_C_READ_MMAP 615 ? PROT_READ 616 : PROT_READ|PROT_WRITE), 617 cmd == ELF_C_READ_MMAP_PRIVATE 618 || cmd == ELF_C_READ_MMAP 619 ? MAP_PRIVATE : MAP_SHARED, 620 fildes, offset); 621 622 if (map_address == MAP_FAILED) 623 map_address = NULL; 624 } 625 else 626 { 627 /* The parent is already loaded. Use it. */ 628 assert (maxsize != ~((size_t) 0)); 629 630 map_address = parent->map_address; 631 } 632 } 633 634 /* If we have the file in memory optimize the access. */ 635 if (map_address != NULL) 636 { 637 assert (map_address != MAP_FAILED); 638 639 struct Elf *result = __libelf_read_mmaped_file (fildes, map_address, 640 offset, maxsize, cmd, 641 parent); 642 643 /* If something went wrong during the initialization unmap the 644 memory if we mmaped here. */ 645 if (result == NULL 646 && (parent == NULL 647 || parent->map_address != map_address)) 648 munmap (map_address, maxsize); 649 else if (parent == NULL) 650 /* Remember that we mmap()ed the memory. */ 651 result->flags |= ELF_F_MMAPPED; 652 653 return result; 654 } 655 656 /* Otherwise we have to do it the hard way. We read as much as necessary 657 from the file whenever we need information which is not available. */ 658 return read_unmmaped_file (fildes, offset, maxsize, cmd, parent); 659 } 660 661 662 /* Find the entry with the long names for the content of this archive. */ 663 static const char * 664 read_long_names (Elf *elf) 665 { 666 off_t offset = SARMAG; /* This is the first entry. */ 667 struct ar_hdr hdrm; 668 struct ar_hdr *hdr; 669 char *newp; 670 size_t len; 671 672 while (1) 673 { 674 if (elf->map_address != NULL) 675 { 676 if ((size_t) offset > elf->maximum_size 677 || elf->maximum_size - offset < sizeof (struct ar_hdr)) 678 return NULL; 679 680 /* The data is mapped. */ 681 hdr = (struct ar_hdr *) (elf->map_address + offset); 682 } 683 else 684 { 685 /* Read the header from the file. */ 686 if (unlikely (pread_retry (elf->fildes, &hdrm, sizeof (hdrm), 687 elf->start_offset + offset) 688 != sizeof (hdrm))) 689 return NULL; 690 691 hdr = &hdrm; 692 } 693 694 len = atol (hdr->ar_size); 695 696 if (memcmp (hdr->ar_name, "// ", 16) == 0) 697 break; 698 699 offset += sizeof (struct ar_hdr) + ((len + 1) & ~1l); 700 } 701 702 /* Due to the stupid format of the long name table entry (which are not 703 NUL terminted) we have to provide an appropriate representation anyhow. 704 Therefore we always make a copy which has the appropriate form. */ 705 newp = (char *) malloc (len); 706 if (newp != NULL) 707 { 708 char *runp; 709 710 if (elf->map_address != NULL) 711 { 712 if (len > elf->maximum_size - offset - sizeof (struct ar_hdr)) 713 goto too_much; 714 /* Simply copy it over. */ 715 elf->state.ar.long_names = (char *) memcpy (newp, 716 elf->map_address + offset 717 + sizeof (struct ar_hdr), 718 len); 719 } 720 else 721 { 722 if (unlikely ((size_t) pread_retry (elf->fildes, newp, len, 723 elf->start_offset + offset 724 + sizeof (struct ar_hdr)) 725 != len)) 726 { 727 too_much: 728 /* We were not able to read all data. */ 729 free (newp); 730 elf->state.ar.long_names = NULL; 731 return NULL; 732 } 733 elf->state.ar.long_names = newp; 734 } 735 736 elf->state.ar.long_names_len = len; 737 738 /* Now NUL-terminate the strings. */ 739 runp = newp; 740 while (1) 741 { 742 char *startp = runp; 743 runp = (char *) memchr (runp, '/', newp + len - runp); 744 if (runp == NULL) 745 { 746 /* This was the last entry. Clear any left overs. */ 747 memset (startp, '\0', newp + len - startp); 748 break; 749 } 750 751 /* NUL-terminate the string. */ 752 *runp = '\0'; 753 754 /* Skip the NUL byte and the \012. */ 755 runp += 2; 756 757 /* A sanity check. Somebody might have generated invalid 758 archive. */ 759 if (runp >= newp + len) 760 break; 761 } 762 } 763 764 return newp; 765 } 766 767 768 /* Read the next archive header. */ 769 int 770 internal_function 771 __libelf_next_arhdr_wrlock (elf) 772 Elf *elf; 773 { 774 struct ar_hdr *ar_hdr; 775 Elf_Arhdr *elf_ar_hdr; 776 777 if (elf->map_address != NULL) 778 { 779 /* See whether this entry is in the file. */ 780 if (unlikely ((size_t) elf->state.ar.offset 781 > elf->start_offset + elf->maximum_size 782 || (elf->start_offset + elf->maximum_size 783 - elf->state.ar.offset) < sizeof (struct ar_hdr))) 784 { 785 /* This record is not anymore in the file. */ 786 __libelf_seterrno (ELF_E_RANGE); 787 return -1; 788 } 789 ar_hdr = (struct ar_hdr *) (elf->map_address + elf->state.ar.offset); 790 } 791 else 792 { 793 ar_hdr = &elf->state.ar.ar_hdr; 794 795 if (unlikely (pread_retry (elf->fildes, ar_hdr, sizeof (struct ar_hdr), 796 elf->state.ar.offset) 797 != sizeof (struct ar_hdr))) 798 { 799 /* Something went wrong while reading the file. */ 800 __libelf_seterrno (ELF_E_RANGE); 801 return -1; 802 } 803 } 804 805 /* One little consistency check. */ 806 if (unlikely (memcmp (ar_hdr->ar_fmag, ARFMAG, 2) != 0)) 807 { 808 /* This is no valid archive. */ 809 __libelf_seterrno (ELF_E_ARCHIVE_FMAG); 810 return -1; 811 } 812 813 /* Copy the raw name over to a NUL terminated buffer. */ 814 *((char *) mempcpy (elf->state.ar.raw_name, ar_hdr->ar_name, 16)) = '\0'; 815 816 elf_ar_hdr = &elf->state.ar.elf_ar_hdr; 817 818 /* Now convert the `struct ar_hdr' into `Elf_Arhdr'. 819 Determine whether this is a special entry. */ 820 if (ar_hdr->ar_name[0] == '/') 821 { 822 if (ar_hdr->ar_name[1] == ' ' 823 && memcmp (ar_hdr->ar_name, "/ ", 16) == 0) 824 /* This is the index. */ 825 elf_ar_hdr->ar_name = memcpy (elf->state.ar.ar_name, "/", 2); 826 else if (ar_hdr->ar_name[1] == 'S' 827 && memcmp (ar_hdr->ar_name, "/SYM64/ ", 16) == 0) 828 /* 64-bit index. */ 829 elf_ar_hdr->ar_name = memcpy (elf->state.ar.ar_name, "/SYM64/", 8); 830 else if (ar_hdr->ar_name[1] == '/' 831 && memcmp (ar_hdr->ar_name, "// ", 16) == 0) 832 /* This is the array with the long names. */ 833 elf_ar_hdr->ar_name = memcpy (elf->state.ar.ar_name, "//", 3); 834 else if (likely (isdigit (ar_hdr->ar_name[1]))) 835 { 836 size_t offset; 837 838 /* This is a long name. First we have to read the long name 839 table, if this hasn't happened already. */ 840 if (unlikely (elf->state.ar.long_names == NULL 841 && read_long_names (elf) == NULL)) 842 { 843 /* No long name table although it is reference. The archive is 844 broken. */ 845 __libelf_seterrno (ELF_E_INVALID_ARCHIVE); 846 return -1; 847 } 848 849 offset = atol (ar_hdr->ar_name + 1); 850 if (unlikely (offset >= elf->state.ar.long_names_len)) 851 { 852 /* The index in the long name table is larger than the table. */ 853 __libelf_seterrno (ELF_E_INVALID_ARCHIVE); 854 return -1; 855 } 856 elf_ar_hdr->ar_name = elf->state.ar.long_names + offset; 857 } 858 else 859 { 860 /* This is none of the known special entries. */ 861 __libelf_seterrno (ELF_E_INVALID_ARCHIVE); 862 return -1; 863 } 864 } 865 else 866 { 867 char *endp; 868 869 /* It is a normal entry. Copy over the name. */ 870 endp = (char *) memccpy (elf->state.ar.ar_name, ar_hdr->ar_name, 871 '/', 16); 872 if (endp != NULL) 873 endp[-1] = '\0'; 874 else 875 { 876 /* In the old BSD style of archive, there is no / terminator. 877 Instead, there is space padding at the end of the name. */ 878 size_t i = 15; 879 do 880 elf->state.ar.ar_name[i] = '\0'; 881 while (i > 0 && elf->state.ar.ar_name[--i] == ' '); 882 } 883 884 elf_ar_hdr->ar_name = elf->state.ar.ar_name; 885 } 886 887 if (unlikely (ar_hdr->ar_size[0] == ' ')) 888 /* Something is really wrong. We cannot live without a size for 889 the member since it will not be possible to find the next 890 archive member. */ 891 { 892 __libelf_seterrno (ELF_E_INVALID_ARCHIVE); 893 return -1; 894 } 895 896 /* Since there are no specialized functions to convert ASCII to 897 time_t, uid_t, gid_t, mode_t, and off_t we use either atol or 898 atoll depending on the size of the types. We are also prepared 899 for the case where the whole field in the `struct ar_hdr' is 900 filled in which case we cannot simply use atol/l but instead have 901 to create a temporary copy. */ 902 903 #define INT_FIELD(FIELD) \ 904 do \ 905 { \ 906 char buf[sizeof (ar_hdr->FIELD) + 1]; \ 907 const char *string = ar_hdr->FIELD; \ 908 if (ar_hdr->FIELD[sizeof (ar_hdr->FIELD) - 1] != ' ') \ 909 { \ 910 *((char *) mempcpy (buf, ar_hdr->FIELD, sizeof (ar_hdr->FIELD))) \ 911 = '\0'; \ 912 string = buf; \ 913 } \ 914 if (sizeof (elf_ar_hdr->FIELD) <= sizeof (long int)) \ 915 elf_ar_hdr->FIELD = (__typeof (elf_ar_hdr->FIELD)) atol (string); \ 916 else \ 917 elf_ar_hdr->FIELD = (__typeof (elf_ar_hdr->FIELD)) atoll (string); \ 918 } \ 919 while (0) 920 921 INT_FIELD (ar_date); 922 INT_FIELD (ar_uid); 923 INT_FIELD (ar_gid); 924 INT_FIELD (ar_mode); 925 INT_FIELD (ar_size); 926 927 /* Truncated file? */ 928 size_t maxsize; 929 maxsize = elf->maximum_size - elf->state.ar.offset - sizeof (struct ar_hdr); 930 if ((size_t) elf_ar_hdr->ar_size > maxsize) 931 elf_ar_hdr->ar_size = maxsize; 932 933 return 0; 934 } 935 936 937 /* We were asked to return a clone of an existing descriptor. This 938 function must be called with the lock on the parent descriptor 939 being held. */ 940 static Elf * 941 dup_elf (int fildes, Elf_Cmd cmd, Elf *ref) 942 { 943 struct Elf *result; 944 945 if (fildes == -1) 946 /* Allow the user to pass -1 as the file descriptor for the new file. */ 947 fildes = ref->fildes; 948 /* The file descriptor better should be the same. If it was disconnected 949 already (using `elf_cntl') we do not test it. */ 950 else if (unlikely (ref->fildes != -1 && fildes != ref->fildes)) 951 { 952 __libelf_seterrno (ELF_E_FD_MISMATCH); 953 return NULL; 954 } 955 956 /* The mode must allow reading. I.e., a descriptor creating with a 957 command different then ELF_C_READ, ELF_C_WRITE and ELF_C_RDWR is 958 not allowed. */ 959 if (unlikely (ref->cmd != ELF_C_READ && ref->cmd != ELF_C_READ_MMAP 960 && ref->cmd != ELF_C_WRITE && ref->cmd != ELF_C_WRITE_MMAP 961 && ref->cmd != ELF_C_RDWR && ref->cmd != ELF_C_RDWR_MMAP 962 && ref->cmd != ELF_C_READ_MMAP_PRIVATE)) 963 { 964 __libelf_seterrno (ELF_E_INVALID_OP); 965 return NULL; 966 } 967 968 /* Now it is time to distinguish between reading normal files and 969 archives. Normal files can easily be handled be incrementing the 970 reference counter and return the same descriptor. */ 971 if (ref->kind != ELF_K_AR) 972 { 973 ++ref->ref_count; 974 return ref; 975 } 976 977 /* This is an archive. We must create a descriptor for the archive 978 member the internal pointer of the archive file desriptor is 979 pointing to. First read the header of the next member if this 980 has not happened already. */ 981 if (ref->state.ar.elf_ar_hdr.ar_name == NULL 982 && __libelf_next_arhdr_wrlock (ref) != 0) 983 /* Something went wrong. Maybe there is no member left. */ 984 return NULL; 985 986 /* We have all the information we need about the next archive member. 987 Now create a descriptor for it. */ 988 result = read_file (fildes, ref->state.ar.offset + sizeof (struct ar_hdr), 989 ref->state.ar.elf_ar_hdr.ar_size, cmd, ref); 990 991 /* Enlist this new descriptor in the list of children. */ 992 if (result != NULL) 993 { 994 result->next = ref->state.ar.children; 995 ref->state.ar.children = result; 996 } 997 998 return result; 999 } 1000 1001 1002 /* Return desriptor for empty file ready for writing. */ 1003 static struct Elf * 1004 write_file (int fd, Elf_Cmd cmd) 1005 { 1006 /* We simply create an empty `Elf' structure. */ 1007 #define NSCNSALLOC 10 1008 Elf *result = allocate_elf (fd, NULL, 0, 0, cmd, NULL, ELF_K_ELF, 1009 NSCNSALLOC * sizeof (Elf_Scn)); 1010 1011 if (result != NULL) 1012 { 1013 /* We have to write to the file in any case. */ 1014 result->flags = ELF_F_DIRTY; 1015 1016 /* Some more or less arbitrary value. */ 1017 result->state.elf.scnincr = NSCNSALLOC; 1018 1019 /* We have allocated room for some sections. */ 1020 assert (offsetof (struct Elf, state.elf32.scns) 1021 == offsetof (struct Elf, state.elf64.scns)); 1022 result->state.elf.scns_last = &result->state.elf32.scns; 1023 result->state.elf32.scns.max = NSCNSALLOC; 1024 } 1025 1026 return result; 1027 } 1028 1029 1030 /* Return a descriptor for the file belonging to FILDES. */ 1031 Elf * 1032 elf_begin (fildes, cmd, ref) 1033 int fildes; 1034 Elf_Cmd cmd; 1035 Elf *ref; 1036 { 1037 Elf *retval; 1038 1039 if (unlikely (! __libelf_version_initialized)) 1040 { 1041 /* Version wasn't set so far. */ 1042 __libelf_seterrno (ELF_E_NO_VERSION); 1043 return NULL; 1044 } 1045 1046 if (ref != NULL) 1047 /* Make sure the descriptor is not suddenly going away. */ 1048 rwlock_rdlock (ref->lock); 1049 else if (unlikely (fcntl (fildes, F_GETFL) == -1 && errno == EBADF)) 1050 { 1051 /* We cannot do anything productive without a file descriptor. */ 1052 __libelf_seterrno (ELF_E_INVALID_FILE); 1053 return NULL; 1054 } 1055 1056 Elf *lock_dup_elf () 1057 { 1058 /* We need wrlock to dup an archive. */ 1059 if (ref->kind == ELF_K_AR) 1060 { 1061 rwlock_unlock (ref->lock); 1062 rwlock_wrlock (ref->lock); 1063 } 1064 1065 /* Duplicate the descriptor. */ 1066 return dup_elf (fildes, cmd, ref); 1067 } 1068 1069 switch (cmd) 1070 { 1071 case ELF_C_NULL: 1072 /* We simply return a NULL pointer. */ 1073 retval = NULL; 1074 break; 1075 1076 case ELF_C_READ_MMAP_PRIVATE: 1077 /* If we have a reference it must also be opened this way. */ 1078 if (unlikely (ref != NULL && ref->cmd != ELF_C_READ_MMAP_PRIVATE)) 1079 { 1080 __libelf_seterrno (ELF_E_INVALID_CMD); 1081 retval = NULL; 1082 break; 1083 } 1084 /* FALLTHROUGH */ 1085 1086 case ELF_C_READ: 1087 case ELF_C_READ_MMAP: 1088 if (ref != NULL) 1089 retval = lock_dup_elf (); 1090 else 1091 /* Create descriptor for existing file. */ 1092 retval = read_file (fildes, 0, ~((size_t) 0), cmd, NULL); 1093 break; 1094 1095 case ELF_C_RDWR: 1096 case ELF_C_RDWR_MMAP: 1097 /* If we have a REF object it must also be opened using this 1098 command. */ 1099 if (ref != NULL) 1100 { 1101 if (unlikely (ref->cmd != ELF_C_RDWR && ref->cmd != ELF_C_RDWR_MMAP 1102 && ref->cmd != ELF_C_WRITE 1103 && ref->cmd != ELF_C_WRITE_MMAP)) 1104 { 1105 /* This is not ok. REF must also be opened for writing. */ 1106 __libelf_seterrno (ELF_E_INVALID_CMD); 1107 retval = NULL; 1108 } 1109 else 1110 retval = lock_dup_elf (); 1111 } 1112 else 1113 /* Create descriptor for existing file. */ 1114 retval = read_file (fildes, 0, ~((size_t) 0), cmd, NULL); 1115 break; 1116 1117 case ELF_C_WRITE: 1118 case ELF_C_WRITE_MMAP: 1119 /* We ignore REF and prepare a descriptor to write a new file. */ 1120 retval = write_file (fildes, cmd); 1121 break; 1122 1123 default: 1124 __libelf_seterrno (ELF_E_INVALID_CMD); 1125 retval = NULL; 1126 break; 1127 } 1128 1129 /* Release the lock. */ 1130 if (ref != NULL) 1131 rwlock_unlock (ref->lock); 1132 1133 return retval; 1134 } 1135 INTDEF(elf_begin) 1136