1 /* Create descriptor for processing file. 2 Copyright (C) 1998-2010, 2012, 2014, 2015 Red Hat, Inc. 3 This file is part of elfutils. 4 Written by Ulrich Drepper <drepper (at) redhat.com>, 1998. 5 6 This file is free software; you can redistribute it and/or modify 7 it under the terms of either 8 9 * the GNU Lesser General Public License as published by the Free 10 Software Foundation; either version 3 of the License, or (at 11 your option) any later version 12 13 or 14 15 * the GNU General Public License as published by the Free 16 Software Foundation; either version 2 of the License, or (at 17 your option) any later version 18 19 or both in parallel, as here. 20 21 elfutils is distributed in the hope that it will be useful, but 22 WITHOUT ANY WARRANTY; without even the implied warranty of 23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 24 General Public License for more details. 25 26 You should have received copies of the GNU General Public License and 27 the GNU Lesser General Public License along with this program. If 28 not, see <http://www.gnu.org/licenses/>. */ 29 30 #ifdef HAVE_CONFIG_H 31 # include <config.h> 32 #endif 33 34 #include <assert.h> 35 #include <ctype.h> 36 #include <errno.h> 37 #include <fcntl.h> 38 #include <stdbool.h> 39 #include <stddef.h> 40 #include <string.h> 41 #include <unistd.h> 42 #include <sys/mman.h> 43 #include <sys/param.h> 44 #include <sys/stat.h> 45 46 #include <system.h> 47 #include "libelfP.h" 48 #include "common.h" 49 50 51 /* Create descriptor for archive in memory. */ 52 static inline Elf * 53 file_read_ar (int fildes, void *map_address, off_t offset, size_t maxsize, 54 Elf_Cmd cmd, Elf *parent) 55 { 56 Elf *elf; 57 58 /* Create a descriptor. */ 59 elf = allocate_elf (fildes, map_address, offset, maxsize, cmd, parent, 60 ELF_K_AR, 0); 61 if (elf != NULL) 62 { 63 /* We don't read all the symbol tables in advance. All this will 64 happen on demand. */ 65 elf->state.ar.offset = offset + SARMAG; 66 67 elf->state.ar.elf_ar_hdr.ar_rawname = elf->state.ar.raw_name; 68 } 69 70 return elf; 71 } 72 73 74 static size_t 75 get_shnum (void *map_address, unsigned char *e_ident, int fildes, off_t offset, 76 size_t maxsize) 77 { 78 size_t result; 79 union 80 { 81 Elf32_Ehdr *e32; 82 Elf64_Ehdr *e64; 83 void *p; 84 } ehdr; 85 union 86 { 87 Elf32_Ehdr e32; 88 Elf64_Ehdr e64; 89 } ehdr_mem; 90 bool is32 = e_ident[EI_CLASS] == ELFCLASS32; 91 92 /* Make the ELF header available. */ 93 if (e_ident[EI_DATA] == MY_ELFDATA 94 && (ALLOW_UNALIGNED 95 || (((size_t) e_ident 96 & ((is32 ? __alignof__ (Elf32_Ehdr) : __alignof__ (Elf64_Ehdr)) 97 - 1)) == 0))) 98 ehdr.p = e_ident; 99 else 100 { 101 /* We already read the ELF header. We have to copy the header 102 since we possibly modify the data here and the caller 103 expects the memory it passes in to be preserved. */ 104 ehdr.p = &ehdr_mem; 105 106 if (is32) 107 { 108 if (ALLOW_UNALIGNED) 109 { 110 ehdr_mem.e32.e_shnum = ((Elf32_Ehdr *) e_ident)->e_shnum; 111 ehdr_mem.e32.e_shoff = ((Elf32_Ehdr *) e_ident)->e_shoff; 112 } 113 else 114 memcpy (&ehdr_mem, e_ident, sizeof (Elf32_Ehdr)); 115 116 if (e_ident[EI_DATA] != MY_ELFDATA) 117 { 118 CONVERT (ehdr_mem.e32.e_shnum); 119 CONVERT (ehdr_mem.e32.e_shoff); 120 } 121 } 122 else 123 { 124 if (ALLOW_UNALIGNED) 125 { 126 ehdr_mem.e64.e_shnum = ((Elf64_Ehdr *) e_ident)->e_shnum; 127 ehdr_mem.e64.e_shoff = ((Elf64_Ehdr *) e_ident)->e_shoff; 128 } 129 else 130 memcpy (&ehdr_mem, e_ident, sizeof (Elf64_Ehdr)); 131 132 if (e_ident[EI_DATA] != MY_ELFDATA) 133 { 134 CONVERT (ehdr_mem.e64.e_shnum); 135 CONVERT (ehdr_mem.e64.e_shoff); 136 } 137 } 138 } 139 140 if (is32) 141 { 142 /* Get the number of sections from the ELF header. */ 143 result = ehdr.e32->e_shnum; 144 145 if (unlikely (result == 0) && ehdr.e32->e_shoff != 0) 146 { 147 if (unlikely (ehdr.e32->e_shoff >= maxsize) 148 || unlikely (maxsize - ehdr.e32->e_shoff < sizeof (Elf32_Shdr))) 149 /* Cannot read the first section header. */ 150 return 0; 151 152 if (likely (map_address != NULL) && e_ident[EI_DATA] == MY_ELFDATA 153 && (ALLOW_UNALIGNED 154 || (((size_t) ((char *) map_address + ehdr.e32->e_shoff)) 155 & (__alignof__ (Elf32_Shdr) - 1)) == 0)) 156 /* We can directly access the memory. */ 157 result = ((Elf32_Shdr *) ((char *) map_address + ehdr.e32->e_shoff 158 + offset))->sh_size; 159 else 160 { 161 Elf32_Word size; 162 163 if (likely (map_address != NULL)) 164 /* gcc will optimize the memcpy to a simple memory 165 access while taking care of alignment issues. */ 166 memcpy (&size, &((Elf32_Shdr *) ((char *) map_address 167 + ehdr.e32->e_shoff 168 + offset))->sh_size, 169 sizeof (Elf32_Word)); 170 else 171 if (unlikely (pread_retry (fildes, &size, sizeof (Elf32_Word), 172 offset + ehdr.e32->e_shoff 173 + offsetof (Elf32_Shdr, sh_size)) 174 != sizeof (Elf32_Word))) 175 return (size_t) -1l; 176 177 if (e_ident[EI_DATA] != MY_ELFDATA) 178 CONVERT (size); 179 180 result = size; 181 } 182 } 183 184 /* If the section headers were truncated, pretend none were there. */ 185 if (ehdr.e32->e_shoff > maxsize 186 || maxsize - ehdr.e32->e_shoff < sizeof (Elf32_Shdr) * result) 187 result = 0; 188 } 189 else 190 { 191 /* Get the number of sections from the ELF header. */ 192 result = ehdr.e64->e_shnum; 193 194 if (unlikely (result == 0) && ehdr.e64->e_shoff != 0) 195 { 196 if (unlikely (ehdr.e64->e_shoff >= maxsize) 197 || unlikely (ehdr.e64->e_shoff + sizeof (Elf64_Shdr) > maxsize)) 198 /* Cannot read the first section header. */ 199 return 0; 200 201 Elf64_Xword size; 202 if (likely (map_address != NULL) && e_ident[EI_DATA] == MY_ELFDATA 203 && (ALLOW_UNALIGNED 204 || (((size_t) ((char *) map_address + ehdr.e64->e_shoff)) 205 & (__alignof__ (Elf64_Shdr) - 1)) == 0)) 206 /* We can directly access the memory. */ 207 size = ((Elf64_Shdr *) ((char *) map_address + ehdr.e64->e_shoff 208 + offset))->sh_size; 209 else 210 { 211 if (likely (map_address != NULL)) 212 /* gcc will optimize the memcpy to a simple memory 213 access while taking care of alignment issues. */ 214 memcpy (&size, &((Elf64_Shdr *) ((char *) map_address 215 + ehdr.e64->e_shoff 216 + offset))->sh_size, 217 sizeof (Elf64_Xword)); 218 else 219 if (unlikely (pread_retry (fildes, &size, sizeof (Elf64_Xword), 220 offset + ehdr.e64->e_shoff 221 + offsetof (Elf64_Shdr, sh_size)) 222 != sizeof (Elf64_Xword))) 223 return (size_t) -1l; 224 225 if (e_ident[EI_DATA] != MY_ELFDATA) 226 CONVERT (size); 227 } 228 229 if (size > ~((GElf_Word) 0)) 230 /* Invalid value, it is too large. */ 231 return (size_t) -1l; 232 233 result = size; 234 } 235 236 /* If the section headers were truncated, pretend none were there. */ 237 if (ehdr.e64->e_shoff > maxsize 238 || maxsize - ehdr.e64->e_shoff < sizeof (Elf64_Shdr) * result) 239 result = 0; 240 } 241 242 return result; 243 } 244 245 246 /* Create descriptor for ELF file in memory. */ 247 static Elf * 248 file_read_elf (int fildes, void *map_address, unsigned char *e_ident, 249 off_t offset, size_t maxsize, Elf_Cmd cmd, Elf *parent) 250 { 251 /* Verify the binary is of the class we can handle. */ 252 if (unlikely ((e_ident[EI_CLASS] != ELFCLASS32 253 && e_ident[EI_CLASS] != ELFCLASS64) 254 /* We also can only handle two encodings. */ 255 || (e_ident[EI_DATA] != ELFDATA2LSB 256 && e_ident[EI_DATA] != ELFDATA2MSB))) 257 { 258 /* Cannot handle this. */ 259 __libelf_seterrno (ELF_E_INVALID_FILE); 260 return NULL; 261 } 262 263 /* Determine the number of sections. */ 264 size_t scncnt = get_shnum (map_address, e_ident, fildes, offset, maxsize); 265 if (scncnt == (size_t) -1l) 266 /* Could not determine the number of sections. */ 267 return NULL; 268 269 /* Check for too many sections. */ 270 if (e_ident[EI_CLASS] == ELFCLASS32) 271 { 272 if (scncnt > SIZE_MAX / (sizeof (Elf_Scn) + sizeof (Elf32_Shdr))) 273 return NULL; 274 } 275 else if (scncnt > SIZE_MAX / (sizeof (Elf_Scn) + sizeof (Elf64_Shdr))) 276 return NULL; 277 278 /* We can now allocate the memory. Even if there are no section headers, 279 we allocate space for a zeroth section in case we need it later. */ 280 const size_t scnmax = (scncnt ?: (cmd == ELF_C_RDWR || cmd == ELF_C_RDWR_MMAP) 281 ? 1 : 0); 282 Elf *elf = allocate_elf (fildes, map_address, offset, maxsize, cmd, parent, 283 ELF_K_ELF, scnmax * sizeof (Elf_Scn)); 284 if (elf == NULL) 285 /* Not enough memory. */ 286 return NULL; 287 288 assert ((unsigned int) scncnt == scncnt); 289 assert (offsetof (struct Elf, state.elf32.scns) 290 == offsetof (struct Elf, state.elf64.scns)); 291 elf->state.elf32.scns.cnt = scncnt; 292 elf->state.elf32.scns.max = scnmax; 293 294 /* Some more or less arbitrary value. */ 295 elf->state.elf.scnincr = 10; 296 297 /* Make the class easily available. */ 298 elf->class = e_ident[EI_CLASS]; 299 300 if (e_ident[EI_CLASS] == ELFCLASS32) 301 { 302 /* This pointer might not be directly usable if the alignment is 303 not sufficient for the architecture. */ 304 Elf32_Ehdr *ehdr = (Elf32_Ehdr *) ((char *) map_address + offset); 305 306 /* This is a 32-bit binary. */ 307 if (map_address != NULL && e_ident[EI_DATA] == MY_ELFDATA 308 && (ALLOW_UNALIGNED 309 || (((uintptr_t) ehdr) & (__alignof__ (Elf32_Ehdr) - 1)) == 0)) 310 { 311 /* We can use the mmapped memory. */ 312 elf->state.elf32.ehdr = ehdr; 313 } 314 else 315 { 316 /* Copy the ELF header. */ 317 elf->state.elf32.ehdr = memcpy (&elf->state.elf32.ehdr_mem, e_ident, 318 sizeof (Elf32_Ehdr)); 319 320 if (e_ident[EI_DATA] != MY_ELFDATA) 321 { 322 CONVERT (elf->state.elf32.ehdr_mem.e_type); 323 CONVERT (elf->state.elf32.ehdr_mem.e_machine); 324 CONVERT (elf->state.elf32.ehdr_mem.e_version); 325 CONVERT (elf->state.elf32.ehdr_mem.e_entry); 326 CONVERT (elf->state.elf32.ehdr_mem.e_phoff); 327 CONVERT (elf->state.elf32.ehdr_mem.e_shoff); 328 CONVERT (elf->state.elf32.ehdr_mem.e_flags); 329 CONVERT (elf->state.elf32.ehdr_mem.e_ehsize); 330 CONVERT (elf->state.elf32.ehdr_mem.e_phentsize); 331 CONVERT (elf->state.elf32.ehdr_mem.e_phnum); 332 CONVERT (elf->state.elf32.ehdr_mem.e_shentsize); 333 CONVERT (elf->state.elf32.ehdr_mem.e_shnum); 334 CONVERT (elf->state.elf32.ehdr_mem.e_shstrndx); 335 } 336 } 337 338 /* Don't precache the phdr pointer here. 339 elf32_getphdr will validate it against the size when asked. */ 340 341 Elf32_Off e_shoff = elf->state.elf32.ehdr->e_shoff; 342 if (map_address != NULL && e_ident[EI_DATA] == MY_ELFDATA 343 && cmd != ELF_C_READ_MMAP /* We need a copy to be able to write. */ 344 && (ALLOW_UNALIGNED 345 || (((uintptr_t) ((char *) ehdr + e_shoff) 346 & (__alignof__ (Elf32_Shdr) - 1)) == 0))) 347 { 348 if (unlikely (e_shoff >= maxsize) 349 || unlikely (maxsize - e_shoff 350 < scncnt * sizeof (Elf32_Shdr))) 351 { 352 free_and_out: 353 free (elf); 354 __libelf_seterrno (ELF_E_INVALID_FILE); 355 return NULL; 356 } 357 elf->state.elf32.shdr 358 = (Elf32_Shdr *) ((char *) ehdr + e_shoff); 359 360 for (size_t cnt = 0; cnt < scncnt; ++cnt) 361 { 362 elf->state.elf32.scns.data[cnt].index = cnt; 363 elf->state.elf32.scns.data[cnt].elf = elf; 364 elf->state.elf32.scns.data[cnt].shdr.e32 = 365 &elf->state.elf32.shdr[cnt]; 366 if (likely (elf->state.elf32.shdr[cnt].sh_offset < maxsize) 367 && likely (elf->state.elf32.shdr[cnt].sh_size 368 <= maxsize - elf->state.elf32.shdr[cnt].sh_offset)) 369 elf->state.elf32.scns.data[cnt].rawdata_base = 370 elf->state.elf32.scns.data[cnt].data_base = 371 ((char *) map_address + offset 372 + elf->state.elf32.shdr[cnt].sh_offset); 373 elf->state.elf32.scns.data[cnt].list = &elf->state.elf32.scns; 374 375 /* If this is a section with an extended index add a 376 reference in the section which uses the extended 377 index. */ 378 if (elf->state.elf32.shdr[cnt].sh_type == SHT_SYMTAB_SHNDX 379 && elf->state.elf32.shdr[cnt].sh_link < scncnt) 380 elf->state.elf32.scns.data[elf->state.elf32.shdr[cnt].sh_link].shndx_index 381 = cnt; 382 383 /* Set the own shndx_index field in case it has not yet 384 been set. */ 385 if (elf->state.elf32.scns.data[cnt].shndx_index == 0) 386 elf->state.elf32.scns.data[cnt].shndx_index = -1; 387 } 388 } 389 else 390 { 391 for (size_t cnt = 0; cnt < scncnt; ++cnt) 392 { 393 elf->state.elf32.scns.data[cnt].index = cnt; 394 elf->state.elf32.scns.data[cnt].elf = elf; 395 elf->state.elf32.scns.data[cnt].list = &elf->state.elf32.scns; 396 } 397 } 398 399 /* So far only one block with sections. */ 400 elf->state.elf32.scns_last = &elf->state.elf32.scns; 401 } 402 else 403 { 404 /* This pointer might not be directly usable if the alignment is 405 not sufficient for the architecture. */ 406 Elf64_Ehdr *ehdr = (Elf64_Ehdr *) ((char *) map_address + offset); 407 408 /* This is a 64-bit binary. */ 409 if (map_address != NULL && e_ident[EI_DATA] == MY_ELFDATA 410 && (ALLOW_UNALIGNED 411 || (((uintptr_t) ehdr) & (__alignof__ (Elf64_Ehdr) - 1)) == 0)) 412 { 413 /* We can use the mmapped memory. */ 414 elf->state.elf64.ehdr = ehdr; 415 } 416 else 417 { 418 /* Copy the ELF header. */ 419 elf->state.elf64.ehdr = memcpy (&elf->state.elf64.ehdr_mem, e_ident, 420 sizeof (Elf64_Ehdr)); 421 422 if (e_ident[EI_DATA] != MY_ELFDATA) 423 { 424 CONVERT (elf->state.elf64.ehdr_mem.e_type); 425 CONVERT (elf->state.elf64.ehdr_mem.e_machine); 426 CONVERT (elf->state.elf64.ehdr_mem.e_version); 427 CONVERT (elf->state.elf64.ehdr_mem.e_entry); 428 CONVERT (elf->state.elf64.ehdr_mem.e_phoff); 429 CONVERT (elf->state.elf64.ehdr_mem.e_shoff); 430 CONVERT (elf->state.elf64.ehdr_mem.e_flags); 431 CONVERT (elf->state.elf64.ehdr_mem.e_ehsize); 432 CONVERT (elf->state.elf64.ehdr_mem.e_phentsize); 433 CONVERT (elf->state.elf64.ehdr_mem.e_phnum); 434 CONVERT (elf->state.elf64.ehdr_mem.e_shentsize); 435 CONVERT (elf->state.elf64.ehdr_mem.e_shnum); 436 CONVERT (elf->state.elf64.ehdr_mem.e_shstrndx); 437 } 438 } 439 440 /* Don't precache the phdr pointer here. 441 elf64_getphdr will validate it against the size when asked. */ 442 443 Elf64_Off e_shoff = elf->state.elf64.ehdr->e_shoff; 444 if (map_address != NULL && e_ident[EI_DATA] == MY_ELFDATA 445 && cmd != ELF_C_READ_MMAP /* We need a copy to be able to write. */ 446 && (ALLOW_UNALIGNED 447 || (((uintptr_t) ((char *) ehdr + e_shoff) 448 & (__alignof__ (Elf64_Shdr) - 1)) == 0))) 449 { 450 if (unlikely (e_shoff >= maxsize) 451 || unlikely (maxsize - e_shoff 452 < scncnt * sizeof (Elf64_Shdr))) 453 goto free_and_out; 454 elf->state.elf64.shdr 455 = (Elf64_Shdr *) ((char *) ehdr + e_shoff); 456 457 for (size_t cnt = 0; cnt < scncnt; ++cnt) 458 { 459 elf->state.elf64.scns.data[cnt].index = cnt; 460 elf->state.elf64.scns.data[cnt].elf = elf; 461 elf->state.elf64.scns.data[cnt].shdr.e64 = 462 &elf->state.elf64.shdr[cnt]; 463 if (likely (elf->state.elf64.shdr[cnt].sh_offset < maxsize) 464 && likely (elf->state.elf64.shdr[cnt].sh_size 465 <= maxsize - elf->state.elf64.shdr[cnt].sh_offset)) 466 elf->state.elf64.scns.data[cnt].rawdata_base = 467 elf->state.elf64.scns.data[cnt].data_base = 468 ((char *) map_address + offset 469 + elf->state.elf64.shdr[cnt].sh_offset); 470 elf->state.elf64.scns.data[cnt].list = &elf->state.elf64.scns; 471 472 /* If this is a section with an extended index add a 473 reference in the section which uses the extended 474 index. */ 475 if (elf->state.elf64.shdr[cnt].sh_type == SHT_SYMTAB_SHNDX 476 && elf->state.elf64.shdr[cnt].sh_link < scncnt) 477 elf->state.elf64.scns.data[elf->state.elf64.shdr[cnt].sh_link].shndx_index 478 = cnt; 479 480 /* Set the own shndx_index field in case it has not yet 481 been set. */ 482 if (elf->state.elf64.scns.data[cnt].shndx_index == 0) 483 elf->state.elf64.scns.data[cnt].shndx_index = -1; 484 } 485 } 486 else 487 { 488 for (size_t cnt = 0; cnt < scncnt; ++cnt) 489 { 490 elf->state.elf64.scns.data[cnt].index = cnt; 491 elf->state.elf64.scns.data[cnt].elf = elf; 492 elf->state.elf64.scns.data[cnt].list = &elf->state.elf64.scns; 493 } 494 } 495 496 /* So far only one block with sections. */ 497 elf->state.elf64.scns_last = &elf->state.elf64.scns; 498 } 499 500 return elf; 501 } 502 503 504 Elf * 505 internal_function 506 __libelf_read_mmaped_file (int fildes, void *map_address, off_t offset, 507 size_t maxsize, Elf_Cmd cmd, Elf *parent) 508 { 509 /* We have to find out what kind of file this is. We handle ELF 510 files and archives. To find out what we have we must look at the 511 header. The header for an ELF file is EI_NIDENT bytes in size, 512 the header for an archive file SARMAG bytes long. */ 513 unsigned char *e_ident = (unsigned char *) map_address + offset; 514 515 /* See what kind of object we have here. */ 516 Elf_Kind kind = determine_kind (e_ident, maxsize); 517 518 switch (kind) 519 { 520 case ELF_K_ELF: 521 return file_read_elf (fildes, map_address, e_ident, offset, maxsize, 522 cmd, parent); 523 524 case ELF_K_AR: 525 return file_read_ar (fildes, map_address, offset, maxsize, cmd, parent); 526 527 default: 528 break; 529 } 530 531 /* This case is easy. Since we cannot do anything with this file 532 create a dummy descriptor. */ 533 return allocate_elf (fildes, map_address, offset, maxsize, cmd, parent, 534 ELF_K_NONE, 0); 535 } 536 537 538 static Elf * 539 read_unmmaped_file (int fildes, off_t offset, size_t maxsize, Elf_Cmd cmd, 540 Elf *parent) 541 { 542 /* We have to find out what kind of file this is. We handle ELF 543 files and archives. To find out what we have we must read the 544 header. The identification header for an ELF file is EI_NIDENT 545 bytes in size, but we read the whole ELF header since we will 546 need it anyway later. For archives the header in SARMAG bytes 547 long. Read the maximum of these numbers. 548 549 XXX We have to change this for the extended `ar' format some day. 550 551 Use a union to ensure alignment. We might later access the 552 memory as a ElfXX_Ehdr. */ 553 union 554 { 555 Elf64_Ehdr ehdr; 556 unsigned char header[MAX (sizeof (Elf64_Ehdr), SARMAG)]; 557 } mem; 558 559 /* Read the head of the file. */ 560 ssize_t nread = pread_retry (fildes, mem.header, 561 MIN (MAX (sizeof (Elf64_Ehdr), SARMAG), 562 maxsize), 563 offset); 564 if (unlikely (nread == -1)) 565 { 566 /* We cannot even read the head of the file. Maybe FILDES is associated 567 with an unseekable device. This is nothing we can handle. */ 568 __libelf_seterrno (ELF_E_INVALID_FILE); 569 return NULL; 570 } 571 572 /* See what kind of object we have here. */ 573 Elf_Kind kind = determine_kind (mem.header, nread); 574 575 switch (kind) 576 { 577 case ELF_K_AR: 578 return file_read_ar (fildes, NULL, offset, maxsize, cmd, parent); 579 580 case ELF_K_ELF: 581 /* Make sure at least the ELF header is contained in the file. */ 582 if ((size_t) nread >= (mem.header[EI_CLASS] == ELFCLASS32 583 ? sizeof (Elf32_Ehdr) : sizeof (Elf64_Ehdr))) 584 return file_read_elf (fildes, NULL, mem.header, offset, maxsize, cmd, 585 parent); 586 /* FALLTHROUGH */ 587 588 default: 589 break; 590 } 591 592 /* This case is easy. Since we cannot do anything with this file 593 create a dummy descriptor. */ 594 return allocate_elf (fildes, NULL, offset, maxsize, cmd, parent, 595 ELF_K_NONE, 0); 596 } 597 598 599 /* Open a file for reading. If possible we will try to mmap() the file. */ 600 static struct Elf * 601 read_file (int fildes, off_t offset, size_t maxsize, 602 Elf_Cmd cmd, Elf *parent) 603 { 604 void *map_address = NULL; 605 int use_mmap = (cmd == ELF_C_READ_MMAP || cmd == ELF_C_RDWR_MMAP 606 || cmd == ELF_C_WRITE_MMAP 607 || cmd == ELF_C_READ_MMAP_PRIVATE); 608 609 if (use_mmap) 610 { 611 if (parent == NULL) 612 { 613 if (maxsize == ~((size_t) 0)) 614 { 615 /* We don't know in the moment how large the file is. 616 Determine it now. */ 617 struct stat st; 618 619 if (fstat (fildes, &st) == 0 620 && (sizeof (size_t) >= sizeof (st.st_size) 621 || st.st_size <= ~((size_t) 0))) 622 maxsize = (size_t) st.st_size; 623 } 624 625 /* We try to map the file ourself. */ 626 map_address = mmap (NULL, maxsize, (cmd == ELF_C_READ_MMAP 627 ? PROT_READ 628 : PROT_READ|PROT_WRITE), 629 cmd == ELF_C_READ_MMAP_PRIVATE 630 || cmd == ELF_C_READ_MMAP 631 ? MAP_PRIVATE : MAP_SHARED, 632 fildes, offset); 633 634 if (map_address == MAP_FAILED) 635 map_address = NULL; 636 } 637 else 638 { 639 /* The parent is already loaded. Use it. */ 640 assert (maxsize != ~((size_t) 0)); 641 642 map_address = parent->map_address; 643 } 644 } 645 646 /* If we have the file in memory optimize the access. */ 647 if (map_address != NULL) 648 { 649 assert (map_address != MAP_FAILED); 650 651 struct Elf *result = __libelf_read_mmaped_file (fildes, map_address, 652 offset, maxsize, cmd, 653 parent); 654 655 /* If something went wrong during the initialization unmap the 656 memory if we mmaped here. */ 657 if (result == NULL 658 && (parent == NULL 659 || parent->map_address != map_address)) 660 munmap (map_address, maxsize); 661 else if (parent == NULL) 662 /* Remember that we mmap()ed the memory. */ 663 result->flags |= ELF_F_MMAPPED; 664 665 return result; 666 } 667 668 /* Otherwise we have to do it the hard way. We read as much as necessary 669 from the file whenever we need information which is not available. */ 670 return read_unmmaped_file (fildes, offset, maxsize, cmd, parent); 671 } 672 673 674 /* Find the entry with the long names for the content of this archive. */ 675 static const char * 676 read_long_names (Elf *elf) 677 { 678 off_t offset = SARMAG; /* This is the first entry. */ 679 struct ar_hdr hdrm; 680 struct ar_hdr *hdr; 681 char *newp; 682 size_t len; 683 684 while (1) 685 { 686 if (elf->map_address != NULL) 687 { 688 if ((size_t) offset > elf->maximum_size 689 || elf->maximum_size - offset < sizeof (struct ar_hdr)) 690 return NULL; 691 692 /* The data is mapped. */ 693 hdr = (struct ar_hdr *) (elf->map_address + offset); 694 } 695 else 696 { 697 /* Read the header from the file. */ 698 if (unlikely (pread_retry (elf->fildes, &hdrm, sizeof (hdrm), 699 elf->start_offset + offset) 700 != sizeof (hdrm))) 701 return NULL; 702 703 hdr = &hdrm; 704 } 705 706 len = atol (hdr->ar_size); 707 708 if (memcmp (hdr->ar_name, "// ", 16) == 0) 709 break; 710 711 offset += sizeof (struct ar_hdr) + ((len + 1) & ~1l); 712 } 713 714 /* Due to the stupid format of the long name table entry (which are not 715 NUL terminted) we have to provide an appropriate representation anyhow. 716 Therefore we always make a copy which has the appropriate form. */ 717 newp = (char *) malloc (len); 718 if (newp != NULL) 719 { 720 char *runp; 721 722 if (elf->map_address != NULL) 723 { 724 if (len > elf->maximum_size - offset - sizeof (struct ar_hdr)) 725 goto too_much; 726 /* Simply copy it over. */ 727 elf->state.ar.long_names = (char *) memcpy (newp, 728 elf->map_address + offset 729 + sizeof (struct ar_hdr), 730 len); 731 } 732 else 733 { 734 if (unlikely ((size_t) pread_retry (elf->fildes, newp, len, 735 elf->start_offset + offset 736 + sizeof (struct ar_hdr)) 737 != len)) 738 { 739 too_much: 740 /* We were not able to read all data. */ 741 free (newp); 742 elf->state.ar.long_names = NULL; 743 return NULL; 744 } 745 elf->state.ar.long_names = newp; 746 } 747 748 elf->state.ar.long_names_len = len; 749 750 /* Now NUL-terminate the strings. */ 751 runp = newp; 752 while (1) 753 { 754 char *startp = runp; 755 runp = (char *) memchr (runp, '/', newp + len - runp); 756 if (runp == NULL) 757 { 758 /* This was the last entry. Clear any left overs. */ 759 memset (startp, '\0', newp + len - startp); 760 break; 761 } 762 763 /* NUL-terminate the string. */ 764 *runp++ = '\0'; 765 766 /* A sanity check. Somebody might have generated invalid 767 archive. */ 768 if (runp >= newp + len) 769 break; 770 } 771 } 772 773 return newp; 774 } 775 776 777 /* Read the next archive header. */ 778 int 779 internal_function 780 __libelf_next_arhdr_wrlock (Elf *elf) 781 { 782 struct ar_hdr *ar_hdr; 783 Elf_Arhdr *elf_ar_hdr; 784 785 if (elf->map_address != NULL) 786 { 787 /* See whether this entry is in the file. */ 788 if (unlikely ((size_t) elf->state.ar.offset 789 > elf->start_offset + elf->maximum_size 790 || (elf->start_offset + elf->maximum_size 791 - elf->state.ar.offset) < sizeof (struct ar_hdr))) 792 { 793 /* This record is not anymore in the file. */ 794 __libelf_seterrno (ELF_E_RANGE); 795 return -1; 796 } 797 ar_hdr = (struct ar_hdr *) (elf->map_address + elf->state.ar.offset); 798 } 799 else 800 { 801 ar_hdr = &elf->state.ar.ar_hdr; 802 803 if (unlikely (pread_retry (elf->fildes, ar_hdr, sizeof (struct ar_hdr), 804 elf->state.ar.offset) 805 != sizeof (struct ar_hdr))) 806 { 807 /* Something went wrong while reading the file. */ 808 __libelf_seterrno (ELF_E_RANGE); 809 return -1; 810 } 811 } 812 813 /* One little consistency check. */ 814 if (unlikely (memcmp (ar_hdr->ar_fmag, ARFMAG, 2) != 0)) 815 { 816 /* This is no valid archive. */ 817 __libelf_seterrno (ELF_E_ARCHIVE_FMAG); 818 return -1; 819 } 820 821 /* Copy the raw name over to a NUL terminated buffer. */ 822 *((char *) mempcpy (elf->state.ar.raw_name, ar_hdr->ar_name, 16)) = '\0'; 823 824 elf_ar_hdr = &elf->state.ar.elf_ar_hdr; 825 826 /* Now convert the `struct ar_hdr' into `Elf_Arhdr'. 827 Determine whether this is a special entry. */ 828 if (ar_hdr->ar_name[0] == '/') 829 { 830 if (ar_hdr->ar_name[1] == ' ' 831 && memcmp (ar_hdr->ar_name, "/ ", 16) == 0) 832 /* This is the index. */ 833 elf_ar_hdr->ar_name = memcpy (elf->state.ar.ar_name, "/", 2); 834 else if (ar_hdr->ar_name[1] == 'S' 835 && memcmp (ar_hdr->ar_name, "/SYM64/ ", 16) == 0) 836 /* 64-bit index. */ 837 elf_ar_hdr->ar_name = memcpy (elf->state.ar.ar_name, "/SYM64/", 8); 838 else if (ar_hdr->ar_name[1] == '/' 839 && memcmp (ar_hdr->ar_name, "// ", 16) == 0) 840 /* This is the array with the long names. */ 841 elf_ar_hdr->ar_name = memcpy (elf->state.ar.ar_name, "//", 3); 842 else if (likely (isdigit (ar_hdr->ar_name[1]))) 843 { 844 size_t offset; 845 846 /* This is a long name. First we have to read the long name 847 table, if this hasn't happened already. */ 848 if (unlikely (elf->state.ar.long_names == NULL 849 && read_long_names (elf) == NULL)) 850 { 851 /* No long name table although it is reference. The archive is 852 broken. */ 853 __libelf_seterrno (ELF_E_INVALID_ARCHIVE); 854 return -1; 855 } 856 857 offset = atol (ar_hdr->ar_name + 1); 858 if (unlikely (offset >= elf->state.ar.long_names_len)) 859 { 860 /* The index in the long name table is larger than the table. */ 861 __libelf_seterrno (ELF_E_INVALID_ARCHIVE); 862 return -1; 863 } 864 elf_ar_hdr->ar_name = elf->state.ar.long_names + offset; 865 } 866 else 867 { 868 /* This is none of the known special entries. */ 869 __libelf_seterrno (ELF_E_INVALID_ARCHIVE); 870 return -1; 871 } 872 } 873 else 874 { 875 char *endp; 876 877 /* It is a normal entry. Copy over the name. */ 878 endp = (char *) memccpy (elf->state.ar.ar_name, ar_hdr->ar_name, 879 '/', 16); 880 if (endp != NULL) 881 endp[-1] = '\0'; 882 else 883 { 884 /* In the old BSD style of archive, there is no / terminator. 885 Instead, there is space padding at the end of the name. */ 886 size_t i = 15; 887 do 888 elf->state.ar.ar_name[i] = '\0'; 889 while (i > 0 && elf->state.ar.ar_name[--i] == ' '); 890 } 891 892 elf_ar_hdr->ar_name = elf->state.ar.ar_name; 893 } 894 895 if (unlikely (ar_hdr->ar_size[0] == ' ')) 896 /* Something is really wrong. We cannot live without a size for 897 the member since it will not be possible to find the next 898 archive member. */ 899 { 900 __libelf_seterrno (ELF_E_INVALID_ARCHIVE); 901 return -1; 902 } 903 904 /* Since there are no specialized functions to convert ASCII to 905 time_t, uid_t, gid_t, mode_t, and off_t we use either atol or 906 atoll depending on the size of the types. We are also prepared 907 for the case where the whole field in the `struct ar_hdr' is 908 filled in which case we cannot simply use atol/l but instead have 909 to create a temporary copy. */ 910 911 #define INT_FIELD(FIELD) \ 912 do \ 913 { \ 914 char buf[sizeof (ar_hdr->FIELD) + 1]; \ 915 const char *string = ar_hdr->FIELD; \ 916 if (ar_hdr->FIELD[sizeof (ar_hdr->FIELD) - 1] != ' ') \ 917 { \ 918 *((char *) mempcpy (buf, ar_hdr->FIELD, sizeof (ar_hdr->FIELD))) \ 919 = '\0'; \ 920 string = buf; \ 921 } \ 922 if (sizeof (elf_ar_hdr->FIELD) <= sizeof (long int)) \ 923 elf_ar_hdr->FIELD = (__typeof (elf_ar_hdr->FIELD)) atol (string); \ 924 else \ 925 elf_ar_hdr->FIELD = (__typeof (elf_ar_hdr->FIELD)) atoll (string); \ 926 } \ 927 while (0) 928 929 INT_FIELD (ar_date); 930 INT_FIELD (ar_uid); 931 INT_FIELD (ar_gid); 932 INT_FIELD (ar_mode); 933 INT_FIELD (ar_size); 934 935 if (elf_ar_hdr->ar_size < 0) 936 { 937 __libelf_seterrno (ELF_E_INVALID_ARCHIVE); 938 return -1; 939 } 940 941 /* Truncated file? */ 942 size_t maxsize; 943 maxsize = (elf->start_offset + elf->maximum_size 944 - elf->state.ar.offset - sizeof (struct ar_hdr)); 945 if ((size_t) elf_ar_hdr->ar_size > maxsize) 946 elf_ar_hdr->ar_size = maxsize; 947 948 return 0; 949 } 950 951 952 /* We were asked to return a clone of an existing descriptor. This 953 function must be called with the lock on the parent descriptor 954 being held. */ 955 static Elf * 956 dup_elf (int fildes, Elf_Cmd cmd, Elf *ref) 957 { 958 struct Elf *result; 959 960 if (fildes == -1) 961 /* Allow the user to pass -1 as the file descriptor for the new file. */ 962 fildes = ref->fildes; 963 /* The file descriptor better should be the same. If it was disconnected 964 already (using `elf_cntl') we do not test it. */ 965 else if (unlikely (ref->fildes != -1 && fildes != ref->fildes)) 966 { 967 __libelf_seterrno (ELF_E_FD_MISMATCH); 968 return NULL; 969 } 970 971 /* The mode must allow reading. I.e., a descriptor creating with a 972 command different then ELF_C_READ, ELF_C_WRITE and ELF_C_RDWR is 973 not allowed. */ 974 if (unlikely (ref->cmd != ELF_C_READ && ref->cmd != ELF_C_READ_MMAP 975 && ref->cmd != ELF_C_WRITE && ref->cmd != ELF_C_WRITE_MMAP 976 && ref->cmd != ELF_C_RDWR && ref->cmd != ELF_C_RDWR_MMAP 977 && ref->cmd != ELF_C_READ_MMAP_PRIVATE)) 978 { 979 __libelf_seterrno (ELF_E_INVALID_OP); 980 return NULL; 981 } 982 983 /* Now it is time to distinguish between reading normal files and 984 archives. Normal files can easily be handled be incrementing the 985 reference counter and return the same descriptor. */ 986 if (ref->kind != ELF_K_AR) 987 { 988 ++ref->ref_count; 989 return ref; 990 } 991 992 /* This is an archive. We must create a descriptor for the archive 993 member the internal pointer of the archive file desriptor is 994 pointing to. First read the header of the next member if this 995 has not happened already. */ 996 if (ref->state.ar.elf_ar_hdr.ar_name == NULL 997 && __libelf_next_arhdr_wrlock (ref) != 0) 998 /* Something went wrong. Maybe there is no member left. */ 999 return NULL; 1000 1001 /* We have all the information we need about the next archive member. 1002 Now create a descriptor for it. */ 1003 result = read_file (fildes, ref->state.ar.offset + sizeof (struct ar_hdr), 1004 ref->state.ar.elf_ar_hdr.ar_size, cmd, ref); 1005 1006 /* Enlist this new descriptor in the list of children. */ 1007 if (result != NULL) 1008 { 1009 result->next = ref->state.ar.children; 1010 ref->state.ar.children = result; 1011 } 1012 1013 return result; 1014 } 1015 1016 1017 /* Return desriptor for empty file ready for writing. */ 1018 static struct Elf * 1019 write_file (int fd, Elf_Cmd cmd) 1020 { 1021 /* We simply create an empty `Elf' structure. */ 1022 #define NSCNSALLOC 10 1023 Elf *result = allocate_elf (fd, NULL, 0, 0, cmd, NULL, ELF_K_ELF, 1024 NSCNSALLOC * sizeof (Elf_Scn)); 1025 1026 if (result != NULL) 1027 { 1028 /* We have to write to the file in any case. */ 1029 result->flags = ELF_F_DIRTY; 1030 1031 /* Some more or less arbitrary value. */ 1032 result->state.elf.scnincr = NSCNSALLOC; 1033 1034 /* We have allocated room for some sections. */ 1035 assert (offsetof (struct Elf, state.elf32.scns) 1036 == offsetof (struct Elf, state.elf64.scns)); 1037 result->state.elf.scns_last = &result->state.elf32.scns; 1038 result->state.elf32.scns.max = NSCNSALLOC; 1039 } 1040 1041 return result; 1042 } 1043 1044 /* Lock if necessary before dup an archive. */ 1045 static inline Elf * 1046 lock_dup_elf (int fildes, Elf_Cmd cmd, Elf *ref) 1047 { 1048 /* We need wrlock to dup an archive. */ 1049 if (ref->kind == ELF_K_AR) 1050 { 1051 rwlock_unlock (ref->lock); 1052 rwlock_wrlock (ref->lock); 1053 } 1054 /* Duplicate the descriptor. */ 1055 return dup_elf (fildes, cmd, ref); 1056 } 1057 1058 /* Return a descriptor for the file belonging to FILDES. */ 1059 Elf * 1060 elf_begin (int fildes, Elf_Cmd cmd, Elf *ref) 1061 { 1062 Elf *retval; 1063 1064 if (unlikely (! __libelf_version_initialized)) 1065 { 1066 /* Version wasn't set so far. */ 1067 __libelf_seterrno (ELF_E_NO_VERSION); 1068 return NULL; 1069 } 1070 1071 if (ref != NULL) 1072 /* Make sure the descriptor is not suddenly going away. */ 1073 rwlock_rdlock (ref->lock); 1074 else if (unlikely (fcntl (fildes, F_GETFL) == -1 && errno == EBADF)) 1075 { 1076 /* We cannot do anything productive without a file descriptor. */ 1077 __libelf_seterrno (ELF_E_INVALID_FILE); 1078 return NULL; 1079 } 1080 1081 switch (cmd) 1082 { 1083 case ELF_C_NULL: 1084 /* We simply return a NULL pointer. */ 1085 retval = NULL; 1086 break; 1087 1088 case ELF_C_READ_MMAP_PRIVATE: 1089 /* If we have a reference it must also be opened this way. */ 1090 if (unlikely (ref != NULL && ref->cmd != ELF_C_READ_MMAP_PRIVATE)) 1091 { 1092 __libelf_seterrno (ELF_E_INVALID_CMD); 1093 retval = NULL; 1094 break; 1095 } 1096 /* FALLTHROUGH */ 1097 1098 case ELF_C_READ: 1099 case ELF_C_READ_MMAP: 1100 if (ref != NULL) 1101 retval = lock_dup_elf (fildes, cmd, ref); 1102 else 1103 /* Create descriptor for existing file. */ 1104 retval = read_file (fildes, 0, ~((size_t) 0), cmd, NULL); 1105 break; 1106 1107 case ELF_C_RDWR: 1108 case ELF_C_RDWR_MMAP: 1109 /* If we have a REF object it must also be opened using this 1110 command. */ 1111 if (ref != NULL) 1112 { 1113 if (unlikely (ref->cmd != ELF_C_RDWR && ref->cmd != ELF_C_RDWR_MMAP 1114 && ref->cmd != ELF_C_WRITE 1115 && ref->cmd != ELF_C_WRITE_MMAP)) 1116 { 1117 /* This is not ok. REF must also be opened for writing. */ 1118 __libelf_seterrno (ELF_E_INVALID_CMD); 1119 retval = NULL; 1120 } 1121 else 1122 retval = lock_dup_elf (fildes, cmd, ref); 1123 } 1124 else 1125 /* Create descriptor for existing file. */ 1126 retval = read_file (fildes, 0, ~((size_t) 0), cmd, NULL); 1127 break; 1128 1129 case ELF_C_WRITE: 1130 case ELF_C_WRITE_MMAP: 1131 /* We ignore REF and prepare a descriptor to write a new file. */ 1132 retval = write_file (fildes, cmd); 1133 break; 1134 1135 default: 1136 __libelf_seterrno (ELF_E_INVALID_CMD); 1137 retval = NULL; 1138 break; 1139 } 1140 1141 /* Release the lock. */ 1142 if (ref != NULL) 1143 rwlock_unlock (ref->lock); 1144 1145 return retval; 1146 } 1147 INTDEF(elf_begin) 1148
