Mark Wielaard [Wed, 6 May 2015 10:55:21 +0000 (12:55 +0200)]
libdw: Detect line number overflow in dwarf_getsrclines on 32bit.
We do check whether the values we store for the line fit our data
representation in add_new_line, but on 32bit systems we would fail
to notice line overflowing.
Mark Wielaard [Sat, 3 Jan 2015 22:02:17 +0000 (23:02 +0100)]
libelf: Make sure version xlate dest buffer is fully defined.
https://bugzilla.redhat.com/show_bug.cgi?id=1170810#c16
contains an example of usage of undefined memory when version section
data needs to be translated, but the version xlate functions detect they
cannot fully transform the section data. To make sure the dest buffer
data is completely defined this patch makes sure all data is moved
from src to dest first. This is somewhat inefficient since normally
all data will be fully converted. But the translation functions have
no way to indicate only partial data was converted.
Reported-by: Alexander Cherepanov <cherepan@mccme.ru> Signed-off-by: Mark Wielaard <mjw@redhat.com>
argp is not part of POSIX standards and not provided by uClibc or
some other standard C libraries. However, it is possible to link
against a breakout argp library. One is provided at
http://www.lysator.liu.se/~nisse/misc/
This patch tests if libc provides argp otherwise it adds the linker
flag -largp where needed in the build system.
Signed-off-by: Anthony G. Basile <blueness@gentoo.org> Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Mark Wielaard [Fri, 1 May 2015 07:23:57 +0000 (09:23 +0200)]
configure: print feature settings overview
elfutils can be configured in various ways. But we expect certain
settings for the features that we explicitly support. Print an
overview of all settings, plus their recommended setting, at the
end of the configure run.
RECOMMENDED FEATURES (should all be yes)
gzip support : yes
bzip2 support : yes
lzma/xz support : yes
libstdc++ demangle support : yes
File textrel check : yes
Symbol versioning : yes
NOT RECOMMENDED FEATURES (should all be no)
Experimental thread safety : no
OTHER FEATURES
Deterministic archives by default : false
Native language support : yes
EXTRA TEST FEATURES (used with make check)
debug branch prediction : no
gprof support : no
gcov support : no
run all tests under valgrind : no
use rpath in tests : no
test biarch : yes
Mark Wielaard [Wed, 22 Apr 2015 10:47:46 +0000 (12:47 +0200)]
readelf: Fix cie_offset calculation comparison on 32bit.
gcc -fsanitize=undefined pointed out that on 32bit systems the calculation
to match the cie_offset to the cie_id could be undefined because a cie_id
could be an unsigned 64bit value while ptrdiff_t is only 32bits. Correct
the calculation to use 64bit values.
Mark Wielaard [Wed, 22 Apr 2015 10:28:30 +0000 (12:28 +0200)]
libdw: Undefined behavior in get_sleb128_step.
gcc -fsanitize=undefined pointed out that for too big sleb128 values we
could shift into the sign bit. So for sleb128 values that have to fit
in a (signed) int64_t variable reduce the max number of steps by one.
Mark Wielaard [Fri, 17 Apr 2015 20:24:41 +0000 (22:24 +0200)]
readelf: Always try to print some debug section information.
Even if we cannot create a proper Dwarf dbg we can still print the
information of various debug sections. All all debug print section
functions already check first they can access the appropriate data.
Max Filippov [Thu, 23 Apr 2015 18:46:59 +0000 (20:46 +0200)]
Allow disabling symbol versioning at configure time
Due to missing symbol versioning support in uClibc calls to versioned
functions that internally call different version of themselves results
in infinite recursion.
Introduce macro SYMBOL_VERSIONING and use it instead of plain SHARED to
decide whether symbol versioning is needed. Control this macro
definition with new configure option --disable-symbol-versioning.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com> Signed-off-by: Mark Wielaard <mjw@redhat.com>
Mark Wielaard [Tue, 21 Apr 2015 13:46:01 +0000 (15:46 +0200)]
libdw: Don't overflow stack with user defined macro attributes array.
In theory user defined debug macros can have an arbitrary number of
arguments. Don't allocate them all on stack. If there are more than
8 (arbitrary number, but no sane macro should have more arguments),
then dynamically allocate and free the attributes.
Found by gcc -fsanitize=undefined. Which pointed out the nforms could
be zero, creating an empty vla (which could cause undefined behavior).
Mark Wielaard [Tue, 14 Apr 2015 08:18:37 +0000 (10:18 +0200)]
configure: Add explicit checks for all GNU99 extensions used.
Some compilers (clang) claim to support -std=gnu99 but don't actually
implement all extensions we use in the code. Producing really hard to
parse errors. Add explicit checks for some of the other language
extensions we use, Nested Functions and Arrays of Variable Length,
to the configure check to catch such issues early.
Mark Wielaard [Tue, 31 Mar 2015 09:33:53 +0000 (11:33 +0200)]
libdwfl: Special case core_file_read_eagerly for small ELF images.
Small ELF images, like linux-gate or linux-vdso, might be available in the
core file, but not on disk, even if we have a build-id. If the whole image
is small enough try to read them in from the core file to make sure symbols
and unwind information are always available for them. We would already map
them in if the core file was opened with ELF_C_READ_MMAP.
H.J. Lu [Thu, 12 Mar 2015 21:51:42 +0000 (14:51 -0700)]
backends: Add x32_corenote.c
This patch adds x32_corenote.c to support x32 coredump. X32 coredump is
a hybrid between ia32 coredump and x86-64 coredump. The exact formats
are described in bfd/hosts/x86-64linux.h in GNU binutils source tree.
Petr Machata [Wed, 18 Mar 2015 18:42:02 +0000 (19:42 +0100)]
Publish known-dwarf.h
- Make the macro names properly scoped (DWARF_ALL_KNOWN_* and
DWARF_ONE_KNOWN_*).
- Simplify the calling convention: don't keep track of the comment
associated with the enumerator, always use the non-_DESC
DWARF_ONE_KNOWN_* callback.
- Install known-dwarf.h alongside libdw.h and others.
Mark Wielaard [Mon, 23 Mar 2015 21:19:12 +0000 (22:19 +0100)]
libelf: Don't extend ELF file size with SHT_NOBITS sh_offset.
Don't explicitly extend the file size for SHT_NOBITS sections. Since
that could cause a size beyond any actual file content it will cause
issues when the underlying ELF file has been mmapped or will extend
the file size to increase (writing fill bytes) when not mmapped. The
sh_offset value is essentially meaningless for SHT_NOBITS. gabi says
that a NOBITS section sh_offset member locates the "conceptual
placement" in the file. But it doesn't say this cannot be beyond the
enf of the file. When ELF_F_LAYOUT is set we should trust sh_offset
as given is what is wanted for an SHT_NOBITS section without extending
the file size.
Buggy binutils ld could generate files where SHT_NOBITS sections have
sh_offset outside the file.
https://sourceware.org/bugzilla/show_bug.cgi?id=12921
Mark Wielaard [Mon, 23 Mar 2015 14:08:27 +0000 (15:08 +0100)]
backends: aarch64 can have _GLOBAL_OFFSET_TABLE_ point anywhere in .got.
When building with relro aarch64 splits .got in a writable and read-only
part. _GLOBAL_OFFSET_TABLE_ points to the first writable symbol, not the
start of .got.
Mark Wielaard [Mon, 9 Mar 2015 15:41:48 +0000 (16:41 +0100)]
elflint: Correct gnu_symbias usage in compare_hash_gnu_hash.
commit 0a545e "elflint: Add various low-level checks." introduced a bug
in the handling of the gnu_symbias. The symbol in the bucket should first
be compared to STN_UNDEF before applying the bias. And the used symbol
index should have the bias added when compared against plain hash symbol.
Mark Wielaard [Wed, 18 Feb 2015 19:51:40 +0000 (20:51 +0100)]
libelf: Make __libelf_set_data_list_rdlock an internal_function.
__libelf_set_data_list_rdlock from elf_getdata.c is marked as an
internal_function in the implementation, but not in libelfP.h when it
is declared. Add internal_function to the declaration. This broke
the i686 build.
Reported-by: Alexander Cherepanov <ch3root@openwall.com> Signed-off-by: Mark Wielaard <mjw@redhat.com>
Josh Stone [Wed, 11 Feb 2015 21:53:14 +0000 (13:53 -0800)]
libdw: ensure read_encoded_value's value is set
With CFLAGS='-Og -g', F21 gcc hits -Werror=maybe-uninitialized in
read_encoded_value at "*result += value". It's fine with -O2/-O0.
In particular it seems to care about the __libdw_cfi_read_address_inc
calls. By my inspection, the only way those don't set value are for
error cases, which will then return immediately. This patch just sets
value = 0 to begin with, so gcc is always convinced it's fine.
Petr Machata [Wed, 11 Feb 2015 21:11:46 +0000 (22:11 +0100)]
dwarf_ranges: do not request base address attributes if not necessary
- Instead of bailing out at iteration start, we remember the
base-address-selecting attributes were not seen, and then bail out
later if no base address selection entry has been seen.
Jan Kratochvil [Sat, 7 Feb 2015 14:08:20 +0000 (15:08 +0100)]
libelf: Consider sh_addralign 0 as 1
Currently the Koji build for arm32 fails with:
extracting debug info from /builddir/build/BUILDROOT/etcd-2.0.0-0.3.rc1.fc22.arm/usr/bin/etcd
Failed to write file: invalid section alignment
This is because the binary etcd
http://people.redhat.com/jkratoch/etcdctl.xz
contains:
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[11] .rel.plt REL 00459ee0 449ee0 000088 08 A 13 0 0
^
which corresponds to golang's code:
go/src/cmd/ld/elf.c
case EM_X86_64:
sh = elfshname(".rela.plt");
sh->addralign = RegSize;
default:
sh = elfshname(".rel.plt");
<nothing>
ELF spec says:
Values 0 and 1 mean the section has no alignment constraints.
and libelf/elf32_updatenull.c really parses it that way at line 204
ElfW2(LIBELFBITS,Word) sh_align = shdr->sh_addralign ?: 1;
but unfortunately the later line being patched no longer does.
libelf/
2015-02-07 Jan Kratochvil <jan.kratochvil@redhat.com>
* elf32_updatenull.c (__elfw2(LIBELFBITS,updatenull_wrlock)): Consider
sh_addralign 0 as 1.
Signed-off-by: Jan Kratochvil <jan.kratochvil@redhat.com>
Mark Wielaard [Mon, 26 Jan 2015 15:34:57 +0000 (16:34 +0100)]
libdwfl: Clear symtab result on error before using find_dynsym fallback.
find_dynsym could succeed after find_symtab failed but had already set up
symdata, syments and first_global. find_dynsym would not set or clear
first_global since all syms in dynsym are global. Causing lots of failing
lookups when calling __libdwfl_addrsym if first_global was some huge
bogus value.
Reported-by: Hanno Böck <hanno@hboeck.de> Signed-off-by: Mark Wielaard <mjw@redhat.com>
Mark Wielaard [Thu, 22 Jan 2015 11:49:29 +0000 (12:49 +0100)]
libelf: Make sure string returned by elf_strptr is NUL terminated.
The result of elf_strptr is often used directly to print or strcmp
the string. If the section data was truncated or corrupted that could
lead to invalid memory reads possibly crashing the application.
https://bugzilla.redhat.com/show_bug.cgi?id=1170810#c24
Reported-by: Alexander Cherepanov <cherepan@mccme.ru> Signed-off-by: Mark Wielaard <mjw@redhat.com>
Mark Wielaard [Tue, 20 Jan 2015 20:55:55 +0000 (21:55 +0100)]
libelf: Fix elf_newdata when raw ELF file/image data is available.
When ELF data for a section has been read by elf_rawdata, data_read
and rawdata_base are set, but data_list_rear will not be set until the
data will be converted (by elf_getdata). elf_newdata would overwrite
the existing data in that case. Both elf_getdata and elf_update rely
on the fact that when data_list_rear is set they don't have to look
at the raw data anymore. So make sure we update the data list properly
before adding any new data and raw data is available in elf_newdata.
Add newdata test that calls elf_newdata before and after elf_rawdata
and elf_getdata and checks the new size and contents of the section.
Mark Wielaard [Tue, 20 Jan 2015 13:52:41 +0000 (14:52 +0100)]
libelf: elf_strptr should fetch the shdr for the section if not yet known.
elf_strptr might be called before the shdrs are read in. In that case it
needs to explicitly call __elf[32|64]_getshdr_rdlock to check the section
type and size. The new strptr testcase triggers this corner case and crashes
before the fix.
Mark Wielaard [Thu, 15 Jan 2015 12:39:06 +0000 (13:39 +0100)]
tests: Make deleted and vdsosyms testcases work with "restricted ptrace".
Some systems might have "restricted ptrace" that doesn't allow process
inspection of arbitrary processes. Change the deleted testcase to
explicitly allow any other process to inspect it using the PR_SET_PTRACER
prctl set to PR_SET_PTRACER_ANY. Change the vdsosyms testcase to inspect
the process itself which should always be allowed.
Reported-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Mark Wielaard <mjw@redhat.com>
Mark Wielaard [Wed, 24 Dec 2014 12:17:23 +0000 (13:17 +0100)]
libdw: Search for the last matching address with dwarf_getsrc_die.
In commit 7d9b5a dwfl_module_getsrc was changed so that it returns the last
line record <= addr, rather than returning immediately on a match. This
changes dwarf_getsrc_die to do the same. And it adds a new test that checks
this by comparing against the same results from eu-addr2line (which uses
dwfl_module_getsrc) using dwarf_addrdie and dwarf_getsrc_die instead.
Mark Wielaard [Sat, 27 Dec 2014 15:16:29 +0000 (16:16 +0100)]
libdwfl: dwfl_module_getsrc should never match end_sequence line.
The line with end_sequence set has an address outside the current line
sequence. An end_sequence line has no other useful information except
marking the address as out of range.
Two tests, addrscopes and funcscopes, depended on matching the end_sequence
line. But that was because they included the high_pc address in the scope.
However the high_pc attributes has as address the first location past the
range associated with a given DIE. Adjust the tests to use high_pc - 1 as
end of the scope.
Mark Wielaard [Wed, 7 Jan 2015 22:39:28 +0000 (23:39 +0100)]
libdw: Robustify eh_frame_hdr and encoded-values reading.
Sanity check and keep track of binary_search_table data buffer length.
Add bounds check to encoded value reading. Also fix a bug when reading
the eh_frame header data from an other endian ELF image. Add a testcase
that would fail the new sanity checks because of the endian bug.
Mark Wielaard [Sun, 4 Jan 2015 23:12:53 +0000 (00:12 +0100)]
libdwfl: Handle seeing CU EOF marker without any other (real) CU.
intern_cu (and __libdwfl_nextcu) didn't correctly handle immediately seeing
the CU EOF marker. In that case the *nextp pointer (first_cu) returned by
intern_cu is -1. And less_layzy will immediately destroy the found CU node.
So don't use the *found result after calling less_lazy.
Mark Wielaard [Sun, 4 Jan 2015 23:03:03 +0000 (00:03 +0100)]
libdw: Check DW_AT_sibling attribute offset is after current DIE.
The sibling attribute should point after this DIE in the CU.
Otherwise various algorithms might loop or go into infinite recursion
walking the DIE tree.
Mark Wielaard [Sun, 4 Jan 2015 15:08:22 +0000 (16:08 +0100)]
libdw: Check register number in CFI isn't insanely large.
Some cfi.c array size allocation calculations might overflow when trying
to accommodate insanely large number of registers. Don't allow register
numbers larger than INT32_MAX / sizeof (dwarf_frame_register).
Mark Wielaard [Fri, 2 Jan 2015 23:27:58 +0000 (00:27 +0100)]
libdw: Add missing size check to parse_eh_frame_hdr.
afl-fuzz showed that when parse_eh_frame_hdr was called from
getcfi_scn_eh_frame invalid data could be read because of a missing size
check. That check was there when parse_eh_frame_hdr was called from
getcfi_gnu_eh_frame. Move the size check into parse_eh_frame. And add
an extra check to make sure d_buf is not NULL.
Mark Wielaard [Fri, 2 Jan 2015 23:09:45 +0000 (00:09 +0100)]
libdw: Handle NULL dbg for call_ref, GNU_implicit_pointer and addr DW_OPs.
afl-fuzz pointed out that __libdw_intern_expression didn't handle CFI
containing DW_OP_call_ref, DW_OP_implicit_pointer or DW_OP_addr. Because
in that case the Dwarf dbg is NULL. Both DW_OP_call_ref and
DW_OP_implicit_pointer cannot be used in CFI. That is just an error.
But DW_OP_addr can be. Without a Dwarf dbg we'll need to read the address
argument directly. Don't use __libdw_read_address_inc which might do a
relocation of the value read. But in practice the relocation hook isn't
implemented anyway.
Mark Wielaard [Tue, 30 Dec 2014 23:51:45 +0000 (00:51 +0100)]
libelf: gelf_getphdr should check phdr index is valid.
elf_getphdrnum does checks the phdrnum makes sense. But gelf_getphdr
checked the given index against the "raw" e_phnum or internal
__elf_getphdrnum_rdlock result without checking. Extract the checking
code into a new internal __elf_getphdrnum_chk_rdlock function and
use that.
Mark Wielaard [Thu, 25 Dec 2014 21:50:21 +0000 (22:50 +0100)]
libelf: ar_size cannot be negative. Fix max ar size.
Elf_Arhdr ar_size is loff_t, which is signed. Make sure it isn't negative.
When the parent start_offset is non-zero maxsize should include it to
compensate for ar offset.
Mark Wielaard [Sun, 11 Jan 2015 14:00:52 +0000 (15:00 +0100)]
libdw: Prevent infinite recursion when processing DW_TAG_imported_unit.
Invalid DWARF could create cycles with DW_TAG_imported_unit, which would
lead to infinite recursion and stack overflow in libdw_visit_scopes.
Keep track of imported units and error out when a cycle is detected.
read_long_names terminates names at the first '/' found but then skips
one character without checking (it's supposed to be '\n'). Hence the
next name could start with any character including '/'. This leads to
a directory traversal vulnerability at the time the contents of the
archive is extracted.
The danger is mitigated by the fact that only one '/' is possible in a
resulting filename and only in the leading position. Hence only files
in the root directory can be written via this vuln and only when ar is
executed as root.
The fix for the vuln is to not skip any characters while looking
for '/'.
Signed-off-by: Alexander Cherepanov <cherepan@mccme.ru>
Mark Wielaard [Fri, 19 Dec 2014 19:53:22 +0000 (20:53 +0100)]
tests: Don't match libfunc symbol on ppc64 in run-deleted.sh testcase.
For PPC64 we need access to the OPD table which we get through the shdrs
but for the deleted-lib we only have phdrs. So we don't have the name of
the function. But since we should find the EH_FRAME through phdrs just
fine, we can unwind into main. Skip the libfunc name check for now till
we find a nice way to enable the lookup without opd:
https://bugzilla.redhat.com/show_bug.cgi?id=1176238
Mark Wielaard [Fri, 19 Dec 2014 17:19:29 +0000 (18:19 +0100)]
libdwfl: Always try find_dynsym last, also on find_symtab ELF errors.
An ELF error during find_symtab might be incomplete shdrs or string table
from ELF images read through elf_from_memory. The phdrs and dynsym should
always be complete.
Mark Wielaard [Fri, 19 Dec 2014 14:40:16 +0000 (15:40 +0100)]
libdwfl: Remove p_align sanity check from elf_from_memory.
In commit f15bcd "elf_from_remote_memory should use pagesize, not p_align"
we already relaxed the p_align sanity check to allow alignment of the
segment against the pagesize since that is what the glibc dynamic linker
actually does. But on some architectures the kernel inserts a vdso with
a completely bogus p_align for some PT_LOAD segments. So just drop the
whole sanity check and allow anything since we won't use p_align, but
always already use pagesize anyway.
Ulrich Drepper [Thu, 18 Dec 2014 17:32:39 +0000 (12:32 -0500)]
avoid scary command output
The commands to check for invalid text relocations in the generated DSOs
shouldn't be displayed. They contain an echo which prints the text.
This patch suppresses the commands from being printed.
projects / thirdparty / elfutils.git / log
