hulthe/elf
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix parsing of symbol table

Browse Source
This commit is contained in:
Joakim Hulthe
2024-02-10 17:08:34 +01:00
parent 7a8554d313
commit ff9bda49c2
6 changed files with 880 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/ints.rs
View File

@@ -11,8 +11,8 @@ pub struct BigEndian;
#[repr(C, packed)]
pub struct LittleEndian;
pub trait Decode: Copy {
type Native: Debug + Copy;
pub trait Decode: Copy + Zeroable + Pod {
type Native: Debug + Copy + TryInto<usize> + TryInto<u32> + Into<u64>;
fn to_native(self) -> Self::Native;
}

108
src/main.rs
View File

@@ -3,55 +3,43 @@ mod output;
mod structs;
use crate::{
ints::BigEndian,
output::Output,
structs::{ElfHeader1, ElfHeader2, SectionHeaderEntry, SymbolTableEntry},
structs::{
BigEndian32, BigEndian64, ElfConfig, ElfHeader1, ElfHeader2, LittleEndian32,
LittleEndian64, SectionHeaderEntry, SymbolTableEntry,
},
};
use bytemuck::from_bytes;
use clap::{Parser, Subcommand};
use clap::Parser;
use core::str::from_utf8;
use eyre::{bail, eyre, Context};
use ints::{Decode, LittleEndian, U32, U64};
use serde_json::Value;
use ints::Decode;
use serde_json::{json, Value};
use std::{fs, mem::size_of, path::PathBuf};
use symbolic::demangle::demangle;
#[derive(Parser)]
struct Opt {
elf: PathBuf,
#[clap(subcommand)]
command: Command,
}
#[derive(Subcommand)]
enum Command {
/// List sections
Sections {},
/// List symbols
Symbols {
#[clap(short, long)]
section: String,
},
}
const HEADER1_LEN: usize = size_of::<ElfHeader1>();
macro_rules! parse_elf {
($endian:ty, $word:ty, $out:expr, $header1:expr, $elf:expr) => {{
//let header1 = $header1;
($elfcfg:ty, $out:expr, $header1:expr, $elf:expr) => {{
let out = $out;
const HEADER2_LEN: usize = size_of::<ElfHeader2<$endian, $word>>();
const HEADER2_LEN: usize = size_of::<ElfHeader2<$elfcfg>>();
let elf = $elf;
if elf.len() < HEADER1_LEN + HEADER2_LEN {
bail!("not a valid elf file: file too small");
}
let header2: &[u8; HEADER2_LEN] = elf[HEADER1_LEN..][..HEADER2_LEN].try_into()?;
let header2: ElfHeader2<$endian, $word> = *from_bytes(header2);
out.write("header2", &header2)?;
let header2: ElfHeader2<$elfcfg> = *from_bytes(header2);
out.write_append("header", &header2)?;
let e_shentsize = usize::from(header2.e_shentsize.to_native());
if e_shentsize != size_of::<SectionHeaderEntry<$endian, $word>>() {
if e_shentsize != size_of::<SectionHeaderEntry<$elfcfg>>() {
bail!("wrong e_shentsize (0x{e_shentsize:x})");
}
@@ -72,21 +60,18 @@ macro_rules! parse_elf {
(section_header_table_start..section_header_table_end).step_by(e_shentsize)
{
let entry = &elf[entry_start..][..e_shentsize];
let entry: SectionHeaderEntry<$endian, $word> = *from_bytes(entry);
let entry: SectionHeaderEntry<$elfcfg> = *from_bytes(entry);
section_header_entries.push(entry);
}
out.write("section_table", &section_header_entries)?;
out.write("sections", &section_header_entries)?;
let names_section_i = usize::from(header2.e_shstrndx.to_native());
let names_section_entry = &section_header_entries
.get(names_section_i)
.ok_or(eyre!("invalid e_shstrndx"))?;
let names_section_start: usize = (names_section_entry.sh_offset.to_native().try_into())
.wrap_err("sh_offset bigger than usize")?;
let names_section_size: usize = (names_section_entry.sh_size.to_native().try_into())
.wrap_err("sh_size bigger than usize")?;
let names_section_end = names_section_start + names_section_size;
let names_section_start: usize = names_section_entry.start()?;
let names_section_end = names_section_entry.end()?;
let names_section = &elf[names_section_start..names_section_end];
let mut symtab_i = None;
@@ -131,28 +116,30 @@ macro_rules! parse_elf {
fields.insert("name".to_string(), Value::String(name.to_string()));
section_header_entries_with_names.push(entry_json);
}
let _ = out.write("section_table", &section_header_entries_with_names);
let _ = out.write("sections", &section_header_entries_with_names);
if let Some(symtab_i) = symtab_i {
let mut symbols = vec![];
let symtab = &section_header_entries[symtab_i];
const ENTRY_SIZE: usize = size_of::<SymbolTableEntry<$word>>();
if symtab.sh_size.to_native() as usize != ENTRY_SIZE {
bail!(".symtab size not a multiple of symtab entry size");
const ENTRY_SIZE: usize = size_of::<<$elfcfg as ElfConfig>::SymtabEntry>();
if (symtab.sh_entsize.to_native() as usize) != ENTRY_SIZE {
bail!(".symtab sh_entsize not equal to symtab entry size");
}
let section_start: usize = symtab.start().wrap_err(".symtab")?;
let section_end: usize = symtab.end().wrap_err(".symtab")?;
for entry in elf[section_start..section_end].chunks_exact(ENTRY_SIZE) {
for (i, entry) in elf[section_start..section_end].chunks_exact(ENTRY_SIZE).enumerate() {
let entry: &[u8; ENTRY_SIZE] = entry.try_into().unwrap();
let entry: &SymbolTableEntry<$word> = from_bytes(entry);
let name_start: usize = (entry.st_name.to_native().try_into())
let entry: &<$elfcfg as ElfConfig>::SymtabEntry = from_bytes(entry);
let entry = SymbolTableEntry::from(*entry);
let name_start: usize = (entry.st_name.try_into())
.wrap_err("symtab entry st_name too big to fit in usize")?;
let name = (name_start != 0)
.then(|| {
strtab.map(|strtab| {
eprintln!("{name_start} {}", strtab.len());
let name_end = (name_start..strtab.len())
.find(|&i| strtab[i] == b'\0')
.ok_or(eyre!(".strtab entry missing null byte"))?;
@@ -164,10 +151,25 @@ macro_rules! parse_elf {
})
// Option<Option<Result>> to Result<Option>
.flatten()
.transpose()?;
.transpose()?
.map(demangle)
.unwrap_or_default();
eprintln!("[.symtab] {name:?}: {entry:?}");
let section = section_header_entries_with_names
.get(usize::from(entry.st_shndx))
.and_then(|v| v.get("name"))
.and_then(|v| v.as_str());
symbols.push(json!({
"i": i,
"value": entry.st_value,
"size": entry.st_size,
"section": section,
"z_name": name,
}));
}
out.write("symbols", &symbols)?;
}
}};
}
@@ -181,25 +183,25 @@ fn main() -> eyre::Result<()> {
if elf.len() < HEADER1_LEN {
bail!("not a valid elf file: file too small");
}
let header1: &[u8; HEADER1_LEN] = elf[..HEADER1_LEN].try_into()?;
let header1: ElfHeader1 = *from_bytes(header1);
let header: &[u8; HEADER1_LEN] = elf[..HEADER1_LEN].try_into()?;
let header: ElfHeader1 = *from_bytes(header);
let mut out = Output::default();
out.write("header1", &header1)?;
out.write("header", &header)?;
if &header1.ei_magic != b"\x7FELF" {
if &header.ei_magic != b"\x7FELF" {
bail!("not a valid elf file: invalid magic");
}
if header1.ei_version != 1 {
bail!("unknown elf version: 0x{:x}", header1.ei_version);
if header.ei_version != 1 {
bail!("unknown elf version: 0x{:x}", header.ei_version);
}
match (header1.ei_class, header1.ei_data) {
(1, 1) => parse_elf!(LittleEndian, U32<LittleEndian>, &mut out, header1, elf),
(2, 1) => parse_elf!(LittleEndian, U64<LittleEndian>, &mut out, header1, elf),
(1, 2) => parse_elf!(BigEndian, U32<BigEndian>, &mut out, header1, elf),
(2, 2) => parse_elf!(BigEndian, U64<BigEndian>, &mut out, header1, elf),
match (header.ei_class, header.ei_data) {
(1, 1) => parse_elf!(LittleEndian32, &mut out, header1, elf),
(2, 1) => parse_elf!(LittleEndian64, &mut out, header1, elf),
(1, 2) => parse_elf!(BigEndian32, &mut out, header1, elf),
(2, 2) => parse_elf!(BigEndian64, &mut out, header1, elf),
(1 | 2, ei_data) => bail!("unknown e_ident[EI_DATA]: 0x{ei_data:x}"),
(ei_class, ..) => bail!("unknown e_ident[EI_CLASS]: 0x{ei_class:x}"),
}

18
src/output.rs
View File

@@ -2,7 +2,7 @@ use std::collections::BTreeMap;
use eyre::{bail, Context};
use serde::Serialize;
use serde_json::Value;
use serde_json::{Map, Value};
#[derive(Default)]
pub struct Output {
@@ -17,6 +17,22 @@ impl Output {
}
Ok(())
}
pub fn write_append(&mut self, key: &'static str, v: &impl Serialize) -> eyre::Result<()> {
let Value::Object(mut v) =
serde_json::to_value(v).wrap_err("failed to serialize output")?
else {
bail!("tried to append non-object");
};
let Value::Object(entry) = self.elements.entry(key).or_insert(Map::new().into()) else {
bail!("tried to append to non-object");
};
entry.append(&mut v);
Ok(())
}
}
impl Drop for Output {

195
src/structs.rs
View File

@@ -1,8 +1,55 @@
use crate::ints::{Decode, U16, U32};
use crate::ints::{BigEndian, Decode, LittleEndian, U16, U32, U64};
use bytemuck::{Pod, Zeroable};
use eyre::eyre;
use serde::Serialize;
pub trait ElfConfig {
type Word: Decode;
type Half: Decode;
type Addr: Decode;
type SymtabEntry: Pod + Into<SymbolTableEntry>;
}
#[derive(Pod, Zeroable, Clone, Copy, Debug, Serialize)]
#[repr(transparent)]
pub struct LittleEndian32;
impl ElfConfig for LittleEndian32 {
type Word = U32<LittleEndian>;
type Half = U16<LittleEndian>;
type Addr = U32<LittleEndian>;
type SymtabEntry = SymbolTableEntry32<LittleEndian>;
}
#[derive(Pod, Zeroable, Clone, Copy, Debug, Serialize)]
#[repr(transparent)]
pub struct LittleEndian64;
impl ElfConfig for LittleEndian64 {
type Word = U32<LittleEndian>;
type Half = U16<LittleEndian>;
type Addr = U64<LittleEndian>;
type SymtabEntry = SymbolTableEntry64<LittleEndian>;
}
#[derive(Pod, Zeroable, Clone, Copy, Debug, Serialize)]
#[repr(transparent)]
pub struct BigEndian32;
impl ElfConfig for BigEndian32 {
type Word = U32<BigEndian>;
type Half = U16<BigEndian>;
type Addr = U32<BigEndian>;
type SymtabEntry = SymbolTableEntry32<BigEndian>;
}
#[derive(Pod, Zeroable, Clone, Copy, Debug, Serialize)]
#[repr(transparent)]
pub struct BigEndian64;
impl ElfConfig for BigEndian64 {
type Word = U32<BigEndian>;
type Half = U16<BigEndian>;
type Addr = U64<BigEndian>;
type SymtabEntry = SymbolTableEntry64<BigEndian>;
}
#[derive(Pod, Zeroable, Clone, Copy, Debug, Serialize)]
#[repr(C, packed)]
pub struct ElfHeader1 {
@@ -18,65 +65,79 @@ pub struct ElfHeader1 {
#[derive(Pod, Zeroable, Clone, Copy, Debug, Serialize)]
#[repr(C, packed)]
pub struct ElfHeader2<Endian, Word>
where
U16<Endian>: Decode,
U32<Endian>: Decode,
Word: Decode,
{
pub e_type: U16<Endian>,
pub e_machine: U16<Endian>,
pub e_version: U32<Endian>,
pub e_entry: Word,
pub e_phoff: Word,
pub e_shoff: Word,
pub e_flags: U32<Endian>,
pub e_ehsize: U16<Endian>,
pub e_phentsize: U16<Endian>,
pub e_phnum: U16<Endian>,
pub e_shentsize: U16<Endian>,
pub e_shnum: U16<Endian>,
pub e_shstrndx: U16<Endian>,
pub struct ElfHeader2<C: ElfConfig> {
pub e_type: C::Half,
pub e_machine: C::Half,
pub e_version: C::Word,
pub e_entry: C::Addr,
pub e_phoff: C::Addr,
pub e_shoff: C::Addr,
pub e_flags: C::Word,
pub e_ehsize: C::Half,
pub e_phentsize: C::Half,
pub e_phnum: C::Half,
pub e_shentsize: C::Half,
pub e_shnum: C::Half,
pub e_shstrndx: C::Half,
}
#[derive(Pod, Zeroable, Clone, Copy, Debug, Serialize)]
#[repr(C, packed)]
pub struct SectionHeaderEntry<Endian, Word>
where
U16<Endian>: Decode,
U32<Endian>: Decode,
Word: Decode,
{
pub sh_name: U32<Endian>,
pub sh_type: U32<Endian>,
pub sh_flags: Word,
pub sh_addr: Word,
pub sh_offset: Word,
pub sh_size: Word,
pub sh_link: U32<Endian>,
pub sh_info: U32<Endian>,
pub sh_addralign: Word,
pub sh_entsize: Word,
pub struct SectionHeaderEntry<C: ElfConfig> {
pub sh_name: C::Word,
pub sh_type: C::Word,
pub sh_flags: C::Addr,
pub sh_addr: C::Addr,
pub sh_offset: C::Addr,
pub sh_size: C::Addr,
pub sh_link: C::Word,
pub sh_info: C::Word,
pub sh_addralign: C::Addr,
pub sh_entsize: C::Addr,
}
#[derive(Pod, Zeroable, Clone, Copy, Debug, Serialize)]
#[repr(C, packed)]
pub struct SymbolTableEntry<Word: Decode> {
pub st_name: Word,
pub st_value: Word,
pub st_size: Word,
#[derive(Clone, Copy, Debug, Serialize)]
pub struct SymbolTableEntry {
pub st_name: usize,
pub st_value: usize,
pub st_size: usize,
pub st_info: u8,
pub st_other: u8,
pub st_shndx: Word,
pub st_shndx: usize,
}
impl<Endian, Word> SectionHeaderEntry<Endian, Word>
#[derive(Pod, Zeroable, Clone, Copy, Debug, Serialize)]
#[repr(C, packed)]
pub struct SymbolTableEntry32<Endian>
where
U16<Endian>: Decode,
U32<Endian>: Decode,
Word: Decode,
<Word as Decode>::Native: TryInto<usize>,
U16<Endian>: Decode,
{
pub st_name: U32<Endian>,
pub st_value: U32<Endian>,
pub st_size: U32<Endian>,
pub st_info: u8,
pub st_other: u8,
pub st_shndx: U16<Endian>,
}
#[derive(Pod, Zeroable, Clone, Copy, Debug, Serialize)]
#[repr(C, packed)]
pub struct SymbolTableEntry64<Endian>
where
U64<Endian>: Decode,
U32<Endian>: Decode,
U16<Endian>: Decode,
{
pub st_name: U32<Endian>,
pub st_info: u8,
pub st_other: u8,
pub st_shndx: U16<Endian>,
pub st_value: U64<Endian>,
pub st_size: U64<Endian>,
}
impl<C: ElfConfig> SectionHeaderEntry<C> {
pub fn start(&self) -> eyre::Result<usize> {
self.sh_offset
.to_native()
@@ -94,3 +155,43 @@ where
Ok(self.start()? + size)
}
}
impl<Endian> From<SymbolTableEntry32<Endian>> for SymbolTableEntry
where
U32<Endian>: Decode,
<U32<Endian> as Decode>::Native: Into<u32>,
U16<Endian>: Decode,
<U16<Endian> as Decode>::Native: Into<u16>,
{
fn from(entry: SymbolTableEntry32<Endian>) -> Self {
Self {
st_name: entry.st_name.to_native().into() as usize,
st_value: entry.st_value.to_native().into() as usize,
st_size: entry.st_size.to_native().into() as usize,
st_info: entry.st_info,
st_other: entry.st_other,
st_shndx: entry.st_shndx.to_native().into().into(),
}
}
}
impl<Endian> From<SymbolTableEntry64<Endian>> for SymbolTableEntry
where
U64<Endian>: Decode,
<U64<Endian> as Decode>::Native: Into<u64>,
U32<Endian>: Decode,
<U32<Endian> as Decode>::Native: Into<u32>,
U16<Endian>: Decode,
<U16<Endian> as Decode>::Native: Into<u16>,
{
fn from(entry: SymbolTableEntry64<Endian>) -> Self {
Self {
st_name: entry.st_name.to_native().into() as usize,
st_value: entry.st_value.to_native().into() as usize,
st_size: entry.st_size.to_native().into() as usize,
st_info: entry.st_info,
st_other: entry.st_other,
st_shndx: entry.st_shndx.to_native().into().into(),
}
}
}