hulthe/elf
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix parsing of symbol table

Browse Source
This commit is contained in:
Joakim Hulthe
2024-02-10 17:08:34 +01:00
parent 7a8554d313
commit ff9bda49c2
6 changed files with 880 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

108
src/main.rs
View File

@@ -3,55 +3,43 @@ mod output;
mod structs;
use crate::{
ints::BigEndian,
output::Output,
structs::{ElfHeader1, ElfHeader2, SectionHeaderEntry, SymbolTableEntry},
structs::{
BigEndian32, BigEndian64, ElfConfig, ElfHeader1, ElfHeader2, LittleEndian32,
LittleEndian64, SectionHeaderEntry, SymbolTableEntry,
},
};
use bytemuck::from_bytes;
use clap::{Parser, Subcommand};
use clap::Parser;
use core::str::from_utf8;
use eyre::{bail, eyre, Context};
use ints::{Decode, LittleEndian, U32, U64};
use serde_json::Value;
use ints::Decode;
use serde_json::{json, Value};
use std::{fs, mem::size_of, path::PathBuf};
use symbolic::demangle::demangle;
#[derive(Parser)]
struct Opt {
elf: PathBuf,
#[clap(subcommand)]
command: Command,
}
#[derive(Subcommand)]
enum Command {
/// List sections
Sections {},
/// List symbols
Symbols {
#[clap(short, long)]
section: String,
},
}
const HEADER1_LEN: usize = size_of::<ElfHeader1>();
macro_rules! parse_elf {
($endian:ty, $word:ty, $out:expr, $header1:expr, $elf:expr) => {{
//let header1 = $header1;
($elfcfg:ty, $out:expr, $header1:expr, $elf:expr) => {{
let out = $out;
const HEADER2_LEN: usize = size_of::<ElfHeader2<$endian, $word>>();
const HEADER2_LEN: usize = size_of::<ElfHeader2<$elfcfg>>();
let elf = $elf;
if elf.len() < HEADER1_LEN + HEADER2_LEN {
bail!("not a valid elf file: file too small");
}
let header2: &[u8; HEADER2_LEN] = elf[HEADER1_LEN..][..HEADER2_LEN].try_into()?;
let header2: ElfHeader2<$endian, $word> = *from_bytes(header2);
out.write("header2", &header2)?;
let header2: ElfHeader2<$elfcfg> = *from_bytes(header2);
out.write_append("header", &header2)?;
let e_shentsize = usize::from(header2.e_shentsize.to_native());
if e_shentsize != size_of::<SectionHeaderEntry<$endian, $word>>() {
if e_shentsize != size_of::<SectionHeaderEntry<$elfcfg>>() {
bail!("wrong e_shentsize (0x{e_shentsize:x})");
}
@@ -72,21 +60,18 @@ macro_rules! parse_elf {
(section_header_table_start..section_header_table_end).step_by(e_shentsize)
{
let entry = &elf[entry_start..][..e_shentsize];
let entry: SectionHeaderEntry<$endian, $word> = *from_bytes(entry);
let entry: SectionHeaderEntry<$elfcfg> = *from_bytes(entry);
section_header_entries.push(entry);
}
out.write("section_table", &section_header_entries)?;
out.write("sections", &section_header_entries)?;
let names_section_i = usize::from(header2.e_shstrndx.to_native());
let names_section_entry = &section_header_entries
.get(names_section_i)
.ok_or(eyre!("invalid e_shstrndx"))?;
let names_section_start: usize = (names_section_entry.sh_offset.to_native().try_into())
.wrap_err("sh_offset bigger than usize")?;
let names_section_size: usize = (names_section_entry.sh_size.to_native().try_into())
.wrap_err("sh_size bigger than usize")?;
let names_section_end = names_section_start + names_section_size;
let names_section_start: usize = names_section_entry.start()?;
let names_section_end = names_section_entry.end()?;
let names_section = &elf[names_section_start..names_section_end];
let mut symtab_i = None;
@@ -131,28 +116,30 @@ macro_rules! parse_elf {
fields.insert("name".to_string(), Value::String(name.to_string()));
section_header_entries_with_names.push(entry_json);
}
let _ = out.write("section_table", &section_header_entries_with_names);
let _ = out.write("sections", &section_header_entries_with_names);
if let Some(symtab_i) = symtab_i {
let mut symbols = vec![];
let symtab = &section_header_entries[symtab_i];
const ENTRY_SIZE: usize = size_of::<SymbolTableEntry<$word>>();
if symtab.sh_size.to_native() as usize != ENTRY_SIZE {
bail!(".symtab size not a multiple of symtab entry size");
const ENTRY_SIZE: usize = size_of::<<$elfcfg as ElfConfig>::SymtabEntry>();
if (symtab.sh_entsize.to_native() as usize) != ENTRY_SIZE {
bail!(".symtab sh_entsize not equal to symtab entry size");
}
let section_start: usize = symtab.start().wrap_err(".symtab")?;
let section_end: usize = symtab.end().wrap_err(".symtab")?;
for entry in elf[section_start..section_end].chunks_exact(ENTRY_SIZE) {
for (i, entry) in elf[section_start..section_end].chunks_exact(ENTRY_SIZE).enumerate() {
let entry: &[u8; ENTRY_SIZE] = entry.try_into().unwrap();
let entry: &SymbolTableEntry<$word> = from_bytes(entry);
let name_start: usize = (entry.st_name.to_native().try_into())
let entry: &<$elfcfg as ElfConfig>::SymtabEntry = from_bytes(entry);
let entry = SymbolTableEntry::from(*entry);
let name_start: usize = (entry.st_name.try_into())
.wrap_err("symtab entry st_name too big to fit in usize")?;
let name = (name_start != 0)
.then(|| {
strtab.map(|strtab| {
eprintln!("{name_start} {}", strtab.len());
let name_end = (name_start..strtab.len())
.find(|&i| strtab[i] == b'\0')
.ok_or(eyre!(".strtab entry missing null byte"))?;
@@ -164,10 +151,25 @@ macro_rules! parse_elf {
})
// Option<Option<Result>> to Result<Option>
.flatten()
.transpose()?;
.transpose()?
.map(demangle)
.unwrap_or_default();
eprintln!("[.symtab] {name:?}: {entry:?}");
let section = section_header_entries_with_names
.get(usize::from(entry.st_shndx))
.and_then(|v| v.get("name"))
.and_then(|v| v.as_str());
symbols.push(json!({
"i": i,
"value": entry.st_value,
"size": entry.st_size,
"section": section,
"z_name": name,
}));
}
out.write("symbols", &symbols)?;
}
}};
}
@@ -181,25 +183,25 @@ fn main() -> eyre::Result<()> {
if elf.len() < HEADER1_LEN {
bail!("not a valid elf file: file too small");
}
let header1: &[u8; HEADER1_LEN] = elf[..HEADER1_LEN].try_into()?;
let header1: ElfHeader1 = *from_bytes(header1);
let header: &[u8; HEADER1_LEN] = elf[..HEADER1_LEN].try_into()?;
let header: ElfHeader1 = *from_bytes(header);
let mut out = Output::default();
out.write("header1", &header1)?;
out.write("header", &header)?;
if &header1.ei_magic != b"\x7FELF" {
if &header.ei_magic != b"\x7FELF" {
bail!("not a valid elf file: invalid magic");
}
if header1.ei_version != 1 {
bail!("unknown elf version: 0x{:x}", header1.ei_version);
if header.ei_version != 1 {
bail!("unknown elf version: 0x{:x}", header.ei_version);
}
match (header1.ei_class, header1.ei_data) {
(1, 1) => parse_elf!(LittleEndian, U32<LittleEndian>, &mut out, header1, elf),
(2, 1) => parse_elf!(LittleEndian, U64<LittleEndian>, &mut out, header1, elf),
(1, 2) => parse_elf!(BigEndian, U32<BigEndian>, &mut out, header1, elf),
(2, 2) => parse_elf!(BigEndian, U64<BigEndian>, &mut out, header1, elf),
match (header.ei_class, header.ei_data) {
(1, 1) => parse_elf!(LittleEndian32, &mut out, header1, elf),
(2, 1) => parse_elf!(LittleEndian64, &mut out, header1, elf),
(1, 2) => parse_elf!(BigEndian32, &mut out, header1, elf),
(2, 2) => parse_elf!(BigEndian64, &mut out, header1, elf),
(1 | 2, ei_data) => bail!("unknown e_ident[EI_DATA]: 0x{ei_data:x}"),
(ei_class, ..) => bail!("unknown e_ident[EI_CLASS]: 0x{ei_class:x}"),
}