1 /* Pedantic checking of ELF files compliance with gABI/psABI spec.
2 Copyright (C) 2001-2012 Red Hat, Inc.
3 This file is part of elfutils.
4 Written by Ulrich Drepper <drepper@redhat.com>, 2001.
6 This file is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 elfutils is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>. */
38 #include <sys/param.h>
40 #include <elf-knowledge.h>
42 #include "../libelf/libelfP.h"
43 #include "../libelf/common.h"
44 #include "../libebl/libeblP.h"
45 #include "../libdw/libdwP.h"
46 #include "../libdwfl/libdwflP.h"
47 #include "../libdw/memory-access.h"
50 /* Name and version of program. */
51 static void print_version (FILE *stream, struct argp_state *state);
52 ARGP_PROGRAM_VERSION_HOOK_DEF = print_version;
54 /* Bug report address. */
55 ARGP_PROGRAM_BUG_ADDRESS_DEF = PACKAGE_BUGREPORT;
57 #define ARGP_strict 300
58 #define ARGP_gnuld 301
60 /* Definitions of arguments for argp functions. */
61 static const struct argp_option options[] =
63 { "strict", ARGP_strict, NULL, 0,
64 N_("Be extremely strict, flag level 2 features."), 0 },
65 { "quiet", 'q', NULL, 0, N_("Do not print anything if successful"), 0 },
66 { "debuginfo", 'd', NULL, 0, N_("Binary is a separate debuginfo file"), 0 },
67 { "gnu-ld", ARGP_gnuld, NULL, 0,
68 N_("Binary has been created with GNU ld and is therefore known to be \
69 broken in certain ways"), 0 },
70 { NULL, 0, NULL, 0, NULL, 0 }
73 /* Short description of program. */
74 static const char doc[] = N_("\
75 Pedantic checking of ELF files compliance with gABI/psABI spec.");
77 /* Strings for arguments in help texts. */
78 static const char args_doc[] = N_("FILE...");
80 /* Prototype for option handler. */
81 static error_t parse_opt (int key, char *arg, struct argp_state *state);
83 /* Data structure to communicate with argp functions. */
84 static struct argp argp =
86 options, parse_opt, args_doc, doc, NULL, NULL, NULL
90 /* Declarations of local functions. */
91 static void process_file (int fd, Elf *elf, const char *prefix,
92 const char *suffix, const char *fname, size_t size,
94 static void process_elf_file (Elf *elf, const char *prefix, const char *suffix,
95 const char *fname, size_t size, bool only_one);
96 static void check_note_section (Ebl *ebl, GElf_Ehdr *ehdr,
97 GElf_Shdr *shdr, int idx);
100 /* Report an error. */
101 #define ERROR(str, args...) \
103 printf (str, ##args); \
106 static unsigned int error_count;
108 /* True if we should perform very strict testing. */
109 static bool be_strict;
111 /* True if no message is to be printed if the run is succesful. */
112 static bool be_quiet;
114 /* True if binary is from strip -f, not a normal ELF file. */
115 static bool is_debuginfo;
117 /* True if binary is assumed to be generated with GNU ld. */
120 /* Index of section header string table. */
121 static uint32_t shstrndx;
123 /* Array to count references in section groups. */
128 main (int argc, char *argv[])
131 setlocale (LC_ALL, "");
133 /* Initialize the message catalog. */
134 textdomain (PACKAGE_TARNAME);
136 /* Parse and process arguments. */
138 argp_parse (&argp, argc, argv, 0, &remaining, NULL);
140 /* Before we start tell the ELF library which version we are using. */
141 elf_version (EV_CURRENT);
143 /* Now process all the files given at the command line. */
144 bool only_one = remaining + 1 == argc;
148 int fd = open (argv[remaining], O_RDONLY);
151 error (0, errno, gettext ("cannot open input file"));
155 /* Create an `Elf' descriptor. */
156 Elf *elf = elf_begin (fd, ELF_C_READ_MMAP, NULL);
158 ERROR (gettext ("cannot generate Elf descriptor: %s\n"),
162 unsigned int prev_error_count = error_count;
165 if (fstat64 (fd, &st) != 0)
167 printf ("cannot stat '%s': %m\n", argv[remaining]);
172 process_file (fd, elf, NULL, NULL, argv[remaining], st.st_size,
175 /* Now we can close the descriptor. */
176 if (elf_end (elf) != 0)
177 ERROR (gettext ("error while closing Elf descriptor: %s\n"),
180 if (prev_error_count == error_count && !be_quiet)
181 puts (gettext ("No errors"));
186 while (++remaining < argc);
188 return error_count != 0;
192 /* Handle program arguments. */
194 parse_opt (int key, char *arg __attribute__ ((unused)),
195 struct argp_state *state __attribute__ ((unused)))
214 case ARGP_KEY_NO_ARGS:
215 fputs (gettext ("Missing file name.\n"), stderr);
216 argp_help (&argp, stderr, ARGP_HELP_SEE, program_invocation_short_name);
220 return ARGP_ERR_UNKNOWN;
226 /* Print the version information. */
228 print_version (FILE *stream, struct argp_state *state __attribute__ ((unused)))
230 fprintf (stream, "elflint (%s) %s\n", PACKAGE_NAME, PACKAGE_VERSION);
231 fprintf (stream, gettext ("\
232 Copyright (C) %s Red Hat, Inc.\n\
233 This is free software; see the source for copying conditions. There is NO\n\
234 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n\
236 fprintf (stream, gettext ("Written by %s.\n"), "Ulrich Drepper");
240 /* Process one file. */
242 process_file (int fd, Elf *elf, const char *prefix, const char *suffix,
243 const char *fname, size_t size, bool only_one)
245 /* We can handle two types of files: ELF files and archives. */
246 Elf_Kind kind = elf_kind (elf);
251 /* Yes! It's an ELF file. */
252 process_elf_file (elf, prefix, suffix, fname, size, only_one);
258 Elf_Cmd cmd = ELF_C_READ_MMAP;
259 size_t prefix_len = prefix == NULL ? 0 : strlen (prefix);
260 size_t fname_len = strlen (fname) + 1;
261 char new_prefix[prefix_len + 1 + fname_len];
262 char new_suffix[(suffix == NULL ? 0 : strlen (suffix)) + 2];
263 char *cp = new_prefix;
265 /* Create the full name of the file. */
268 cp = mempcpy (cp, prefix, prefix_len);
270 strcpy (stpcpy (new_suffix, suffix), ")");
273 new_suffix[0] = '\0';
274 memcpy (cp, fname, fname_len);
276 /* It's an archive. We process each file in it. */
277 while ((subelf = elf_begin (fd, cmd, elf)) != NULL)
279 kind = elf_kind (subelf);
281 /* Call this function recursively. */
282 if (kind == ELF_K_ELF || kind == ELF_K_AR)
284 Elf_Arhdr *arhdr = elf_getarhdr (subelf);
285 assert (arhdr != NULL);
287 process_file (fd, subelf, new_prefix, new_suffix,
288 arhdr->ar_name, arhdr->ar_size, false);
291 /* Get next archive element. */
292 cmd = elf_next (subelf);
293 if (elf_end (subelf) != 0)
294 ERROR (gettext (" error while freeing sub-ELF descriptor: %s\n"),
301 /* We cannot do anything. */
303 Not an ELF file - it has the wrong magic bytes at the start\n"));
310 section_name (Ebl *ebl, int idx)
315 shdr = gelf_getshdr (elf_getscn (ebl->elf, idx), &shdr_mem);
317 return elf_strptr (ebl->elf, shstrndx, shdr->sh_name);
321 static const int valid_e_machine[] =
323 EM_M32, EM_SPARC, EM_386, EM_68K, EM_88K, EM_860, EM_MIPS, EM_S370,
324 EM_MIPS_RS3_LE, EM_PARISC, EM_VPP500, EM_SPARC32PLUS, EM_960, EM_PPC,
325 EM_PPC64, EM_S390, EM_V800, EM_FR20, EM_RH32, EM_RCE, EM_ARM,
326 EM_FAKE_ALPHA, EM_SH, EM_SPARCV9, EM_TRICORE, EM_ARC, EM_H8_300,
327 EM_H8_300H, EM_H8S, EM_H8_500, EM_IA_64, EM_MIPS_X, EM_COLDFIRE,
328 EM_68HC12, EM_MMA, EM_PCP, EM_NCPU, EM_NDR1, EM_STARCORE, EM_ME16,
329 EM_ST100, EM_TINYJ, EM_X86_64, EM_PDSP, EM_FX66, EM_ST9PLUS, EM_ST7,
330 EM_68HC16, EM_68HC11, EM_68HC08, EM_68HC05, EM_SVX, EM_ST19, EM_VAX,
331 EM_CRIS, EM_JAVELIN, EM_FIREPATH, EM_ZSP, EM_MMIX, EM_HUANY, EM_PRISM,
332 EM_AVR, EM_FR30, EM_D10V, EM_D30V, EM_V850, EM_M32R, EM_MN10300,
333 EM_MN10200, EM_PJ, EM_OPENRISC, EM_ARC_A5, EM_XTENSA, EM_ALPHA,
334 EM_TILEGX, EM_TILEPRO
336 #define nvalid_e_machine \
337 (sizeof (valid_e_machine) / sizeof (valid_e_machine[0]))
340 /* Numbers of sections and program headers. */
341 static unsigned int shnum;
342 static unsigned int phnum;
346 check_elf_header (Ebl *ebl, GElf_Ehdr *ehdr, size_t size)
351 /* Check e_ident field. */
352 if (ehdr->e_ident[EI_MAG0] != ELFMAG0)
353 ERROR ("e_ident[%d] != '%c'\n", EI_MAG0, ELFMAG0);
354 if (ehdr->e_ident[EI_MAG1] != ELFMAG1)
355 ERROR ("e_ident[%d] != '%c'\n", EI_MAG1, ELFMAG1);
356 if (ehdr->e_ident[EI_MAG2] != ELFMAG2)
357 ERROR ("e_ident[%d] != '%c'\n", EI_MAG2, ELFMAG2);
358 if (ehdr->e_ident[EI_MAG3] != ELFMAG3)
359 ERROR ("e_ident[%d] != '%c'\n", EI_MAG3, ELFMAG3);
361 if (ehdr->e_ident[EI_CLASS] != ELFCLASS32
362 && ehdr->e_ident[EI_CLASS] != ELFCLASS64)
363 ERROR (gettext ("e_ident[%d] == %d is no known class\n"),
364 EI_CLASS, ehdr->e_ident[EI_CLASS]);
366 if (ehdr->e_ident[EI_DATA] != ELFDATA2LSB
367 && ehdr->e_ident[EI_DATA] != ELFDATA2MSB)
368 ERROR (gettext ("e_ident[%d] == %d is no known data encoding\n"),
369 EI_DATA, ehdr->e_ident[EI_DATA]);
371 if (ehdr->e_ident[EI_VERSION] != EV_CURRENT)
372 ERROR (gettext ("unknown ELF header version number e_ident[%d] == %d\n"),
373 EI_VERSION, ehdr->e_ident[EI_VERSION]);
375 /* We currently don't handle any OS ABIs other than Linux. */
376 if (ehdr->e_ident[EI_OSABI] != ELFOSABI_NONE
377 && ehdr->e_ident[EI_OSABI] != ELFOSABI_LINUX)
378 ERROR (gettext ("unsupported OS ABI e_ident[%d] == '%s'\n"),
380 ebl_osabi_name (ebl, ehdr->e_ident[EI_OSABI], buf, sizeof (buf)));
382 /* No ABI versions other than zero supported either. */
383 if (ehdr->e_ident[EI_ABIVERSION] != 0)
384 ERROR (gettext ("unsupport ABI version e_ident[%d] == %d\n"),
385 EI_ABIVERSION, ehdr->e_ident[EI_ABIVERSION]);
387 for (cnt = EI_PAD; cnt < EI_NIDENT; ++cnt)
388 if (ehdr->e_ident[cnt] != 0)
389 ERROR (gettext ("e_ident[%zu] is not zero\n"), cnt);
391 /* Check the e_type field. */
392 if (ehdr->e_type != ET_REL && ehdr->e_type != ET_EXEC
393 && ehdr->e_type != ET_DYN && ehdr->e_type != ET_CORE)
394 ERROR (gettext ("unknown object file type %d\n"), ehdr->e_type);
396 /* Check the e_machine field. */
397 for (cnt = 0; cnt < nvalid_e_machine; ++cnt)
398 if (valid_e_machine[cnt] == ehdr->e_machine)
400 if (cnt == nvalid_e_machine)
401 ERROR (gettext ("unknown machine type %d\n"), ehdr->e_machine);
403 /* Check the e_version field. */
404 if (ehdr->e_version != EV_CURRENT)
405 ERROR (gettext ("unknown object file version\n"));
407 /* Check the e_phoff and e_phnum fields. */
408 if (ehdr->e_phoff == 0)
410 if (ehdr->e_phnum != 0)
411 ERROR (gettext ("invalid program header offset\n"));
412 else if (ehdr->e_type == ET_EXEC || ehdr->e_type == ET_DYN)
414 executables and DSOs cannot have zero program header offset\n"));
416 else if (ehdr->e_phnum == 0)
417 ERROR (gettext ("invalid number of program header entries\n"));
419 /* Check the e_shoff field. */
420 shnum = ehdr->e_shnum;
421 shstrndx = ehdr->e_shstrndx;
422 if (ehdr->e_shoff == 0)
424 if (ehdr->e_shnum != 0)
425 ERROR (gettext ("invalid section header table offset\n"));
426 else if (ehdr->e_type != ET_EXEC && ehdr->e_type != ET_DYN
427 && ehdr->e_type != ET_CORE)
428 ERROR (gettext ("section header table must be present\n"));
432 if (ehdr->e_shnum == 0)
434 /* Get the header of the zeroth section. The sh_size field
435 might contain the section number. */
437 GElf_Shdr *shdr = gelf_getshdr (elf_getscn (ebl->elf, 0), &shdr_mem);
440 /* The error will be reported later. */
441 if (shdr->sh_size == 0)
443 invalid number of section header table entries\n"));
445 shnum = shdr->sh_size;
449 if (ehdr->e_shstrndx == SHN_XINDEX)
451 /* Get the header of the zeroth section. The sh_size field
452 might contain the section number. */
454 GElf_Shdr *shdr = gelf_getshdr (elf_getscn (ebl->elf, 0), &shdr_mem);
455 if (shdr != NULL && shdr->sh_link < shnum)
456 shstrndx = shdr->sh_link;
458 else if (shstrndx >= shnum)
459 ERROR (gettext ("invalid section header index\n"));
462 phnum = ehdr->e_phnum;
463 if (ehdr->e_phnum == PN_XNUM)
465 /* Get the header of the zeroth section. The sh_info field
466 might contain the phnum count. */
468 GElf_Shdr *shdr = gelf_getshdr (elf_getscn (ebl->elf, 0), &shdr_mem);
471 /* The error will be reported later. */
472 if (shdr->sh_info < PN_XNUM)
474 invalid number of program header table entries\n"));
476 phnum = shdr->sh_info;
480 /* Check the e_flags field. */
481 if (!ebl_machine_flag_check (ebl, ehdr->e_flags))
482 ERROR (gettext ("invalid machine flags: %s\n"),
483 ebl_machine_flag_name (ebl, ehdr->e_flags, buf, sizeof (buf)));
485 /* Check e_ehsize, e_phentsize, and e_shentsize fields. */
486 if (gelf_getclass (ebl->elf) == ELFCLASS32)
488 if (ehdr->e_ehsize != 0 && ehdr->e_ehsize != sizeof (Elf32_Ehdr))
489 ERROR (gettext ("invalid ELF header size: %hd\n"), ehdr->e_ehsize);
491 if (ehdr->e_phentsize != 0 && ehdr->e_phentsize != sizeof (Elf32_Phdr))
492 ERROR (gettext ("invalid program header size: %hd\n"),
494 else if (ehdr->e_phoff + phnum * ehdr->e_phentsize > size)
495 ERROR (gettext ("invalid program header position or size\n"));
497 if (ehdr->e_shentsize != 0 && ehdr->e_shentsize != sizeof (Elf32_Shdr))
498 ERROR (gettext ("invalid section header size: %hd\n"),
500 else if (ehdr->e_shoff + shnum * ehdr->e_shentsize > size)
501 ERROR (gettext ("invalid section header position or size\n"));
503 else if (gelf_getclass (ebl->elf) == ELFCLASS64)
505 if (ehdr->e_ehsize != 0 && ehdr->e_ehsize != sizeof (Elf64_Ehdr))
506 ERROR (gettext ("invalid ELF header size: %hd\n"), ehdr->e_ehsize);
508 if (ehdr->e_phentsize != 0 && ehdr->e_phentsize != sizeof (Elf64_Phdr))
509 ERROR (gettext ("invalid program header size: %hd\n"),
511 else if (ehdr->e_phoff + phnum * ehdr->e_phentsize > size)
512 ERROR (gettext ("invalid program header position or size\n"));
514 if (ehdr->e_shentsize != 0 && ehdr->e_shentsize != sizeof (Elf64_Shdr))
515 ERROR (gettext ("invalid section header size: %hd\n"),
517 else if (ehdr->e_shoff + ehdr->e_shnum * ehdr->e_shentsize > size)
518 ERROR (gettext ("invalid section header position or size\n"));
523 /* Check that there is a section group section with index < IDX which
524 contains section IDX and that there is exactly one. */
526 check_scn_group (Ebl *ebl, int idx)
528 if (scnref[idx] == 0)
530 /* No reference so far. Search following sections, maybe the
534 for (cnt = idx + 1; cnt < shnum; ++cnt)
536 Elf_Scn *scn = elf_getscn (ebl->elf, cnt);
538 GElf_Shdr *shdr = gelf_getshdr (scn, &shdr_mem);
540 /* We cannot get the section header so we cannot check it.
541 The error to get the section header will be shown
545 if (shdr->sh_type != SHT_GROUP)
548 Elf_Data *data = elf_getdata (scn, NULL);
549 if (data == NULL || data->d_size < sizeof (Elf32_Word))
550 /* Cannot check the section. */
553 Elf32_Word *grpdata = (Elf32_Word *) data->d_buf;
554 for (size_t inner = 1; inner < data->d_size / sizeof (Elf32_Word);
556 if (grpdata[inner] == (Elf32_Word) idx)
563 section [%2d] '%s': section with SHF_GROUP flag set not part of a section group\n"),
564 idx, section_name (ebl, idx));
567 section [%2d] '%s': section group [%2zu] '%s' does not precede group member\n"),
568 idx, section_name (ebl, idx),
569 cnt, section_name (ebl, cnt));
575 check_symtab (Ebl *ebl, GElf_Ehdr *ehdr, GElf_Shdr *shdr, int idx)
577 bool no_xndx_warned = false;
579 Elf_Data *data = elf_getdata (elf_getscn (ebl->elf, idx), NULL);
582 ERROR (gettext ("section [%2d] '%s': cannot get section data\n"),
583 idx, section_name (ebl, idx));
587 GElf_Shdr strshdr_mem;
588 GElf_Shdr *strshdr = gelf_getshdr (elf_getscn (ebl->elf, shdr->sh_link),
593 if (strshdr->sh_type != SHT_STRTAB)
595 ERROR (gettext ("section [%2d] '%s': referenced as string table for section [%2d] '%s' but type is not SHT_STRTAB\n"),
596 shdr->sh_link, section_name (ebl, shdr->sh_link),
597 idx, section_name (ebl, idx));
601 /* Search for an extended section index table section. */
602 Elf_Data *xndxdata = NULL;
603 Elf32_Word xndxscnidx = 0;
604 bool found_xndx = false;
605 for (size_t cnt = 1; cnt < shnum; ++cnt)
606 if (cnt != (size_t) idx)
608 Elf_Scn *xndxscn = elf_getscn (ebl->elf, cnt);
609 GElf_Shdr xndxshdr_mem;
610 GElf_Shdr *xndxshdr = gelf_getshdr (xndxscn, &xndxshdr_mem);
611 if (xndxshdr == NULL)
614 if (xndxshdr->sh_type == SHT_SYMTAB_SHNDX
615 && xndxshdr->sh_link == (GElf_Word) idx)
619 section [%2d] '%s': symbol table cannot have more than one extended index section\n"),
620 idx, section_name (ebl, idx));
622 xndxdata = elf_getdata (xndxscn, NULL);
623 xndxscnidx = elf_ndxscn (xndxscn);
628 if (shdr->sh_entsize != gelf_fsize (ebl->elf, ELF_T_SYM, 1, EV_CURRENT))
630 section [%2u] '%s': entry size is does not match ElfXX_Sym\n"),
631 idx, section_name (ebl, idx));
633 /* Test the zeroth entry. */
636 GElf_Sym *sym = gelf_getsymshndx (data, xndxdata, 0, &sym_mem, &xndx);
638 ERROR (gettext ("section [%2d] '%s': cannot get symbol %d: %s\n"),
639 idx, section_name (ebl, idx), 0, elf_errmsg (-1));
642 if (sym->st_name != 0)
643 ERROR (gettext ("section [%2d] '%s': '%s' in zeroth entry not zero\n"),
644 idx, section_name (ebl, idx), "st_name");
645 if (sym->st_value != 0)
646 ERROR (gettext ("section [%2d] '%s': '%s' in zeroth entry not zero\n"),
647 idx, section_name (ebl, idx), "st_value");
648 if (sym->st_size != 0)
649 ERROR (gettext ("section [%2d] '%s': '%s' in zeroth entry not zero\n"),
650 idx, section_name (ebl, idx), "st_size");
651 if (sym->st_info != 0)
652 ERROR (gettext ("section [%2d] '%s': '%s' in zeroth entry not zero\n"),
653 idx, section_name (ebl, idx), "st_info");
654 if (sym->st_other != 0)
655 ERROR (gettext ("section [%2d] '%s': '%s' in zeroth entry not zero\n"),
656 idx, section_name (ebl, idx), "st_other");
657 if (sym->st_shndx != 0)
658 ERROR (gettext ("section [%2d] '%s': '%s' in zeroth entry not zero\n"),
659 idx, section_name (ebl, idx), "st_shndx");
660 if (xndxdata != NULL && xndx != 0)
662 section [%2d] '%s': XINDEX for zeroth entry not zero\n"),
663 xndxscnidx, section_name (ebl, xndxscnidx));
666 for (size_t cnt = 1; cnt < shdr->sh_size / shdr->sh_entsize; ++cnt)
668 sym = gelf_getsymshndx (data, xndxdata, cnt, &sym_mem, &xndx);
671 ERROR (gettext ("section [%2d] '%s': cannot get symbol %zu: %s\n"),
672 idx, section_name (ebl, idx), cnt, elf_errmsg (-1));
676 const char *name = NULL;
679 else if (sym->st_name >= strshdr->sh_size)
681 section [%2d] '%s': symbol %zu: invalid name value\n"),
682 idx, section_name (ebl, idx), cnt);
685 name = elf_strptr (ebl->elf, shdr->sh_link, sym->st_name);
686 assert (name != NULL);
689 if (sym->st_shndx == SHN_XINDEX)
691 if (xndxdata == NULL)
695 section [%2d] '%s': symbol %zu: too large section index but no extended section index section\n"),
696 idx, section_name (ebl, idx), cnt);
697 no_xndx_warned = true;
699 else if (xndx < SHN_LORESERVE)
701 section [%2d] '%s': symbol %zu: XINDEX used for index which would fit in st_shndx (%" PRIu32 ")\n"),
702 xndxscnidx, section_name (ebl, xndxscnidx), cnt,
705 else if ((sym->st_shndx >= SHN_LORESERVE
706 // && sym->st_shndx <= SHN_HIRESERVE always true
707 && sym->st_shndx != SHN_ABS
708 && sym->st_shndx != SHN_COMMON)
709 || (sym->st_shndx >= shnum
710 && (sym->st_shndx < SHN_LORESERVE
711 /* || sym->st_shndx > SHN_HIRESERVE always false */)))
713 section [%2d] '%s': symbol %zu: invalid section index\n"),
714 idx, section_name (ebl, idx), cnt);
716 xndx = sym->st_shndx;
718 if (GELF_ST_TYPE (sym->st_info) >= STT_NUM
719 && !ebl_symbol_type_name (ebl, GELF_ST_TYPE (sym->st_info), NULL, 0))
720 ERROR (gettext ("section [%2d] '%s': symbol %zu: unknown type\n"),
721 idx, section_name (ebl, idx), cnt);
723 if (GELF_ST_BIND (sym->st_info) >= STB_NUM
724 && !ebl_symbol_binding_name (ebl, GELF_ST_BIND (sym->st_info), NULL,
727 section [%2d] '%s': symbol %zu: unknown symbol binding\n"),
728 idx, section_name (ebl, idx), cnt);
729 if (GELF_ST_BIND (sym->st_info) == STB_GNU_UNIQUE
730 && GELF_ST_TYPE (sym->st_info) != STT_OBJECT)
732 section [%2d] '%s': symbol %zu: unique symbol not of object type\n"),
733 idx, section_name (ebl, idx), cnt);
735 if (xndx == SHN_COMMON)
737 /* Common symbols can only appear in relocatable files. */
738 if (ehdr->e_type != ET_REL)
740 section [%2d] '%s': symbol %zu: COMMON only allowed in relocatable files\n"),
741 idx, section_name (ebl, idx), cnt);
742 if (cnt < shdr->sh_info)
744 section [%2d] '%s': symbol %zu: local COMMON symbols are nonsense\n"),
745 idx, section_name (ebl, idx), cnt);
746 if (GELF_R_TYPE (sym->st_info) == STT_FUNC)
748 section [%2d] '%s': symbol %zu: function in COMMON section is nonsense\n"),
749 idx, section_name (ebl, idx), cnt);
751 else if (xndx > 0 && xndx < shnum)
753 GElf_Shdr destshdr_mem;
756 destshdr = gelf_getshdr (elf_getscn (ebl->elf, xndx), &destshdr_mem);
757 if (destshdr != NULL)
759 GElf_Addr sh_addr = (ehdr->e_type == ET_REL ? 0
760 : destshdr->sh_addr);
761 if (GELF_ST_TYPE (sym->st_info) != STT_TLS)
763 if (! ebl_check_special_symbol (ebl, ehdr, sym, name,
766 if (sym->st_value - sh_addr > destshdr->sh_size)
768 /* GNU ld has severe bugs. When it decides to remove
769 empty sections it leaves symbols referencing them
770 behind. These are symbols in .symtab. */
772 || strcmp (section_name (ebl, idx), ".symtab")
773 || (strcmp (name, "__preinit_array_start") != 0
774 && strcmp (name, "__preinit_array_end") != 0
775 && strcmp (name, "__init_array_start") != 0
776 && strcmp (name, "__init_array_end") != 0
777 && strcmp (name, "__fini_array_start") != 0
778 && strcmp (name, "__fini_array_end") != 0))
780 section [%2d] '%s': symbol %zu: st_value out of bounds\n"),
781 idx, section_name (ebl, idx), cnt);
783 else if ((sym->st_value - sh_addr
784 + sym->st_size) > destshdr->sh_size)
786 section [%2d] '%s': symbol %zu does not fit completely in referenced section [%2d] '%s'\n"),
787 idx, section_name (ebl, idx), cnt,
788 (int) xndx, section_name (ebl, xndx));
793 if ((destshdr->sh_flags & SHF_TLS) == 0)
795 section [%2d] '%s': symbol %zu: referenced section [%2d] '%s' does not have SHF_TLS flag set\n"),
796 idx, section_name (ebl, idx), cnt,
797 (int) xndx, section_name (ebl, xndx));
799 if (ehdr->e_type == ET_REL)
801 /* For object files the symbol value must fall
803 if (sym->st_value > destshdr->sh_size)
805 section [%2d] '%s': symbol %zu: st_value out of bounds of referenced section [%2d] '%s'\n"),
806 idx, section_name (ebl, idx), cnt,
807 (int) xndx, section_name (ebl, xndx));
808 else if (sym->st_value + sym->st_size
811 section [%2d] '%s': symbol %zu does not fit completely in referenced section [%2d] '%s'\n"),
812 idx, section_name (ebl, idx), cnt,
813 (int) xndx, section_name (ebl, xndx));
818 GElf_Phdr *phdr = NULL;
821 for (pcnt = 0; pcnt < phnum; ++pcnt)
823 phdr = gelf_getphdr (ebl->elf, pcnt, &phdr_mem);
824 if (phdr != NULL && phdr->p_type == PT_TLS)
830 if (no_pt_tls++ == 0)
832 section [%2d] '%s': symbol %zu: TLS symbol but no TLS program header entry\n"),
833 idx, section_name (ebl, idx), cnt);
838 < destshdr->sh_offset - phdr->p_offset)
840 section [%2d] '%s': symbol %zu: st_value short of referenced section [%2d] '%s'\n"),
841 idx, section_name (ebl, idx), cnt,
842 (int) xndx, section_name (ebl, xndx));
843 else if (sym->st_value
844 > (destshdr->sh_offset - phdr->p_offset
845 + destshdr->sh_size))
847 section [%2d] '%s': symbol %zu: st_value out of bounds of referenced section [%2d] '%s'\n"),
848 idx, section_name (ebl, idx), cnt,
849 (int) xndx, section_name (ebl, xndx));
850 else if (sym->st_value + sym->st_size
851 > (destshdr->sh_offset - phdr->p_offset
852 + destshdr->sh_size))
854 section [%2d] '%s': symbol %zu does not fit completely in referenced section [%2d] '%s'\n"),
855 idx, section_name (ebl, idx), cnt,
856 (int) xndx, section_name (ebl, xndx));
863 if (GELF_ST_BIND (sym->st_info) == STB_LOCAL)
865 if (cnt >= shdr->sh_info)
867 section [%2d] '%s': symbol %zu: local symbol outside range described in sh_info\n"),
868 idx, section_name (ebl, idx), cnt);
872 if (cnt < shdr->sh_info)
874 section [%2d] '%s': symbol %zu: non-local symbol outside range described in sh_info\n"),
875 idx, section_name (ebl, idx), cnt);
878 if (GELF_ST_TYPE (sym->st_info) == STT_SECTION
879 && GELF_ST_BIND (sym->st_info) != STB_LOCAL)
881 section [%2d] '%s': symbol %zu: non-local section symbol\n"),
882 idx, section_name (ebl, idx), cnt);
886 if (strcmp (name, "_GLOBAL_OFFSET_TABLE_") == 0)
888 /* Check that address and size match the global offset table. */
890 GElf_Shdr destshdr_mem;
891 GElf_Shdr *destshdr = gelf_getshdr (elf_getscn (ebl->elf, xndx),
894 if (destshdr == NULL && xndx == SHN_ABS)
896 /* In a DSO, we have to find the GOT section by name. */
897 Elf_Scn *gotscn = NULL;
898 Elf_Scn *gscn = NULL;
899 while ((gscn = elf_nextscn (ebl->elf, gscn)) != NULL)
901 destshdr = gelf_getshdr (gscn, &destshdr_mem);
902 assert (destshdr != NULL);
903 const char *sname = elf_strptr (ebl->elf,
908 if (strcmp (sname, ".got.plt") == 0)
910 if (strcmp (sname, ".got") == 0)
911 /* Do not stop looking.
912 There might be a .got.plt section. */
919 if (destshdr == NULL && gotscn != NULL)
920 destshdr = gelf_getshdr (gotscn, &destshdr_mem);
923 const char *sname = ((destshdr == NULL || xndx == SHN_UNDEF)
925 : elf_strptr (ebl->elf, ehdr->e_shstrndx,
929 if (xndx != SHN_UNDEF || ehdr->e_type != ET_REL)
931 section [%2d] '%s': _GLOBAL_OFFSET_TABLE_ symbol refers to \
932 bad section [%2d]\n"),
933 idx, section_name (ebl, idx), xndx);
935 else if (strcmp (sname, ".got.plt") != 0
936 && strcmp (sname, ".got") != 0)
938 section [%2d] '%s': _GLOBAL_OFFSET_TABLE_ symbol refers to \
939 section [%2d] '%s'\n"),
940 idx, section_name (ebl, idx), xndx, sname);
942 if (destshdr != NULL)
945 if (!ebl_check_special_symbol (ebl, ehdr, sym, name,
948 if (ehdr->e_type != ET_REL
949 && sym->st_value != destshdr->sh_addr)
950 /* This test is more strict than the psABIs which
951 usually allow the symbol to be in the middle of
952 the .got section, allowing negative offsets. */
954 section [%2d] '%s': _GLOBAL_OFFSET_TABLE_ symbol value %#" PRIx64 " does not match %s section address %#" PRIx64 "\n"),
955 idx, section_name (ebl, idx),
956 (uint64_t) sym->st_value,
957 sname, (uint64_t) destshdr->sh_addr);
959 if (!gnuld && sym->st_size != destshdr->sh_size)
961 section [%2d] '%s': _GLOBAL_OFFSET_TABLE_ symbol size %" PRIu64 " does not match %s section size %" PRIu64 "\n"),
962 idx, section_name (ebl, idx),
963 (uint64_t) sym->st_size,
964 sname, (uint64_t) destshdr->sh_size);
969 section [%2d] '%s': _GLOBAL_OFFSET_TABLE_ symbol present, but no .got section\n"),
970 idx, section_name (ebl, idx));
972 else if (strcmp (name, "_DYNAMIC") == 0)
973 /* Check that address and size match the dynamic section.
974 We locate the dynamic section via the program header
976 for (unsigned int pcnt = 0; pcnt < phnum; ++pcnt)
979 GElf_Phdr *phdr = gelf_getphdr (ebl->elf, pcnt, &phdr_mem);
981 if (phdr != NULL && phdr->p_type == PT_DYNAMIC)
983 if (sym->st_value != phdr->p_vaddr)
985 section [%2d] '%s': _DYNAMIC_ symbol value %#" PRIx64 " does not match dynamic segment address %#" PRIx64 "\n"),
986 idx, section_name (ebl, idx),
987 (uint64_t) sym->st_value,
988 (uint64_t) phdr->p_vaddr);
990 if (!gnuld && sym->st_size != phdr->p_memsz)
992 section [%2d] '%s': _DYNAMIC symbol size %" PRIu64 " does not match dynamic segment size %" PRIu64 "\n"),
993 idx, section_name (ebl, idx),
994 (uint64_t) sym->st_size,
995 (uint64_t) phdr->p_memsz);
1002 if (GELF_ST_VISIBILITY (sym->st_other) != STV_DEFAULT
1003 && shdr->sh_type == SHT_DYNSYM)
1005 section [%2d] '%s': symbol %zu: symbol in dynamic symbol table with non-default visibility\n"),
1006 idx, section_name (ebl, idx), cnt);
1007 if (! ebl_check_st_other_bits (ebl, sym->st_other))
1009 section [%2d] '%s': symbol %zu: unknown bit set in st_other\n"),
1010 idx, section_name (ebl, idx), cnt);
1017 is_rel_dyn (Ebl *ebl, const GElf_Ehdr *ehdr, int idx, const GElf_Shdr *shdr,
1020 /* If this is no executable or DSO it cannot be a .rel.dyn section. */
1021 if (ehdr->e_type != ET_EXEC && ehdr->e_type != ET_DYN)
1024 /* Check the section name. Unfortunately necessary. */
1025 if (strcmp (section_name (ebl, idx), is_rela ? ".rela.dyn" : ".rel.dyn"))
1028 /* When a .rel.dyn section is used a DT_RELCOUNT dynamic section
1029 entry can be present as well. */
1030 Elf_Scn *scn = NULL;
1031 while ((scn = elf_nextscn (ebl->elf, scn)) != NULL)
1033 GElf_Shdr rcshdr_mem;
1034 const GElf_Shdr *rcshdr = gelf_getshdr (scn, &rcshdr_mem);
1035 assert (rcshdr != NULL);
1037 if (rcshdr->sh_type == SHT_DYNAMIC)
1039 /* Found the dynamic section. Look through it. */
1040 Elf_Data *d = elf_getdata (scn, NULL);
1043 for (cnt = 1; cnt < rcshdr->sh_size / rcshdr->sh_entsize; ++cnt)
1046 GElf_Dyn *dyn = gelf_getdyn (d, cnt, &dyn_mem);
1047 assert (dyn != NULL);
1049 if (dyn->d_tag == DT_RELCOUNT)
1051 /* Found it. Does the type match. */
1054 section [%2d] '%s': DT_RELCOUNT used for this RELA section\n"),
1055 idx, section_name (ebl, idx));
1058 /* Does the number specified number of relative
1059 relocations exceed the total number of
1061 if (dyn->d_un.d_val > shdr->sh_size / shdr->sh_entsize)
1063 section [%2d] '%s': DT_RELCOUNT value %d too high for this section\n"),
1064 idx, section_name (ebl, idx),
1065 (int) dyn->d_un.d_val);
1067 /* Make sure the specified number of relocations are
1069 Elf_Data *reldata = elf_getdata (elf_getscn (ebl->elf,
1071 if (reldata != NULL)
1072 for (size_t inner = 0;
1073 inner < shdr->sh_size / shdr->sh_entsize;
1077 GElf_Rel *rel = gelf_getrel (reldata, inner,
1080 /* The problem will be reported elsewhere. */
1083 if (ebl_relative_reloc_p (ebl,
1084 GELF_R_TYPE (rel->r_info)))
1086 if (inner >= dyn->d_un.d_val)
1088 section [%2d] '%s': relative relocations after index %d as specified by DT_RELCOUNT\n"),
1089 idx, section_name (ebl, idx),
1090 (int) dyn->d_un.d_val);
1092 else if (inner < dyn->d_un.d_val)
1094 section [%2d] '%s': non-relative relocation at index %zu; DT_RELCOUNT specified %d relative relocations\n"),
1095 idx, section_name (ebl, idx),
1096 inner, (int) dyn->d_un.d_val);
1101 if (dyn->d_tag == DT_RELACOUNT)
1103 /* Found it. Does the type match. */
1106 section [%2d] '%s': DT_RELACOUNT used for this REL section\n"),
1107 idx, section_name (ebl, idx));
1110 /* Does the number specified number of relative
1111 relocations exceed the total number of
1113 if (dyn->d_un.d_val > shdr->sh_size / shdr->sh_entsize)
1115 section [%2d] '%s': DT_RELCOUNT value %d too high for this section\n"),
1116 idx, section_name (ebl, idx),
1117 (int) dyn->d_un.d_val);
1119 /* Make sure the specified number of relocations are
1121 Elf_Data *reldata = elf_getdata (elf_getscn (ebl->elf,
1123 if (reldata != NULL)
1124 for (size_t inner = 0;
1125 inner < shdr->sh_size / shdr->sh_entsize;
1129 GElf_Rela *rela = gelf_getrela (reldata, inner,
1132 /* The problem will be reported elsewhere. */
1135 if (ebl_relative_reloc_p (ebl,
1136 GELF_R_TYPE (rela->r_info)))
1138 if (inner >= dyn->d_un.d_val)
1140 section [%2d] '%s': relative relocations after index %d as specified by DT_RELCOUNT\n"),
1141 idx, section_name (ebl, idx),
1142 (int) dyn->d_un.d_val);
1144 else if (inner < dyn->d_un.d_val)
1146 section [%2d] '%s': non-relative relocation at index %zu; DT_RELCOUNT specified %d relative relocations\n"),
1147 idx, section_name (ebl, idx),
1148 inner, (int) dyn->d_un.d_val);
1162 struct loaded_segment
1167 struct loaded_segment *next;
1171 /* Check whether binary has text relocation flag set. */
1172 static bool textrel;
1174 /* Keep track of whether text relocation flag is needed. */
1175 static bool needed_textrel;
1179 check_reloc_shdr (Ebl *ebl, const GElf_Ehdr *ehdr, const GElf_Shdr *shdr,
1180 int idx, int reltype, GElf_Shdr **destshdrp,
1181 GElf_Shdr *destshdr_memp, struct loaded_segment **loadedp)
1183 bool reldyn = false;
1185 /* Check whether the link to the section we relocate is reasonable. */
1186 if (shdr->sh_info >= shnum)
1187 ERROR (gettext ("section [%2d] '%s': invalid destination section index\n"),
1188 idx, section_name (ebl, idx));
1189 else if (shdr->sh_info != 0)
1191 *destshdrp = gelf_getshdr (elf_getscn (ebl->elf, shdr->sh_info),
1193 if (*destshdrp != NULL)
1195 if((*destshdrp)->sh_type != SHT_PROGBITS
1196 && (*destshdrp)->sh_type != SHT_NOBITS)
1198 reldyn = is_rel_dyn (ebl, ehdr, idx, shdr, true);
1201 section [%2d] '%s': invalid destination section type\n"),
1202 idx, section_name (ebl, idx));
1205 /* There is no standard, but we require that .rel{,a}.dyn
1206 sections have a sh_info value of zero. */
1207 if (shdr->sh_info != 0)
1209 section [%2d] '%s': sh_info should be zero\n"),
1210 idx, section_name (ebl, idx));
1214 if (((*destshdrp)->sh_flags & (SHF_MERGE | SHF_STRINGS)) != 0)
1216 section [%2d] '%s': no relocations for merge-able sections possible\n"),
1217 idx, section_name (ebl, idx));
1221 if (shdr->sh_entsize != gelf_fsize (ebl->elf, reltype, 1, EV_CURRENT))
1222 ERROR (gettext (reltype == ELF_T_RELA ? "\
1223 section [%2d] '%s': section entry size does not match ElfXX_Rela\n" : "\
1224 section [%2d] '%s': section entry size does not match ElfXX_Rel\n"),
1225 idx, section_name (ebl, idx));
1227 /* In preparation of checking whether relocations are text
1228 relocations or not we need to determine whether the file is
1229 flagged to have text relocation and we need to determine a) what
1230 the loaded segments are and b) which are read-only. This will
1231 also allow us to determine whether the same reloc section is
1232 modifying loaded and not loaded segments. */
1233 for (unsigned int i = 0; i < phnum; ++i)
1236 GElf_Phdr *phdr = gelf_getphdr (ebl->elf, i, &phdr_mem);
1240 if (phdr->p_type == PT_LOAD)
1242 struct loaded_segment *newp = xmalloc (sizeof (*newp));
1243 newp->from = phdr->p_vaddr;
1244 newp->to = phdr->p_vaddr + phdr->p_memsz;
1245 newp->read_only = (phdr->p_flags & PF_W) == 0;
1246 newp->next = *loadedp;
1249 else if (phdr->p_type == PT_DYNAMIC)
1251 Elf_Scn *dynscn = gelf_offscn (ebl->elf, phdr->p_offset);
1252 GElf_Shdr dynshdr_mem;
1253 GElf_Shdr *dynshdr = gelf_getshdr (dynscn, &dynshdr_mem);
1254 Elf_Data *dyndata = elf_getdata (dynscn, NULL);
1255 if (dynshdr != NULL && dynshdr->sh_type == SHT_DYNAMIC
1257 for (size_t j = 0; j < dynshdr->sh_size / dynshdr->sh_entsize; ++j)
1260 GElf_Dyn *dyn = gelf_getdyn (dyndata, j, &dyn_mem);
1262 && (dyn->d_tag == DT_TEXTREL
1263 || (dyn->d_tag == DT_FLAGS
1264 && (dyn->d_un.d_val & DF_TEXTREL) != 0)))
1273 /* A quick test which can be easily done here (although it is a bit
1274 out of place): the text relocation flag makes only sense if there
1275 is a segment which is not writable. */
1278 struct loaded_segment *seg = *loadedp;
1279 while (seg != NULL && !seg->read_only)
1283 text relocation flag set but there is no read-only segment\n"));
1300 check_one_reloc (Ebl *ebl, GElf_Ehdr *ehdr, GElf_Shdr *relshdr, int idx,
1301 size_t cnt, const GElf_Shdr *symshdr, Elf_Data *symdata,
1302 GElf_Addr r_offset, GElf_Xword r_info,
1303 const GElf_Shdr *destshdr, bool reldyn,
1304 struct loaded_segment *loaded, enum load_state *statep)
1306 bool known_broken = gnuld;
1308 if (!ebl_reloc_type_check (ebl, GELF_R_TYPE (r_info)))
1309 ERROR (gettext ("section [%2d] '%s': relocation %zu: invalid type\n"),
1310 idx, section_name (ebl, idx), cnt);
1311 else if (((ehdr->e_type != ET_EXEC && ehdr->e_type != ET_DYN)
1312 /* The executable/DSO can contain relocation sections with
1313 all the relocations the linker has applied. Those sections
1314 are marked non-loaded, though. */
1315 || (relshdr->sh_flags & SHF_ALLOC) != 0)
1316 && !ebl_reloc_valid_use (ebl, GELF_R_TYPE (r_info)))
1318 section [%2d] '%s': relocation %zu: relocation type invalid for the file type\n"),
1319 idx, section_name (ebl, idx), cnt);
1322 && ((GELF_R_SYM (r_info) + 1)
1323 * gelf_fsize (ebl->elf, ELF_T_SYM, 1, EV_CURRENT)
1324 > symshdr->sh_size))
1326 section [%2d] '%s': relocation %zu: invalid symbol index\n"),
1327 idx, section_name (ebl, idx), cnt);
1329 /* No more tests if this is a no-op relocation. */
1330 if (ebl_none_reloc_p (ebl, GELF_R_TYPE (r_info)))
1333 if (ebl_gotpc_reloc_check (ebl, GELF_R_TYPE (r_info)))
1338 GElf_Sym *sym = gelf_getsym (symdata, GELF_R_SYM (r_info), &sym_mem);
1340 /* Get the name for the symbol. */
1341 && (name = elf_strptr (ebl->elf, symshdr->sh_link, sym->st_name))
1342 && strcmp (name, "_GLOBAL_OFFSET_TABLE_") !=0 )
1344 section [%2d] '%s': relocation %zu: only symbol '_GLOBAL_OFFSET_TABLE_' can be used with %s\n"),
1345 idx, section_name (ebl, idx), cnt,
1346 ebl_reloc_type_name (ebl, GELF_R_SYM (r_info),
1347 buf, sizeof (buf)));
1352 // XXX TODO Check .rel.dyn section addresses.
1354 else if (!known_broken)
1356 if (destshdr != NULL
1357 && GELF_R_TYPE (r_info) != 0
1358 && (r_offset - (ehdr->e_type == ET_REL ? 0
1359 : destshdr->sh_addr)) >= destshdr->sh_size)
1361 section [%2d] '%s': relocation %zu: offset out of bounds\n"),
1362 idx, section_name (ebl, idx), cnt);
1366 GElf_Sym *sym = gelf_getsym (symdata, GELF_R_SYM (r_info), &sym_mem);
1368 if (ebl_copy_reloc_p (ebl, GELF_R_TYPE (r_info))
1369 /* Make sure the referenced symbol is an object or unspecified. */
1371 && GELF_ST_TYPE (sym->st_info) != STT_NOTYPE
1372 && GELF_ST_TYPE (sym->st_info) != STT_OBJECT)
1375 ERROR (gettext ("section [%2d] '%s': relocation %zu: copy relocation against symbol of type %s\n"),
1376 idx, section_name (ebl, idx), cnt,
1377 ebl_symbol_type_name (ebl, GELF_ST_TYPE (sym->st_info),
1378 buf, sizeof (buf)));
1381 if ((ehdr->e_type != ET_EXEC && ehdr->e_type != ET_DYN)
1382 || (relshdr->sh_flags & SHF_ALLOC) != 0)
1384 bool in_loaded_seg = false;
1385 while (loaded != NULL)
1387 if (r_offset < loaded->to
1388 && r_offset + (sym == NULL ? 0 : sym->st_size) >= loaded->from)
1390 /* The symbol is in this segment. */
1391 if (loaded->read_only)
1394 needed_textrel = true;
1396 ERROR (gettext ("section [%2d] '%s': relocation %zu: read-only section modified but text relocation flag not set\n"),
1397 idx, section_name (ebl, idx), cnt);
1400 in_loaded_seg = true;
1403 loaded = loaded->next;
1406 if (*statep == state_undecided)
1407 *statep = in_loaded_seg ? state_loaded : state_unloaded;
1408 else if ((*statep == state_unloaded && in_loaded_seg)
1409 || (*statep == state_loaded && !in_loaded_seg))
1412 section [%2d] '%s': relocations are against loaded and unloaded data\n"),
1413 idx, section_name (ebl, idx));
1414 *statep = state_error;
1421 check_rela (Ebl *ebl, GElf_Ehdr *ehdr, GElf_Shdr *shdr, int idx)
1423 Elf_Data *data = elf_getdata (elf_getscn (ebl->elf, idx), NULL);
1426 ERROR (gettext ("section [%2d] '%s': cannot get section data\n"),
1427 idx, section_name (ebl, idx));
1431 /* Check the fields of the section header. */
1432 GElf_Shdr destshdr_mem;
1433 GElf_Shdr *destshdr = NULL;
1434 struct loaded_segment *loaded = NULL;
1435 bool reldyn = check_reloc_shdr (ebl, ehdr, shdr, idx, ELF_T_RELA, &destshdr,
1436 &destshdr_mem, &loaded);
1438 Elf_Scn *symscn = elf_getscn (ebl->elf, shdr->sh_link);
1439 GElf_Shdr symshdr_mem;
1440 GElf_Shdr *symshdr = gelf_getshdr (symscn, &symshdr_mem);
1441 Elf_Data *symdata = elf_getdata (symscn, NULL);
1442 enum load_state state = state_undecided;
1444 for (size_t cnt = 0; cnt < shdr->sh_size / shdr->sh_entsize; ++cnt)
1447 GElf_Rela *rela = gelf_getrela (data, cnt, &rela_mem);
1451 section [%2d] '%s': cannot get relocation %zu: %s\n"),
1452 idx, section_name (ebl, idx), cnt, elf_errmsg (-1));
1456 check_one_reloc (ebl, ehdr, shdr, idx, cnt, symshdr, symdata,
1457 rela->r_offset, rela->r_info, destshdr, reldyn, loaded,
1461 while (loaded != NULL)
1463 struct loaded_segment *old = loaded;
1464 loaded = loaded->next;
1471 check_rel (Ebl *ebl, GElf_Ehdr *ehdr, GElf_Shdr *shdr, int idx)
1473 Elf_Data *data = elf_getdata (elf_getscn (ebl->elf, idx), NULL);
1476 ERROR (gettext ("section [%2d] '%s': cannot get section data\n"),
1477 idx, section_name (ebl, idx));
1481 /* Check the fields of the section header. */
1482 GElf_Shdr destshdr_mem;
1483 GElf_Shdr *destshdr = NULL;
1484 struct loaded_segment *loaded = NULL;
1485 bool reldyn = check_reloc_shdr (ebl, ehdr, shdr, idx, ELF_T_REL, &destshdr,
1486 &destshdr_mem, &loaded);
1488 Elf_Scn *symscn = elf_getscn (ebl->elf, shdr->sh_link);
1489 GElf_Shdr symshdr_mem;
1490 GElf_Shdr *symshdr = gelf_getshdr (symscn, &symshdr_mem);
1491 Elf_Data *symdata = elf_getdata (symscn, NULL);
1492 enum load_state state = state_undecided;
1494 for (size_t cnt = 0; cnt < shdr->sh_size / shdr->sh_entsize; ++cnt)
1497 GElf_Rel *rel = gelf_getrel (data, cnt, &rel_mem);
1501 section [%2d] '%s': cannot get relocation %zu: %s\n"),
1502 idx, section_name (ebl, idx), cnt, elf_errmsg (-1));
1506 check_one_reloc (ebl, ehdr, shdr, idx, cnt, symshdr, symdata,
1507 rel->r_offset, rel->r_info, destshdr, reldyn, loaded,
1511 while (loaded != NULL)
1513 struct loaded_segment *old = loaded;
1514 loaded = loaded->next;
1520 /* Number of dynamic sections. */
1521 static int ndynamic;
1525 check_dynamic (Ebl *ebl, GElf_Ehdr *ehdr, GElf_Shdr *shdr, int idx)
1528 GElf_Shdr strshdr_mem;
1531 static const bool dependencies[DT_NUM][DT_NUM] =
1533 [DT_NEEDED] = { [DT_STRTAB] = true },
1534 [DT_PLTRELSZ] = { [DT_JMPREL] = true },
1535 [DT_HASH] = { [DT_SYMTAB] = true },
1536 [DT_STRTAB] = { [DT_STRSZ] = true },
1537 [DT_SYMTAB] = { [DT_STRTAB] = true, [DT_SYMENT] = true },
1538 [DT_RELA] = { [DT_RELASZ] = true, [DT_RELAENT] = true },
1539 [DT_RELASZ] = { [DT_RELA] = true },
1540 [DT_RELAENT] = { [DT_RELA] = true },
1541 [DT_STRSZ] = { [DT_STRTAB] = true },
1542 [DT_SYMENT] = { [DT_SYMTAB] = true },
1543 [DT_SONAME] = { [DT_STRTAB] = true },
1544 [DT_RPATH] = { [DT_STRTAB] = true },
1545 [DT_REL] = { [DT_RELSZ] = true, [DT_RELENT] = true },
1546 [DT_RELSZ] = { [DT_REL] = true },
1547 [DT_RELENT] = { [DT_REL] = true },
1548 [DT_JMPREL] = { [DT_PLTRELSZ] = true, [DT_PLTREL] = true },
1549 [DT_RUNPATH] = { [DT_STRTAB] = true },
1550 [DT_PLTREL] = { [DT_JMPREL] = true },
1552 bool has_dt[DT_NUM];
1553 bool has_val_dt[DT_VALNUM];
1554 bool has_addr_dt[DT_ADDRNUM];
1555 static const bool level2[DT_NUM] =
1558 [DT_SYMBOLIC] = true,
1559 [DT_TEXTREL] = true,
1560 [DT_BIND_NOW] = true
1562 static const bool mandatory[DT_NUM] =
1571 memset (has_dt, '\0', sizeof (has_dt));
1572 memset (has_val_dt, '\0', sizeof (has_val_dt));
1573 memset (has_addr_dt, '\0', sizeof (has_addr_dt));
1575 if (++ndynamic == 2)
1576 ERROR (gettext ("more than one dynamic section present\n"));
1578 data = elf_getdata (elf_getscn (ebl->elf, idx), NULL);
1581 ERROR (gettext ("section [%2d] '%s': cannot get section data\n"),
1582 idx, section_name (ebl, idx));
1586 strshdr = gelf_getshdr (elf_getscn (ebl->elf, shdr->sh_link), &strshdr_mem);
1587 if (strshdr != NULL && strshdr->sh_type != SHT_STRTAB)
1589 section [%2d] '%s': referenced as string table for section [%2d] '%s' but type is not SHT_STRTAB\n"),
1590 shdr->sh_link, section_name (ebl, shdr->sh_link),
1591 idx, section_name (ebl, idx));
1593 if (shdr->sh_entsize != gelf_fsize (ebl->elf, ELF_T_DYN, 1, EV_CURRENT))
1595 section [%2d] '%s': section entry size does not match ElfXX_Dyn\n"),
1596 idx, section_name (ebl, idx));
1598 if (shdr->sh_info != 0)
1599 ERROR (gettext ("section [%2d] '%s': sh_info not zero\n"),
1600 idx, section_name (ebl, idx));
1602 bool non_null_warned = false;
1603 for (cnt = 0; cnt < shdr->sh_size / shdr->sh_entsize; ++cnt)
1606 GElf_Dyn *dyn = gelf_getdyn (data, cnt, &dyn_mem);
1610 section [%2d] '%s': cannot get dynamic section entry %zu: %s\n"),
1611 idx, section_name (ebl, idx), cnt, elf_errmsg (-1));
1615 if (has_dt[DT_NULL] && dyn->d_tag != DT_NULL && ! non_null_warned)
1618 section [%2d] '%s': non-DT_NULL entries follow DT_NULL entry\n"),
1619 idx, section_name (ebl, idx));
1620 non_null_warned = true;
1623 if (!ebl_dynamic_tag_check (ebl, dyn->d_tag))
1624 ERROR (gettext ("section [%2d] '%s': entry %zu: unknown tag\n"),
1625 idx, section_name (ebl, idx), cnt);
1627 if (dyn->d_tag >= 0 && dyn->d_tag < DT_NUM)
1629 if (has_dt[dyn->d_tag]
1630 && dyn->d_tag != DT_NEEDED
1631 && dyn->d_tag != DT_NULL
1632 && dyn->d_tag != DT_POSFLAG_1)
1636 section [%2d] '%s': entry %zu: more than one entry with tag %s\n"),
1637 idx, section_name (ebl, idx), cnt,
1638 ebl_dynamic_tag_name (ebl, dyn->d_tag,
1639 buf, sizeof (buf)));
1642 if (be_strict && level2[dyn->d_tag])
1646 section [%2d] '%s': entry %zu: level 2 tag %s used\n"),
1647 idx, section_name (ebl, idx), cnt,
1648 ebl_dynamic_tag_name (ebl, dyn->d_tag,
1649 buf, sizeof (buf)));
1652 has_dt[dyn->d_tag] = true;
1654 else if (dyn->d_tag <= DT_VALRNGHI
1655 && DT_VALTAGIDX (dyn->d_tag) < DT_VALNUM)
1656 has_val_dt[DT_VALTAGIDX (dyn->d_tag)] = true;
1657 else if (dyn->d_tag <= DT_ADDRRNGHI
1658 && DT_ADDRTAGIDX (dyn->d_tag) < DT_ADDRNUM)
1659 has_addr_dt[DT_ADDRTAGIDX (dyn->d_tag)] = true;
1661 if (dyn->d_tag == DT_PLTREL && dyn->d_un.d_val != DT_REL
1662 && dyn->d_un.d_val != DT_RELA)
1664 section [%2d] '%s': entry %zu: DT_PLTREL value must be DT_REL or DT_RELA\n"),
1665 idx, section_name (ebl, idx), cnt);
1667 /* Check that addresses for entries are in loaded segments. */
1672 /* We require the referenced section is the same as the one
1673 specified in sh_link. */
1674 if (strshdr->sh_addr != dyn->d_un.d_val)
1677 section [%2d] '%s': entry %zu: pointer does not match address of section [%2d] '%s' referenced by sh_link\n"),
1678 idx, section_name (ebl, idx), cnt,
1679 shdr->sh_link, section_name (ebl, shdr->sh_link));
1685 if (dyn->d_tag < DT_ADDRRNGLO || dyn->d_tag > DT_ADDRRNGHI)
1686 /* Value is no pointer. */
1707 for (n = 0; n < phnum; ++n)
1710 GElf_Phdr *phdr = gelf_getphdr (ebl->elf, n, &phdr_mem);
1711 if (phdr != NULL && phdr->p_type == PT_LOAD
1712 && phdr->p_vaddr <= dyn->d_un.d_ptr
1713 && phdr->p_vaddr + phdr->p_memsz > dyn->d_un.d_ptr)
1716 if (unlikely (n >= phnum))
1720 section [%2d] '%s': entry %zu: %s value must point into loaded segment\n"),
1721 idx, section_name (ebl, idx), cnt,
1722 ebl_dynamic_tag_name (ebl, dyn->d_tag, buf,
1731 if (dyn->d_un.d_ptr >= strshdr->sh_size)
1735 section [%2d] '%s': entry %zu: %s value must be valid offset in section [%2d] '%s'\n"),
1736 idx, section_name (ebl, idx), cnt,
1737 ebl_dynamic_tag_name (ebl, dyn->d_tag, buf,
1739 shdr->sh_link, section_name (ebl, shdr->sh_link));
1745 for (cnt = 1; cnt < DT_NUM; ++cnt)
1748 for (int inner = 0; inner < DT_NUM; ++inner)
1749 if (dependencies[cnt][inner] && ! has_dt[inner])
1755 section [%2d] '%s': contains %s entry but not %s\n"),
1756 idx, section_name (ebl, idx),
1757 ebl_dynamic_tag_name (ebl, cnt, buf1, sizeof (buf1)),
1758 ebl_dynamic_tag_name (ebl, inner, buf2, sizeof (buf2)));
1767 section [%2d] '%s': mandatory tag %s not present\n"),
1768 idx, section_name (ebl, idx),
1769 ebl_dynamic_tag_name (ebl, cnt, buf, sizeof (buf)));
1773 /* Make sure we have an hash table. */
1774 if (!has_dt[DT_HASH] && !has_addr_dt[DT_ADDRTAGIDX (DT_GNU_HASH)])
1776 section [%2d] '%s': no hash section present\n"),
1777 idx, section_name (ebl, idx));
1779 /* The GNU-style hash table also needs a symbol table. */
1780 if (!has_dt[DT_HASH] && has_addr_dt[DT_ADDRTAGIDX (DT_GNU_HASH)]
1781 && !has_dt[DT_SYMTAB])
1783 section [%2d] '%s': contains %s entry but not %s\n"),
1784 idx, section_name (ebl, idx),
1785 "DT_GNU_HASH", "DT_SYMTAB");
1787 /* Check the rel/rela tags. At least one group must be available. */
1788 if ((has_dt[DT_RELA] || has_dt[DT_RELASZ] || has_dt[DT_RELAENT])
1789 && (!has_dt[DT_RELA] || !has_dt[DT_RELASZ] || !has_dt[DT_RELAENT]))
1791 section [%2d] '%s': not all of %s, %s, and %s are present\n"),
1792 idx, section_name (ebl, idx),
1793 "DT_RELA", "DT_RELASZ", "DT_RELAENT");
1795 if ((has_dt[DT_REL] || has_dt[DT_RELSZ] || has_dt[DT_RELENT])
1796 && (!has_dt[DT_REL] || !has_dt[DT_RELSZ] || !has_dt[DT_RELENT]))
1798 section [%2d] '%s': not all of %s, %s, and %s are present\n"),
1799 idx, section_name (ebl, idx),
1800 "DT_REL", "DT_RELSZ", "DT_RELENT");
1802 /* Check that all prelink sections are present if any of them is. */
1803 if (has_val_dt[DT_VALTAGIDX (DT_GNU_PRELINKED)]
1804 || has_val_dt[DT_VALTAGIDX (DT_CHECKSUM)])
1806 if (!has_val_dt[DT_VALTAGIDX (DT_GNU_PRELINKED)])
1808 section [%2d] '%s': %s tag missing in DSO marked during prelinking\n"),
1809 idx, section_name (ebl, idx), "DT_GNU_PRELINKED");
1810 if (!has_val_dt[DT_VALTAGIDX (DT_CHECKSUM)])
1812 section [%2d] '%s': %s tag missing in DSO marked during prelinking\n"),
1813 idx, section_name (ebl, idx), "DT_CHECKSUM");
1815 /* Only DSOs can be marked like this. */
1816 if (ehdr->e_type != ET_DYN)
1818 section [%2d] '%s': non-DSO file marked as dependency during prelink\n"),
1819 idx, section_name (ebl, idx));
1822 if (has_val_dt[DT_VALTAGIDX (DT_GNU_CONFLICTSZ)]
1823 || has_val_dt[DT_VALTAGIDX (DT_GNU_LIBLISTSZ)]
1824 || has_addr_dt[DT_ADDRTAGIDX (DT_GNU_CONFLICT)]
1825 || has_addr_dt[DT_ADDRTAGIDX (DT_GNU_LIBLIST)])
1827 if (!has_val_dt[DT_VALTAGIDX (DT_GNU_CONFLICTSZ)])
1829 section [%2d] '%s': %s tag missing in prelinked executable\n"),
1830 idx, section_name (ebl, idx), "DT_GNU_CONFLICTSZ");
1831 if (!has_val_dt[DT_VALTAGIDX (DT_GNU_LIBLISTSZ)])
1833 section [%2d] '%s': %s tag missing in prelinked executable\n"),
1834 idx, section_name (ebl, idx), "DT_GNU_LIBLISTSZ");
1835 if (!has_addr_dt[DT_ADDRTAGIDX (DT_GNU_CONFLICT)])
1837 section [%2d] '%s': %s tag missing in prelinked executable\n"),
1838 idx, section_name (ebl, idx), "DT_GNU_CONFLICT");
1839 if (!has_addr_dt[DT_ADDRTAGIDX (DT_GNU_LIBLIST)])
1841 section [%2d] '%s': %s tag missing in prelinked executable\n"),
1842 idx, section_name (ebl, idx), "DT_GNU_LIBLIST");
1848 check_symtab_shndx (Ebl *ebl, GElf_Ehdr *ehdr, GElf_Shdr *shdr, int idx)
1850 if (ehdr->e_type != ET_REL)
1853 section [%2d] '%s': only relocatable files can have extended section index\n"),
1854 idx, section_name (ebl, idx));
1858 Elf_Scn *symscn = elf_getscn (ebl->elf, shdr->sh_link);
1859 GElf_Shdr symshdr_mem;
1860 GElf_Shdr *symshdr = gelf_getshdr (symscn, &symshdr_mem);
1861 if (symshdr != NULL && symshdr->sh_type != SHT_SYMTAB)
1863 section [%2d] '%s': extended section index section not for symbol table\n"),
1864 idx, section_name (ebl, idx));
1865 Elf_Data *symdata = elf_getdata (symscn, NULL);
1866 if (symdata == NULL)
1867 ERROR (gettext ("cannot get data for symbol section\n"));
1869 if (shdr->sh_entsize != sizeof (Elf32_Word))
1871 section [%2d] '%s': entry size does not match Elf32_Word\n"),
1872 idx, section_name (ebl, idx));
1875 && (shdr->sh_size / shdr->sh_entsize
1876 < symshdr->sh_size / symshdr->sh_entsize))
1878 section [%2d] '%s': extended index table too small for symbol table\n"),
1879 idx, section_name (ebl, idx));
1881 if (shdr->sh_info != 0)
1882 ERROR (gettext ("section [%2d] '%s': sh_info not zero\n"),
1883 idx, section_name (ebl, idx));
1885 for (size_t cnt = idx + 1; cnt < shnum; ++cnt)
1887 GElf_Shdr rshdr_mem;
1888 GElf_Shdr *rshdr = gelf_getshdr (elf_getscn (ebl->elf, cnt), &rshdr_mem);
1889 if (rshdr != NULL && rshdr->sh_type == SHT_SYMTAB_SHNDX
1890 && rshdr->sh_link == shdr->sh_link)
1893 section [%2d] '%s': extended section index in section [%2zu] '%s' refers to same symbol table\n"),
1894 idx, section_name (ebl, idx),
1895 cnt, section_name (ebl, cnt));
1900 Elf_Data *data = elf_getdata (elf_getscn (ebl->elf, idx), NULL);
1902 if (*((Elf32_Word *) data->d_buf) != 0)
1903 ERROR (gettext ("symbol 0 should have zero extended section index\n"));
1905 for (size_t cnt = 1; cnt < data->d_size / sizeof (Elf32_Word); ++cnt)
1907 Elf32_Word xndx = ((Elf32_Word *) data->d_buf)[cnt];
1912 GElf_Sym *sym = gelf_getsym (symdata, cnt, &sym_data);
1915 ERROR (gettext ("cannot get data for symbol %zu\n"), cnt);
1919 if (sym->st_shndx != SHN_XINDEX)
1921 extended section index is %" PRIu32 " but symbol index is not XINDEX\n"),
1929 check_sysv_hash (Ebl *ebl, GElf_Shdr *shdr, Elf_Data *data, int idx,
1932 Elf32_Word nbucket = ((Elf32_Word *) data->d_buf)[0];
1933 Elf32_Word nchain = ((Elf32_Word *) data->d_buf)[1];
1935 if (shdr->sh_size < (2 + nbucket + nchain) * shdr->sh_entsize)
1937 section [%2d] '%s': hash table section is too small (is %ld, expected %ld)\n"),
1938 idx, section_name (ebl, idx), (long int) shdr->sh_size,
1939 (long int) ((2 + nbucket + nchain) * shdr->sh_entsize));
1941 size_t maxidx = nchain;
1943 if (symshdr != NULL)
1945 size_t symsize = symshdr->sh_size / symshdr->sh_entsize;
1947 if (nchain > symshdr->sh_size / symshdr->sh_entsize)
1948 ERROR (gettext ("section [%2d] '%s': chain array too large\n"),
1949 idx, section_name (ebl, idx));
1955 for (cnt = 2; cnt < 2 + nbucket; ++cnt)
1956 if (((Elf32_Word *) data->d_buf)[cnt] >= maxidx)
1958 section [%2d] '%s': hash bucket reference %zu out of bounds\n"),
1959 idx, section_name (ebl, idx), cnt - 2);
1961 for (; cnt < 2 + nbucket + nchain; ++cnt)
1962 if (((Elf32_Word *) data->d_buf)[cnt] >= maxidx)
1964 section [%2d] '%s': hash chain reference %zu out of bounds\n"),
1965 idx, section_name (ebl, idx), cnt - 2 - nbucket);
1970 check_sysv_hash64 (Ebl *ebl, GElf_Shdr *shdr, Elf_Data *data, int idx,
1973 Elf64_Xword nbucket = ((Elf64_Xword *) data->d_buf)[0];
1974 Elf64_Xword nchain = ((Elf64_Xword *) data->d_buf)[1];
1976 if (shdr->sh_size < (2 + nbucket + nchain) * shdr->sh_entsize)
1978 section [%2d] '%s': hash table section is too small (is %ld, expected %ld)\n"),
1979 idx, section_name (ebl, idx), (long int) shdr->sh_size,
1980 (long int) ((2 + nbucket + nchain) * shdr->sh_entsize));
1982 size_t maxidx = nchain;
1984 if (symshdr != NULL)
1986 size_t symsize = symshdr->sh_size / symshdr->sh_entsize;
1988 if (nchain > symshdr->sh_size / symshdr->sh_entsize)
1989 ERROR (gettext ("section [%2d] '%s': chain array too large\n"),
1990 idx, section_name (ebl, idx));
1996 for (cnt = 2; cnt < 2 + nbucket; ++cnt)
1997 if (((Elf64_Xword *) data->d_buf)[cnt] >= maxidx)
1999 section [%2d] '%s': hash bucket reference %zu out of bounds\n"),
2000 idx, section_name (ebl, idx), cnt - 2);
2002 for (; cnt < 2 + nbucket + nchain; ++cnt)
2003 if (((Elf64_Xword *) data->d_buf)[cnt] >= maxidx)
2005 section [%2d] '%s': hash chain reference %" PRIu64 " out of bounds\n"),
2006 idx, section_name (ebl, idx), (uint64_t) (cnt - 2 - nbucket));
2011 check_gnu_hash (Ebl *ebl, GElf_Shdr *shdr, Elf_Data *data, int idx,
2014 Elf32_Word nbuckets = ((Elf32_Word *) data->d_buf)[0];
2015 Elf32_Word symbias = ((Elf32_Word *) data->d_buf)[1];
2016 Elf32_Word bitmask_words = ((Elf32_Word *) data->d_buf)[2];
2018 if (!powerof2 (bitmask_words))
2020 section [%2d] '%s': bitmask size not power of 2: %u\n"),
2021 idx, section_name (ebl, idx), bitmask_words);
2023 size_t bitmask_idxmask = bitmask_words - 1;
2024 if (gelf_getclass (ebl->elf) == ELFCLASS64)
2026 Elf32_Word shift = ((Elf32_Word *) data->d_buf)[3];
2028 if (shdr->sh_size < (4 + bitmask_words + nbuckets) * sizeof (Elf32_Word))
2031 section [%2d] '%s': hash table section is too small (is %ld, expected at least%ld)\n"),
2032 idx, section_name (ebl, idx), (long int) shdr->sh_size,
2033 (long int) ((4 + bitmask_words + nbuckets) * sizeof (Elf32_Word)));
2039 section [%2d] '%s': 2nd hash function shift too big: %u\n"),
2040 idx, section_name (ebl, idx), shift);
2042 size_t maxidx = shdr->sh_size / sizeof (Elf32_Word) - (4 + bitmask_words
2045 if (symshdr != NULL)
2046 maxidx = MIN (maxidx, symshdr->sh_size / symshdr->sh_entsize);
2048 /* We need the symbol section data. */
2049 Elf_Data *symdata = elf_getdata (elf_getscn (ebl->elf, shdr->sh_link), NULL);
2055 } bitmask = { .p32 = &((Elf32_Word *) data->d_buf)[4] },
2056 collected = { .p32 = xcalloc (bitmask_words, sizeof (Elf32_Word)) };
2058 size_t classbits = gelf_getclass (ebl->elf) == ELFCLASS32 ? 32 : 64;
2061 for (cnt = 4 + bitmask_words; cnt < 4 + bitmask_words + nbuckets; ++cnt)
2063 Elf32_Word symidx = ((Elf32_Word *) data->d_buf)[cnt];
2068 if (symidx < symbias)
2071 section [%2d] '%s': hash chain for bucket %zu lower than symbol index bias\n"),
2072 idx, section_name (ebl, idx), cnt - (4 + bitmask_words));
2076 while (symidx - symbias < maxidx)
2078 Elf32_Word chainhash = ((Elf32_Word *) data->d_buf)[4
2084 if (symdata != NULL)
2086 /* Check that the referenced symbol is not undefined. */
2088 GElf_Sym *sym = gelf_getsym (symdata, symidx, &sym_mem);
2089 if (sym != NULL && sym->st_shndx == SHN_UNDEF
2090 && GELF_ST_TYPE (sym->st_info) != STT_FUNC)
2092 section [%2d] '%s': symbol %u referenced in chain for bucket %zu is undefined\n"),
2093 idx, section_name (ebl, idx), symidx,
2094 cnt - (4 + bitmask_words));
2096 const char *symname = elf_strptr (ebl->elf, symshdr->sh_link,
2098 if (symname != NULL)
2100 Elf32_Word hval = elf_gnu_hash (symname);
2101 if ((hval & ~1u) != (chainhash & ~1u))
2103 section [%2d] '%s': hash value for symbol %u in chain for bucket %zu wrong\n"),
2104 idx, section_name (ebl, idx), symidx,
2105 cnt - (4 + bitmask_words));
2107 /* Set the bits in the bitmask. */
2108 size_t maskidx = (hval / classbits) & bitmask_idxmask;
2109 if (classbits == 32)
2111 collected.p32[maskidx]
2112 |= UINT32_C (1) << (hval & (classbits - 1));
2113 collected.p32[maskidx]
2114 |= UINT32_C (1) << ((hval >> shift) & (classbits - 1));
2118 collected.p64[maskidx]
2119 |= UINT64_C (1) << (hval & (classbits - 1));
2120 collected.p64[maskidx]
2121 |= UINT64_C (1) << ((hval >> shift) & (classbits - 1));
2126 if ((chainhash & 1) != 0)
2132 if (symidx - symbias >= maxidx)
2134 section [%2d] '%s': hash chain for bucket %zu out of bounds\n"),
2135 idx, section_name (ebl, idx), cnt - (4 + bitmask_words));
2136 else if (symshdr != NULL
2137 && symidx > symshdr->sh_size / symshdr->sh_entsize)
2139 section [%2d] '%s': symbol reference in chain for bucket %zu out of bounds\n"),
2140 idx, section_name (ebl, idx), cnt - (4 + bitmask_words));
2143 if (memcmp (collected.p32, bitmask.p32, bitmask_words * sizeof (Elf32_Word)))
2145 section [%2d] '%s': bitmask does not match names in the hash table\n"),
2146 idx, section_name (ebl, idx));
2148 free (collected.p32);
2153 check_hash (int tag, Ebl *ebl, GElf_Ehdr *ehdr, GElf_Shdr *shdr, int idx)
2155 if (ehdr->e_type == ET_REL)
2158 section [%2d] '%s': relocatable files cannot have hash tables\n"),
2159 idx, section_name (ebl, idx));
2163 Elf_Data *data = elf_getdata (elf_getscn (ebl->elf, idx), NULL);
2166 ERROR (gettext ("section [%2d] '%s': cannot get section data\n"),
2167 idx, section_name (ebl, idx));
2171 GElf_Shdr symshdr_mem;
2172 GElf_Shdr *symshdr = gelf_getshdr (elf_getscn (ebl->elf, shdr->sh_link),
2174 if (symshdr != NULL && symshdr->sh_type != SHT_DYNSYM)
2176 section [%2d] '%s': hash table not for dynamic symbol table\n"),
2177 idx, section_name (ebl, idx));
2179 if (shdr->sh_entsize != (tag == SHT_GNU_HASH
2180 ? (gelf_getclass (ebl->elf) == ELFCLASS32
2181 ? sizeof (Elf32_Word) : 0)
2182 : (size_t) ebl_sysvhash_entrysize (ebl)))
2184 section [%2d] '%s': hash table entry size incorrect\n"),
2185 idx, section_name (ebl, idx));
2187 if ((shdr->sh_flags & SHF_ALLOC) == 0)
2188 ERROR (gettext ("section [%2d] '%s': not marked to be allocated\n"),
2189 idx, section_name (ebl, idx));
2191 if (shdr->sh_size < (tag == SHT_GNU_HASH ? 4 : 2) * (shdr->sh_entsize ?: 4))
2194 section [%2d] '%s': hash table has not even room for initial administrative entries\n"),
2195 idx, section_name (ebl, idx));
2202 if (ebl_sysvhash_entrysize (ebl) == sizeof (Elf64_Xword))
2203 check_sysv_hash64 (ebl, shdr, data, idx, symshdr);
2205 check_sysv_hash (ebl, shdr, data, idx, symshdr);
2209 check_gnu_hash (ebl, shdr, data, idx, symshdr);
2213 assert (! "should not happen");
2218 /* Compare content of both hash tables, it must be identical. */
2220 compare_hash_gnu_hash (Ebl *ebl, GElf_Ehdr *ehdr, size_t hash_idx,
2221 size_t gnu_hash_idx)
2223 Elf_Scn *hash_scn = elf_getscn (ebl->elf, hash_idx);
2224 Elf_Data *hash_data = elf_getdata (hash_scn, NULL);
2225 GElf_Shdr hash_shdr_mem;
2226 GElf_Shdr *hash_shdr = gelf_getshdr (hash_scn, &hash_shdr_mem);
2227 Elf_Scn *gnu_hash_scn = elf_getscn (ebl->elf, gnu_hash_idx);
2228 Elf_Data *gnu_hash_data = elf_getdata (gnu_hash_scn, NULL);
2229 GElf_Shdr gnu_hash_shdr_mem;
2230 GElf_Shdr *gnu_hash_shdr = gelf_getshdr (gnu_hash_scn, &gnu_hash_shdr_mem);
2232 if (hash_shdr == NULL || gnu_hash_shdr == NULL
2233 || hash_data == NULL || gnu_hash_data == NULL)
2234 /* None of these pointers should be NULL since we used the
2235 sections already. We are careful nonetheless. */
2238 /* The link must point to the same symbol table. */
2239 if (hash_shdr->sh_link != gnu_hash_shdr->sh_link)
2242 sh_link in hash sections [%2zu] '%s' and [%2zu] '%s' not identical\n"),
2243 hash_idx, elf_strptr (ebl->elf, shstrndx, hash_shdr->sh_name),
2245 elf_strptr (ebl->elf, shstrndx, gnu_hash_shdr->sh_name));
2249 Elf_Scn *sym_scn = elf_getscn (ebl->elf, hash_shdr->sh_link);
2250 Elf_Data *sym_data = elf_getdata (sym_scn, NULL);
2251 GElf_Shdr sym_shdr_mem;
2252 GElf_Shdr *sym_shdr = gelf_getshdr (sym_scn, &sym_shdr_mem);
2254 if (sym_data == NULL || sym_shdr == NULL)
2257 int nentries = sym_shdr->sh_size / sym_shdr->sh_entsize;
2258 char *used = alloca (nentries);
2259 memset (used, '\0', nentries);
2261 /* First go over the GNU_HASH table and mark the entries as used. */
2262 const Elf32_Word *gnu_hasharr = (Elf32_Word *) gnu_hash_data->d_buf;
2263 Elf32_Word gnu_nbucket = gnu_hasharr[0];
2264 const int bitmap_factor = ehdr->e_ident[EI_CLASS] == ELFCLASS32 ? 1 : 2;
2265 const Elf32_Word *gnu_bucket = (gnu_hasharr
2266 + (4 + gnu_hasharr[2] * bitmap_factor));
2267 const Elf32_Word *gnu_chain = gnu_bucket + gnu_hasharr[0] - gnu_hasharr[1];
2269 for (Elf32_Word cnt = 0; cnt < gnu_nbucket; ++cnt)
2271 Elf32_Word symidx = gnu_bucket[cnt];
2272 if (symidx != STN_UNDEF)
2275 while ((gnu_chain[symidx++] & 1u) == 0);
2278 /* Now go over the old hash table and check that we cover the same
2280 if (hash_shdr->sh_entsize == sizeof (Elf32_Word))
2282 const Elf32_Word *hasharr = (Elf32_Word *) hash_data->d_buf;
2283 Elf32_Word nbucket = hasharr[0];
2284 const Elf32_Word *bucket = &hasharr[2];
2285 const Elf32_Word *chain = &hasharr[2 + nbucket];
2287 for (Elf32_Word cnt = 0; cnt < nbucket; ++cnt)
2289 Elf32_Word symidx = bucket[cnt];
2290 while (symidx != STN_UNDEF)
2293 symidx = chain[symidx];
2299 const Elf64_Xword *hasharr = (Elf64_Xword *) hash_data->d_buf;
2300 Elf64_Xword nbucket = hasharr[0];
2301 const Elf64_Xword *bucket = &hasharr[2];
2302 const Elf64_Xword *chain = &hasharr[2 + nbucket];
2304 for (Elf64_Xword cnt = 0; cnt < nbucket; ++cnt)
2306 Elf64_Xword symidx = bucket[cnt];
2307 while (symidx != STN_UNDEF)
2310 symidx = chain[symidx];
2315 /* Now see which entries are not set in one or both hash tables
2316 (unless the symbol is undefined in which case it can be omitted
2317 in the new table format). */
2318 if ((used[0] & 1) != 0)
2319 ERROR (gettext ("section [%2zu] '%s': reference to symbol index 0\n"),
2321 elf_strptr (ebl->elf, shstrndx, gnu_hash_shdr->sh_name));
2322 if ((used[0] & 2) != 0)
2323 ERROR (gettext ("section [%2zu] '%s': reference to symbol index 0\n"),
2324 hash_idx, elf_strptr (ebl->elf, shstrndx, hash_shdr->sh_name));
2326 for (int cnt = 1; cnt < nentries; ++cnt)
2327 if (used[cnt] != 0 && used[cnt] != 3)
2331 symbol %d referenced in new hash table in [%2zu] '%s' but not in old hash table in [%2zu] '%s'\n"),
2333 elf_strptr (ebl->elf, shstrndx, gnu_hash_shdr->sh_name),
2335 elf_strptr (ebl->elf, shstrndx, hash_shdr->sh_name));
2339 GElf_Sym *sym = gelf_getsym (sym_data, cnt, &sym_mem);
2341 if (sym != NULL && sym->st_shndx != STN_UNDEF)
2343 symbol %d referenced in old hash table in [%2zu] '%s' but not in new hash table in [%2zu] '%s'\n"),
2345 elf_strptr (ebl->elf, shstrndx, hash_shdr->sh_name),
2347 elf_strptr (ebl->elf, shstrndx, gnu_hash_shdr->sh_name));
2354 check_null (Ebl *ebl, GElf_Shdr *shdr, int idx)
2356 #define TEST(name, extra) \
2357 if (extra && shdr->sh_##name != 0) \
2358 ERROR (gettext ("section [%2d] '%s': nonzero sh_%s for NULL section\n"), \
2359 idx, section_name (ebl, idx), #name)
2365 TEST (size, idx != 0);
2366 TEST (link, idx != 0);
2368 TEST (addralign, 1);
2374 check_group (Ebl *ebl, GElf_Ehdr *ehdr, GElf_Shdr *shdr, int idx)
2376 if (ehdr->e_type != ET_REL)
2379 section [%2d] '%s': section groups only allowed in relocatable object files\n"),
2380 idx, section_name (ebl, idx));
2384 /* Check that sh_link is an index of a symbol table. */
2385 Elf_Scn *symscn = elf_getscn (ebl->elf, shdr->sh_link);
2386 GElf_Shdr symshdr_mem;
2387 GElf_Shdr *symshdr = gelf_getshdr (symscn, &symshdr_mem);
2388 if (symshdr == NULL)
2389 ERROR (gettext ("section [%2d] '%s': cannot get symbol table: %s\n"),
2390 idx, section_name (ebl, idx), elf_errmsg (-1));
2393 if (symshdr->sh_type != SHT_SYMTAB)
2395 section [%2d] '%s': section reference in sh_link is no symbol table\n"),
2396 idx, section_name (ebl, idx));
2398 if (shdr->sh_info >= symshdr->sh_size / gelf_fsize (ebl->elf, ELF_T_SYM,
2401 section [%2d] '%s': invalid symbol index in sh_info\n"),
2402 idx, section_name (ebl, idx));
2404 if (shdr->sh_flags != 0)
2405 ERROR (gettext ("section [%2d] '%s': sh_flags not zero\n"),
2406 idx, section_name (ebl, idx));
2409 GElf_Sym *sym = gelf_getsym (elf_getdata (symscn, NULL), shdr->sh_info,
2413 section [%2d] '%s': cannot get symbol for signature\n"),
2414 idx, section_name (ebl, idx));
2415 else if (strcmp (elf_strptr (ebl->elf, symshdr->sh_link, sym->st_name),
2418 section [%2d] '%s': signature symbol cannot be empty string\n"),
2419 idx, section_name (ebl, idx));
2422 && shdr->sh_entsize != elf32_fsize (ELF_T_WORD, 1, EV_CURRENT))
2423 ERROR (gettext ("section [%2d] '%s': sh_flags not set correctly\n"),
2424 idx, section_name (ebl, idx));
2427 Elf_Data *data = elf_getdata (elf_getscn (ebl->elf, idx), NULL);
2429 ERROR (gettext ("section [%2d] '%s': cannot get data: %s\n"),
2430 idx, section_name (ebl, idx), elf_errmsg (-1));
2433 size_t elsize = elf32_fsize (ELF_T_WORD, 1, EV_CURRENT);
2437 if (data->d_size % elsize != 0)
2439 section [%2d] '%s': section size not multiple of sizeof(Elf32_Word)\n"),
2440 idx, section_name (ebl, idx));
2442 if (data->d_size < elsize)
2444 section [%2d] '%s': section group without flags word\n"),
2445 idx, section_name (ebl, idx));
2448 if (data->d_size < 2 * elsize)
2450 section [%2d] '%s': section group without member\n"),
2451 idx, section_name (ebl, idx));
2452 else if (data->d_size < 3 * elsize)
2454 section [%2d] '%s': section group with only one member\n"),
2455 idx, section_name (ebl, idx));
2459 val = *((Elf32_Word *) data->d_buf);
2461 memcpy (&val, data->d_buf, elsize);
2463 if ((val & ~GRP_COMDAT) != 0)
2464 ERROR (gettext ("section [%2d] '%s': unknown section group flags\n"),
2465 idx, section_name (ebl, idx));
2467 for (cnt = elsize; cnt < data->d_size; cnt += elsize)
2470 val = *((Elf32_Word *) ((char *) data->d_buf + cnt));
2472 memcpy (&val, (char *) data->d_buf + cnt, elsize);
2477 section [%2d] '%s': section index %Zu out of range\n"),
2478 idx, section_name (ebl, idx), cnt / elsize);
2481 GElf_Shdr refshdr_mem;
2482 GElf_Shdr *refshdr = gelf_getshdr (elf_getscn (ebl->elf, val),
2484 if (refshdr == NULL)
2486 section [%2d] '%s': cannot get section header for element %zu: %s\n"),
2487 idx, section_name (ebl, idx), cnt / elsize,
2491 if (refshdr->sh_type == SHT_GROUP)
2493 section [%2d] '%s': section group contains another group [%2d] '%s'\n"),
2494 idx, section_name (ebl, idx),
2495 val, section_name (ebl, val));
2497 if ((refshdr->sh_flags & SHF_GROUP) == 0)
2499 section [%2d] '%s': element %Zu references section [%2d] '%s' without SHF_GROUP flag set\n"),
2500 idx, section_name (ebl, idx), cnt / elsize,
2501 val, section_name (ebl, val));
2504 if (++scnref[val] == 2)
2506 section [%2d] '%s' is contained in more than one section group\n"),
2507 val, section_name (ebl, val));
2515 section_flags_string (GElf_Word flags, char *buf, size_t len)
2526 #define NEWFLAG(name) { SHF_##name, #name }
2529 NEWFLAG (EXECINSTR),
2532 NEWFLAG (INFO_LINK),
2533 NEWFLAG (LINK_ORDER),
2534 NEWFLAG (OS_NONCONFORMING),
2539 const size_t nknown_flags = sizeof (known_flags) / sizeof (known_flags[0]);
2543 for (size_t cnt = 0; cnt < nknown_flags; ++cnt)
2544 if (flags & known_flags[cnt].flag)
2546 if (cp != buf && len > 1)
2552 size_t ncopy = MIN (len - 1, strlen (known_flags[cnt].name));
2553 cp = mempcpy (cp, known_flags[cnt].name, ncopy);
2556 flags ^= known_flags[cnt].flag;
2559 if (flags != 0 || cp == buf)
2560 snprintf (cp, len - 1, "%" PRIx64, (uint64_t) flags);
2569 has_copy_reloc (Ebl *ebl, unsigned int symscnndx, unsigned int symndx)
2571 /* First find the relocation section for the symbol table. */
2572 Elf_Scn *scn = NULL;
2574 GElf_Shdr *shdr = NULL;
2575 while ((scn = elf_nextscn (ebl->elf, scn)) != NULL)
2577 shdr = gelf_getshdr (scn, &shdr_mem);
2579 && (shdr->sh_type == SHT_REL || shdr->sh_type == SHT_RELA)
2580 && shdr->sh_link == symscnndx)
2581 /* Found the section. */
2588 Elf_Data *data = elf_getdata (scn, NULL);
2592 if (shdr->sh_type == SHT_REL)
2593 for (int i = 0; (size_t) i < shdr->sh_size / shdr->sh_entsize; ++i)
2596 GElf_Rel *rel = gelf_getrel (data, i, &rel_mem);
2600 if (GELF_R_SYM (rel->r_info) == symndx
2601 && ebl_copy_reloc_p (ebl, GELF_R_TYPE (rel->r_info)))
2605 for (int i = 0; (size_t) i < shdr->sh_size / shdr->sh_entsize; ++i)
2608 GElf_Rela *rela = gelf_getrela (data, i, &rela_mem);
2612 if (GELF_R_SYM (rela->r_info) == symndx
2613 && ebl_copy_reloc_p (ebl, GELF_R_TYPE (rela->r_info)))
2622 in_nobits_scn (Ebl *ebl, unsigned int shndx)
2625 GElf_Shdr *shdr = gelf_getshdr (elf_getscn (ebl->elf, shndx), &shdr_mem);
2626 return shdr != NULL && shdr->sh_type == SHT_NOBITS;
2630 static struct version_namelist
2632 const char *objname;
2635 enum { ver_def, ver_need } type;
2636 struct version_namelist *next;
2637 } *version_namelist;
2641 add_version (const char *objname, const char *name, GElf_Versym ndx, int type)
2643 /* Check that there are no duplications. */
2644 struct version_namelist *nlp = version_namelist;
2647 if (((nlp->objname == NULL && objname == NULL)
2648 || (nlp->objname != NULL && objname != NULL
2649 && strcmp (nlp->objname, objname) == 0))
2650 && strcmp (nlp->name, name) == 0)
2651 return nlp->type == ver_def ? 1 : -1;
2655 nlp = xmalloc (sizeof (*nlp));
2656 nlp->objname = objname;
2660 nlp->next = version_namelist;
2661 version_namelist = nlp;
2668 check_versym (Ebl *ebl, int idx)
2670 Elf_Scn *scn = elf_getscn (ebl->elf, idx);
2672 GElf_Shdr *shdr = gelf_getshdr (scn, &shdr_mem);
2674 /* The error has already been reported. */
2677 Elf_Data *data = elf_getdata (scn, NULL);
2680 ERROR (gettext ("section [%2d] '%s': cannot get section data\n"),
2681 idx, section_name (ebl, idx));
2685 Elf_Scn *symscn = elf_getscn (ebl->elf, shdr->sh_link);
2686 GElf_Shdr symshdr_mem;
2687 GElf_Shdr *symshdr = gelf_getshdr (symscn, &symshdr_mem);
2688 if (symshdr == NULL)
2689 /* The error has already been reported. */
2692 if (symshdr->sh_type != SHT_DYNSYM)
2695 section [%2d] '%s' refers in sh_link to section [%2d] '%s' which is no dynamic symbol table\n"),
2696 idx, section_name (ebl, idx),
2697 shdr->sh_link, section_name (ebl, shdr->sh_link));
2701 /* The number of elements in the version symbol table must be the
2702 same as the number of symbols. */
2703 if (shdr->sh_size / shdr->sh_entsize
2704 != symshdr->sh_size / symshdr->sh_entsize)
2706 section [%2d] '%s' has different number of entries than symbol table [%2d] '%s'\n"),
2707 idx, section_name (ebl, idx),
2708 shdr->sh_link, section_name (ebl, shdr->sh_link));
2710 Elf_Data *symdata = elf_getdata (symscn, NULL);
2711 if (symdata == NULL)
2712 /* The error has already been reported. */
2715 for (int cnt = 1; (size_t) cnt < shdr->sh_size / shdr->sh_entsize; ++cnt)
2717 GElf_Versym versym_mem;
2718 GElf_Versym *versym = gelf_getversym (data, cnt, &versym_mem);
2722 section [%2d] '%s': symbol %d: cannot read version data\n"),
2723 idx, section_name (ebl, idx), cnt);
2728 GElf_Sym *sym = gelf_getsym (symdata, cnt, &sym_mem);
2730 /* Already reported elsewhere. */
2733 if (*versym == VER_NDX_GLOBAL)
2735 /* Global symbol. Make sure it is not defined as local. */
2736 if (GELF_ST_BIND (sym->st_info) == STB_LOCAL)
2738 section [%2d] '%s': symbol %d: local symbol with global scope\n"),
2739 idx, section_name (ebl, idx), cnt);
2741 else if (*versym != VER_NDX_LOCAL)
2743 /* Versioned symbol. Make sure it is not defined as local. */
2744 if (!gnuld && GELF_ST_BIND (sym->st_info) == STB_LOCAL)
2746 section [%2d] '%s': symbol %d: local symbol with version\n"),
2747 idx, section_name (ebl, idx), cnt);
2749 /* Look through the list of defined versions and locate the
2750 index we need for this symbol. */
2751 struct version_namelist *runp = version_namelist;
2752 while (runp != NULL)
2753 if (runp->ndx == (*versym & (GElf_Versym) 0x7fff))
2760 section [%2d] '%s': symbol %d: invalid version index %d\n"),
2761 idx, section_name (ebl, idx), cnt, (int) *versym);
2762 else if (sym->st_shndx == SHN_UNDEF
2763 && runp->type == ver_def)
2765 section [%2d] '%s': symbol %d: version index %d is for defined version\n"),
2766 idx, section_name (ebl, idx), cnt, (int) *versym);
2767 else if (sym->st_shndx != SHN_UNDEF
2768 && runp->type == ver_need)
2770 /* Unless this symbol has a copy relocation associated
2771 this must not happen. */
2772 if (!has_copy_reloc (ebl, shdr->sh_link, cnt)
2773 && !in_nobits_scn (ebl, sym->st_shndx))
2775 section [%2d] '%s': symbol %d: version index %d is for requested version\n"),
2776 idx, section_name (ebl, idx), cnt, (int) *versym);
2784 unknown_dependency_p (Elf *elf, const char *fname)
2787 GElf_Phdr *phdr = NULL;
2790 for (i = 0; i < phnum; ++i)
2791 if ((phdr = gelf_getphdr (elf, i, &phdr_mem)) != NULL
2792 && phdr->p_type == PT_DYNAMIC)
2797 assert (phdr != NULL);
2798 Elf_Scn *scn = gelf_offscn (elf, phdr->p_offset);
2800 GElf_Shdr *shdr = gelf_getshdr (scn, &shdr_mem);
2801 Elf_Data *data = elf_getdata (scn, NULL);
2802 if (shdr != NULL && shdr->sh_type == SHT_DYNAMIC && data != NULL)
2803 for (size_t j = 0; j < shdr->sh_size / shdr->sh_entsize; ++j)
2806 GElf_Dyn *dyn = gelf_getdyn (data, j, &dyn_mem);
2807 if (dyn != NULL && dyn->d_tag == DT_NEEDED)
2809 const char *str = elf_strptr (elf, shdr->sh_link, dyn->d_un.d_val);
2810 if (str != NULL && strcmp (str, fname) == 0)
2820 static unsigned int nverneed;
2823 check_verneed (Ebl *ebl, GElf_Shdr *shdr, int idx)
2825 if (++nverneed == 2)
2826 ERROR (gettext ("more than one version reference section present\n"));
2828 GElf_Shdr strshdr_mem;
2829 GElf_Shdr *strshdr = gelf_getshdr (elf_getscn (ebl->elf, shdr->sh_link),
2831 if (strshdr == NULL)
2833 if (strshdr->sh_type != SHT_STRTAB)
2835 section [%2d] '%s': sh_link does not link to string table\n"),
2836 idx, section_name (ebl, idx));
2838 Elf_Data *data = elf_getdata (elf_getscn (ebl->elf, idx), NULL);
2841 ERROR (gettext ("section [%2d] '%s': cannot get section data\n"),
2842 idx, section_name (ebl, idx));
2845 unsigned int offset = 0;
2846 for (int cnt = shdr->sh_info; --cnt >= 0; )
2848 /* Get the data at the next offset. */
2849 GElf_Verneed needmem;
2850 GElf_Verneed *need = gelf_getverneed (data, offset, &needmem);
2854 unsigned int auxoffset = offset + need->vn_aux;
2856 if (need->vn_version != EV_CURRENT)
2858 section [%2d] '%s': entry %d has wrong version %d\n"),
2859 idx, section_name (ebl, idx), cnt, (int) need->vn_version);
2861 if (need->vn_cnt > 0 && need->vn_aux < gelf_fsize (ebl->elf, ELF_T_VNEED,
2864 section [%2d] '%s': entry %d has wrong offset of auxiliary data\n"),
2865 idx, section_name (ebl, idx), cnt);
2867 const char *libname = elf_strptr (ebl->elf, shdr->sh_link,
2869 if (libname == NULL)
2872 section [%2d] '%s': entry %d has invalid file reference\n"),
2873 idx, section_name (ebl, idx), cnt);
2877 /* Check that there is a DT_NEEDED entry for the referenced library. */
2878 if (unknown_dependency_p (ebl->elf, libname))
2880 section [%2d] '%s': entry %d references unknown dependency\n"),
2881 idx, section_name (ebl, idx), cnt);
2883 for (int cnt2 = need->vn_cnt; --cnt2 >= 0; )
2885 GElf_Vernaux auxmem;
2886 GElf_Vernaux *aux = gelf_getvernaux (data, auxoffset, &auxmem);
2890 if ((aux->vna_flags & ~VER_FLG_WEAK) != 0)
2892 section [%2d] '%s': auxiliary entry %d of entry %d has unknown flag\n"),
2893 idx, section_name (ebl, idx), need->vn_cnt - cnt2, cnt);
2895 const char *verstr = elf_strptr (ebl->elf, shdr->sh_link,
2899 section [%2d] '%s': auxiliary entry %d of entry %d has invalid name reference\n"),
2900 idx, section_name (ebl, idx), need->vn_cnt - cnt2, cnt);
2903 GElf_Word hashval = elf_hash (verstr);
2904 if (hashval != aux->vna_hash)
2906 section [%2d] '%s': auxiliary entry %d of entry %d has wrong hash value: %#x, expected %#x\n"),
2907 idx, section_name (ebl, idx), need->vn_cnt - cnt2,
2908 cnt, (int) hashval, (int) aux->vna_hash);
2910 int res = add_version (libname, verstr, aux->vna_other,
2912 if (unlikely (res !=0))
2916 section [%2d] '%s': auxiliary entry %d of entry %d has duplicate version name '%s'\n"),
2917 idx, section_name (ebl, idx), need->vn_cnt - cnt2,
2922 if ((aux->vna_next != 0 || cnt2 > 0)
2923 && aux->vna_next < gelf_fsize (ebl->elf, ELF_T_VNAUX, 1,
2927 section [%2d] '%s': auxiliary entry %d of entry %d has wrong next field\n"),
2928 idx, section_name (ebl, idx), need->vn_cnt - cnt2, cnt);
2932 auxoffset += MAX (aux->vna_next,
2933 gelf_fsize (ebl->elf, ELF_T_VNAUX, 1, EV_CURRENT));
2936 /* Find the next offset. */
2938 offset += need->vn_next;
2940 if ((need->vn_next != 0 || cnt > 0)
2941 && offset < auxoffset)
2943 section [%2d] '%s': entry %d has invalid offset to next entry\n"),
2944 idx, section_name (ebl, idx), cnt);
2949 static unsigned int nverdef;
2952 check_verdef (Ebl *ebl, GElf_Shdr *shdr, int idx)
2955 ERROR (gettext ("more than one version definition section present\n"));
2957 GElf_Shdr strshdr_mem;
2958 GElf_Shdr *strshdr = gelf_getshdr (elf_getscn (ebl->elf, shdr->sh_link),
2960 if (strshdr == NULL)
2962 if (strshdr->sh_type != SHT_STRTAB)
2964 section [%2d] '%s': sh_link does not link to string table\n"),
2965 idx, section_name (ebl, idx));
2967 Elf_Data *data = elf_getdata (elf_getscn (ebl->elf, idx), NULL);
2971 ERROR (gettext ("section [%2d] '%s': cannot get section data\n"),
2972 idx, section_name (ebl, idx));
2976 /* Iterate over all version definition entries. We check that there
2977 is a BASE entry and that each index is unique. To do the later
2978 we collection the information in a list which is later
2983 struct namelist *next;
2985 struct namelist *refnamelist = NULL;
2987 bool has_base = false;
2988 unsigned int offset = 0;
2989 for (int cnt = shdr->sh_info; --cnt >= 0; )
2991 /* Get the data at the next offset. */
2993 GElf_Verdef *def = gelf_getverdef (data, offset, &defmem);
2997 if ((def->vd_flags & VER_FLG_BASE) != 0)
3001 section [%2d] '%s': more than one BASE definition\n"),
3002 idx, section_name (ebl, idx));
3003 if (def->vd_ndx != VER_NDX_GLOBAL)
3005 section [%2d] '%s': BASE definition must have index VER_NDX_GLOBAL\n"),
3006 idx, section_name (ebl, idx));
3009 if ((def->vd_flags & ~(VER_FLG_BASE|VER_FLG_WEAK)) != 0)
3011 section [%2d] '%s': entry %d has unknown flag\n"),
3012 idx, section_name (ebl, idx), cnt);
3014 if (def->vd_version != EV_CURRENT)
3016 section [%2d] '%s': entry %d has wrong version %d\n"),
3017 idx, section_name (ebl, idx), cnt, (int) def->vd_version);
3019 if (def->vd_cnt > 0 && def->vd_aux < gelf_fsize (ebl->elf, ELF_T_VDEF,
3022 section [%2d] '%s': entry %d has wrong offset of auxiliary data\n"),
3023 idx, section_name (ebl, idx), cnt);
3025 unsigned int auxoffset = offset + def->vd_aux;
3026 GElf_Verdaux auxmem;
3027 GElf_Verdaux *aux = gelf_getverdaux (data, auxoffset, &auxmem);
3031 const char *name = elf_strptr (ebl->elf, shdr->sh_link, aux->vda_name);
3035 section [%2d] '%s': entry %d has invalid name reference\n"),
3036 idx, section_name (ebl, idx), cnt);
3039 GElf_Word hashval = elf_hash (name);
3040 if (def->vd_hash != hashval)
3042 section [%2d] '%s': entry %d has wrong hash value: %#x, expected %#x\n"),
3043 idx, section_name (ebl, idx), cnt, (int) hashval,
3044 (int) def->vd_hash);
3046 int res = add_version (NULL, name, def->vd_ndx, ver_def);
3047 if (unlikely (res !=0))
3051 section [%2d] '%s': entry %d has duplicate version name '%s'\n"),
3052 idx, section_name (ebl, idx), cnt, name);
3055 struct namelist *newname = alloca (sizeof (*newname));
3056 newname->name = name;
3057 newname->next = namelist;
3060 auxoffset += aux->vda_next;
3061 for (int cnt2 = 1; cnt2 < def->vd_cnt; ++cnt2)
3063 aux = gelf_getverdaux (data, auxoffset, &auxmem);
3067 name = elf_strptr (ebl->elf, shdr->sh_link, aux->vda_name);
3070 section [%2d] '%s': entry %d has invalid name reference in auxiliary data\n"),
3071 idx, section_name (ebl, idx), cnt);
3074 newname = alloca (sizeof (*newname));
3075 newname->name = name;
3076 newname->next = refnamelist;
3077 refnamelist = newname;
3080 if ((aux->vda_next != 0 || cnt2 + 1 < def->vd_cnt)
3081 && aux->vda_next < gelf_fsize (ebl->elf, ELF_T_VDAUX, 1,
3085 section [%2d] '%s': entry %d has wrong next field in auxiliary data\n"),
3086 idx, section_name (ebl, idx), cnt);
3090 auxoffset += MAX (aux->vda_next,
3091 gelf_fsize (ebl->elf, ELF_T_VDAUX, 1, EV_CURRENT));
3094 /* Find the next offset. */
3096 offset += def->vd_next;
3098 if ((def->vd_next != 0 || cnt > 0)
3099 && offset < auxoffset)
3101 section [%2d] '%s': entry %d has invalid offset to next entry\n"),
3102 idx, section_name (ebl, idx), cnt);
3106 ERROR (gettext ("section [%2d] '%s': no BASE definition\n"),
3107 idx, section_name (ebl, idx));
3109 /* Check whether the referenced names are available. */
3110 while (namelist != NULL)
3112 struct version_namelist *runp = version_namelist;
3113 while (runp != NULL)
3115 if (runp->type == ver_def
3116 && strcmp (runp->name, namelist->name) == 0)
3123 section [%2d] '%s': unknown parent version '%s'\n"),
3124 idx, section_name (ebl, idx), namelist->name);
3126 namelist = namelist->next;
3131 check_attributes (Ebl *ebl, GElf_Ehdr *ehdr, GElf_Shdr *shdr, int idx)
3133 if (shdr->sh_size == 0)
3135 ERROR (gettext ("section [%2d] '%s': empty object attributes section\n"),
3136 idx, section_name (ebl, idx));
3140 Elf_Data *data = elf_rawdata (elf_getscn (ebl->elf, idx), NULL);
3141 if (data == NULL || data->d_size == 0)
3143 ERROR (gettext ("section [%2d] '%s': cannot get section data\n"),
3144 idx, section_name (ebl, idx));
3148 inline size_t pos (const unsigned char *p)
3150 return p - (const unsigned char *) data->d_buf;
3153 const unsigned char *p = data->d_buf;
3156 ERROR (gettext ("section [%2d] '%s': unrecognized attribute format\n"),
3157 idx, section_name (ebl, idx));
3161 inline size_t left (void)
3163 return (const unsigned char *) data->d_buf + data->d_size - p;
3166 while (left () >= 4)
3169 memcpy (&len, p, sizeof len);
3173 section [%2d] '%s': offset %zu: zero length field in attribute section\n"),
3174 idx, section_name (ebl, idx), pos (p));
3176 if (MY_ELFDATA != ehdr->e_ident[EI_DATA])
3182 section [%2d] '%s': offset %zu: invalid length in attribute section\n"),
3183 idx, section_name (ebl, idx), pos (p));
3187 const unsigned char *name = p + sizeof len;
3190 unsigned const char *q = memchr (name, '\0', len);
3194 section [%2d] '%s': offset %zu: unterminated vendor name string\n"),
3195 idx, section_name (ebl, idx), pos (p));
3200 if (q - name == sizeof "gnu" && !memcmp (name, "gnu", sizeof "gnu"))
3203 unsigned const char *chunk = q;
3205 unsigned int subsection_tag;
3206 get_uleb128 (subsection_tag, q);
3211 section [%2d] '%s': offset %zu: endless ULEB128 in attribute subsection tag\n"),
3212 idx, section_name (ebl, idx), pos (chunk));
3216 uint32_t subsection_len;
3217 if (p - q < (ptrdiff_t) sizeof subsection_len)
3220 section [%2d] '%s': offset %zu: truncated attribute section\n"),
3221 idx, section_name (ebl, idx), pos (q));
3225 memcpy (&subsection_len, q, sizeof subsection_len);
3226 if (subsection_len == 0)
3229 section [%2d] '%s': offset %zu: zero length field in attribute subsection\n"),
3230 idx, section_name (ebl, idx), pos (q));
3232 q += sizeof subsection_len;
3236 if (MY_ELFDATA != ehdr->e_ident[EI_DATA])
3237 CONVERT (subsection_len);
3239 if (p - chunk < (ptrdiff_t) subsection_len)
3242 section [%2d] '%s': offset %zu: invalid length in attribute subsection\n"),
3243 idx, section_name (ebl, idx), pos (q));
3247 const unsigned char *subsection_end = chunk + subsection_len;
3251 if (subsection_tag != 1) /* Tag_File */
3253 section [%2d] '%s': offset %zu: attribute subsection has unexpected tag %u\n"),
3254 idx, section_name (ebl, idx), pos (chunk), subsection_tag);
3257 chunk += sizeof subsection_len;
3261 get_uleb128 (tag, chunk);
3264 const unsigned char *r = chunk;
3265 if (tag == 32 || (tag & 1) == 0)
3267 get_uleb128 (value, r);
3271 section [%2d] '%s': offset %zu: endless ULEB128 in attribute tag\n"),
3272 idx, section_name (ebl, idx), pos (chunk));
3276 if (tag == 32 || (tag & 1) != 0)
3278 r = memchr (r, '\0', q - r);
3282 section [%2d] '%s': offset %zu: unterminated string in attribute\n"),
3283 idx, section_name (ebl, idx), pos (chunk));
3289 const char *tag_name = NULL;
3290 const char *value_name = NULL;
3291 if (!ebl_check_object_attribute (ebl, (const char *) name,
3293 &tag_name, &value_name))
3295 section [%2d] '%s': offset %zu: unrecognized attribute tag %u\n"),
3296 idx, section_name (ebl, idx), pos (chunk), tag);
3297 else if ((tag & 1) == 0 && value_name == NULL)
3299 section [%2d] '%s': offset %zu: unrecognized %s attribute value %" PRIu64 "\n"),
3300 idx, section_name (ebl, idx), pos (chunk),
3309 section [%2d] '%s': offset %zu: vendor '%s' unknown\n"),
3310 idx, section_name (ebl, idx), pos (p), name);
3315 section [%2d] '%s': offset %zu: extra bytes after last attribute section\n"),
3316 idx, section_name (ebl, idx), pos (p));
3319 static bool has_loadable_segment;
3320 static bool has_interp_segment;
3327 enum { unused, exact, atleast, exact_or_gnuld } attrflag;
3330 } special_sections[] =
3332 /* See figure 4-14 in the gABI. */
3333 { ".bss", 5, SHT_NOBITS, exact, SHF_ALLOC | SHF_WRITE, 0 },
3334 { ".comment", 8, SHT_PROGBITS, atleast, 0, SHF_MERGE | SHF_STRINGS },
3335 { ".data", 6, SHT_PROGBITS, exact, SHF_ALLOC | SHF_WRITE, 0 },
3336 { ".data1", 7, SHT_PROGBITS, exact, SHF_ALLOC | SHF_WRITE, 0 },
3337 { ".debug_str", 11, SHT_PROGBITS, exact_or_gnuld, SHF_MERGE | SHF_STRINGS, 0 },
3338 { ".debug", 6, SHT_PROGBITS, exact, 0, 0 },
3339 { ".dynamic", 9, SHT_DYNAMIC, atleast, SHF_ALLOC, SHF_WRITE },
3340 { ".dynstr", 8, SHT_STRTAB, exact, SHF_ALLOC, 0 },
3341 { ".dynsym", 8, SHT_DYNSYM, exact, SHF_ALLOC, 0 },
3342 { ".fini", 6, SHT_PROGBITS, exact, SHF_ALLOC | SHF_EXECINSTR, 0 },
3343 { ".fini_array", 12, SHT_FINI_ARRAY, exact, SHF_ALLOC | SHF_WRITE, 0 },
3344 { ".got", 5, SHT_PROGBITS, unused, 0, 0 }, // XXX more info?
3345 { ".hash", 6, SHT_HASH, exact, SHF_ALLOC, 0 },
3346 { ".init", 6, SHT_PROGBITS, exact, SHF_ALLOC | SHF_EXECINSTR, 0 },
3347 { ".init_array", 12, SHT_INIT_ARRAY, exact, SHF_ALLOC | SHF_WRITE, 0 },
3348 { ".interp", 8, SHT_PROGBITS, atleast, 0, SHF_ALLOC }, // XXX more tests?
3349 { ".line", 6, SHT_PROGBITS, exact, 0, 0 },
3350 { ".note", 6, SHT_NOTE, atleast, 0, SHF_ALLOC },
3351 { ".plt", 5, SHT_PROGBITS, unused, 0, 0 }, // XXX more tests
3352 { ".preinit_array", 15, SHT_PREINIT_ARRAY, exact, SHF_ALLOC | SHF_WRITE, 0 },
3353 { ".rela", 5, SHT_RELA, atleast, 0, SHF_ALLOC | SHF_INFO_LINK }, // XXX more tests
3354 { ".rel", 4, SHT_REL, atleast, 0, SHF_ALLOC | SHF_INFO_LINK }, // XXX more tests
3355 { ".rodata", 8, SHT_PROGBITS, atleast, SHF_ALLOC, SHF_MERGE | SHF_STRINGS },
3356 { ".rodata1", 9, SHT_PROGBITS, atleast, SHF_ALLOC, SHF_MERGE | SHF_STRINGS },
3357 { ".shstrtab", 10, SHT_STRTAB, exact, 0, 0 },
3358 { ".strtab", 8, SHT_STRTAB, atleast, 0, SHF_ALLOC }, // XXX more tests
3359 { ".symtab", 8, SHT_SYMTAB, atleast, 0, SHF_ALLOC }, // XXX more tests
3360 { ".symtab_shndx", 14, SHT_SYMTAB_SHNDX, atleast, 0, SHF_ALLOC }, // XXX more tests
3361 { ".tbss", 6, SHT_NOBITS, exact, SHF_ALLOC | SHF_WRITE | SHF_TLS, 0 },
3362 { ".tdata", 7, SHT_PROGBITS, exact, SHF_ALLOC | SHF_WRITE | SHF_TLS, 0 },
3363 { ".tdata1", 8, SHT_PROGBITS, exact, SHF_ALLOC | SHF_WRITE | SHF_TLS, 0 },
3364 { ".text", 6, SHT_PROGBITS, exact, SHF_ALLOC | SHF_EXECINSTR, 0 },
3366 /* The following are GNU extensions. */
3367 { ".gnu.version", 13, SHT_GNU_versym, exact, SHF_ALLOC, 0 },
3368 { ".gnu.version_d", 15, SHT_GNU_verdef, exact, SHF_ALLOC, 0 },
3369 { ".gnu.version_r", 15, SHT_GNU_verneed, exact, SHF_ALLOC, 0 },
3370 { ".gnu.attributes", 16, SHT_GNU_ATTRIBUTES, exact, 0, 0 },
3372 #define nspecial_sections \
3373 (sizeof (special_sections) / sizeof (special_sections[0]))
3375 #define IS_KNOWN_SPECIAL(idx, string, prefix) \
3376 (special_sections[idx].namelen == sizeof string - (prefix ? 1 : 0) \
3377 && !memcmp (special_sections[idx].name, string, \
3378 sizeof string - (prefix ? 1 : 0)))
3381 /* Indeces of some sections we need later. */
3382 static size_t eh_frame_hdr_scnndx;
3383 static size_t eh_frame_scnndx;
3384 static size_t gcc_except_table_scnndx;
3388 check_sections (Ebl *ebl, GElf_Ehdr *ehdr)
3390 if (ehdr->e_shoff == 0)
3391 /* No section header. */
3394 /* Allocate array to count references in section groups. */
3395 scnref = (int *) xcalloc (shnum, sizeof (int));
3397 /* Check the zeroth section first. It must not have any contents
3398 and the section header must contain nonzero value at most in the
3399 sh_size and sh_link fields. */
3401 GElf_Shdr *shdr = gelf_getshdr (elf_getscn (ebl->elf, 0), &shdr_mem);
3403 ERROR (gettext ("cannot get section header of zeroth section\n"));
3406 if (shdr->sh_name != 0)
3407 ERROR (gettext ("zeroth section has nonzero name\n"));
3408 if (shdr->sh_type != 0)
3409 ERROR (gettext ("zeroth section has nonzero type\n"));
3410 if (shdr->sh_flags != 0)
3411 ERROR (gettext ("zeroth section has nonzero flags\n"));
3412 if (shdr->sh_addr != 0)
3413 ERROR (gettext ("zeroth section has nonzero address\n"));
3414 if (shdr->sh_offset != 0)
3415 ERROR (gettext ("zeroth section has nonzero offset\n"));
3416 if (shdr->sh_addralign != 0)
3417 ERROR (gettext ("zeroth section has nonzero align value\n"));
3418 if (shdr->sh_entsize != 0)
3419 ERROR (gettext ("zeroth section has nonzero entry size value\n"));
3421 if (shdr->sh_size != 0 && ehdr->e_shnum != 0)
3423 zeroth section has nonzero size value while ELF header has nonzero shnum value\n"));
3425 if (shdr->sh_link != 0 && ehdr->e_shstrndx != SHN_XINDEX)
3427 zeroth section has nonzero link value while ELF header does not signal overflow in shstrndx\n"));
3429 if (shdr->sh_info != 0 && ehdr->e_phnum != PN_XNUM)
3431 zeroth section has nonzero link value while ELF header does not signal overflow in phnum\n"));
3434 int *segment_flags = xcalloc (phnum, sizeof segment_flags[0]);
3436 bool dot_interp_section = false;
3438 size_t hash_idx = 0;
3439 size_t gnu_hash_idx = 0;
3441 size_t versym_scnndx = 0;
3442 for (size_t cnt = 1; cnt < shnum; ++cnt)
3444 shdr = gelf_getshdr (elf_getscn (ebl->elf, cnt), &shdr_mem);
3448 cannot get section header for section [%2zu] '%s': %s\n"),
3449 cnt, section_name (ebl, cnt), elf_errmsg (-1));
3453 const char *scnname = elf_strptr (ebl->elf, shstrndx, shdr->sh_name);
3455 if (scnname == NULL)
3456 ERROR (gettext ("section [%2zu]: invalid name\n"), cnt);
3459 /* Check whether it is one of the special sections defined in
3462 for (s = 0; s < nspecial_sections; ++s)
3463 if (strncmp (scnname, special_sections[s].name,
3464 special_sections[s].namelen) == 0)
3470 GElf_Word good_type = special_sections[s].type;
3471 if (IS_KNOWN_SPECIAL (s, ".plt", false)
3472 && ebl_bss_plt_p (ebl, ehdr))
3473 good_type = SHT_NOBITS;
3475 /* In a debuginfo file, any normal section can be SHT_NOBITS.
3476 This is only invalid for DWARF sections and .shstrtab. */
3477 if (shdr->sh_type != good_type
3478 && (shdr->sh_type != SHT_NOBITS
3480 || IS_KNOWN_SPECIAL (s, ".debug_str", false)
3481 || IS_KNOWN_SPECIAL (s, ".debug", true)
3482 || IS_KNOWN_SPECIAL (s, ".shstrtab", false)))
3484 section [%2d] '%s' has wrong type: expected %s, is %s\n"),
3486 ebl_section_type_name (ebl, special_sections[s].type,
3487 stbuf1, sizeof (stbuf1)),
3488 ebl_section_type_name (ebl, shdr->sh_type,
3489 stbuf2, sizeof (stbuf2)));
3491 if (special_sections[s].attrflag == exact
3492 || special_sections[s].attrflag == exact_or_gnuld)
3494 /* Except for the link order and group bit all the
3495 other bits should match exactly. */
3496 if ((shdr->sh_flags & ~(SHF_LINK_ORDER | SHF_GROUP))
3497 != special_sections[s].attr
3498 && (special_sections[s].attrflag == exact || !gnuld))
3500 section [%2zu] '%s' has wrong flags: expected %s, is %s\n"),
3502 section_flags_string (special_sections[s].attr,
3503 stbuf1, sizeof (stbuf1)),
3504 section_flags_string (shdr->sh_flags
3506 stbuf2, sizeof (stbuf2)));
3508 else if (special_sections[s].attrflag == atleast)
3510 if ((shdr->sh_flags & special_sections[s].attr)
3511 != special_sections[s].attr
3512 || ((shdr->sh_flags & ~(SHF_LINK_ORDER | SHF_GROUP
3513 | special_sections[s].attr
3514 | special_sections[s].attr2))
3517 section [%2zu] '%s' has wrong flags: expected %s and possibly %s, is %s\n"),
3519 section_flags_string (special_sections[s].attr,
3520 stbuf1, sizeof (stbuf1)),
3521 section_flags_string (special_sections[s].attr2,
3522 stbuf2, sizeof (stbuf2)),
3523 section_flags_string (shdr->sh_flags
3526 stbuf3, sizeof (stbuf3)));
3529 if (strcmp (scnname, ".interp") == 0)
3531 dot_interp_section = true;
3533 if (ehdr->e_type == ET_REL)
3535 section [%2zu] '%s' present in object file\n"),
3538 if ((shdr->sh_flags & SHF_ALLOC) != 0
3539 && !has_loadable_segment)
3541 section [%2zu] '%s' has SHF_ALLOC flag set but there is no loadable segment\n"),
3543 else if ((shdr->sh_flags & SHF_ALLOC) == 0
3544 && has_loadable_segment)
3546 section [%2zu] '%s' has SHF_ALLOC flag not set but there are loadable segments\n"),
3551 if (strcmp (scnname, ".symtab_shndx") == 0
3552 && ehdr->e_type != ET_REL)
3554 section [%2zu] '%s' is extension section index table in non-object file\n"),
3557 /* These sections must have the SHF_ALLOC flag set iff
3558 a loadable segment is available.
3565 Check that if there is a reference from the
3566 loaded section these sections also have the
3570 if ((shdr->sh_flags & SHF_ALLOC) != 0
3571 && !has_loadable_segment)
3573 section [%2zu] '%s' has SHF_ALLOC flag set but there is no loadable segment\n"),
3575 else if ((shdr->sh_flags & SHF_ALLOC) == 0
3576 && has_loadable_segment)
3578 section [%2zu] '%s' has SHF_ALLOC flag not set but there are loadable segments\n"),
3586 /* Remember a few special sections for later. */
3587 if (strcmp (scnname, ".eh_frame_hdr") == 0)
3588 eh_frame_hdr_scnndx = cnt;
3589 else if (strcmp (scnname, ".eh_frame") == 0)
3590 eh_frame_scnndx = cnt;
3591 else if (strcmp (scnname, ".gcc_except_table") == 0)
3592 gcc_except_table_scnndx = cnt;
3595 if (shdr->sh_entsize != 0 && shdr->sh_size % shdr->sh_entsize)
3597 section [%2zu] '%s': size not multiple of entry size\n"),
3598 cnt, section_name (ebl, cnt));
3600 if (elf_strptr (ebl->elf, shstrndx, shdr->sh_name) == NULL)
3601 ERROR (gettext ("cannot get section header\n"));
3603 if (shdr->sh_type >= SHT_NUM
3604 && shdr->sh_type != SHT_GNU_ATTRIBUTES
3605 && shdr->sh_type != SHT_GNU_LIBLIST
3606 && shdr->sh_type != SHT_CHECKSUM
3607 && shdr->sh_type != SHT_GNU_verdef
3608 && shdr->sh_type != SHT_GNU_verneed
3609 && shdr->sh_type != SHT_GNU_versym
3610 && ebl_section_type_name (ebl, shdr->sh_type, NULL, 0) == NULL)
3611 ERROR (gettext ("section [%2zu] '%s' has unsupported type %d\n"),
3612 cnt, section_name (ebl, cnt),
3613 (int) shdr->sh_type);
3615 #define ALL_SH_FLAGS (SHF_WRITE | SHF_ALLOC | SHF_EXECINSTR | SHF_MERGE \
3616 | SHF_STRINGS | SHF_INFO_LINK | SHF_LINK_ORDER \
3617 | SHF_OS_NONCONFORMING | SHF_GROUP | SHF_TLS)
3618 if (shdr->sh_flags & ~(GElf_Xword) ALL_SH_FLAGS)
3620 GElf_Xword sh_flags = shdr->sh_flags & ~(GElf_Xword) ALL_SH_FLAGS;
3621 if (sh_flags & SHF_MASKPROC)
3623 if (!ebl_machine_section_flag_check (ebl,
3624 sh_flags & SHF_MASKPROC))
3625 ERROR (gettext ("section [%2zu] '%s'"
3626 " contains invalid processor-specific flag(s)"
3628 cnt, section_name (ebl, cnt), sh_flags & SHF_MASKPROC);
3629 sh_flags &= ~(GElf_Xword) SHF_MASKPROC;
3632 ERROR (gettext ("section [%2zu] '%s' contains unknown flag(s)"
3634 cnt, section_name (ebl, cnt), sh_flags);
3636 if (shdr->sh_flags & SHF_TLS)
3639 if (shdr->sh_addr != 0 && !gnuld)
3641 section [%2zu] '%s': thread-local data sections address not zero\n"),
3642 cnt, section_name (ebl, cnt));
3644 // XXX TODO more tests!?
3647 if (shdr->sh_link >= shnum)
3649 section [%2zu] '%s': invalid section reference in link value\n"),
3650 cnt, section_name (ebl, cnt));
3652 if (SH_INFO_LINK_P (shdr) && shdr->sh_info >= shnum)
3654 section [%2zu] '%s': invalid section reference in info value\n"),
3655 cnt, section_name (ebl, cnt));
3657 if ((shdr->sh_flags & SHF_MERGE) == 0
3658 && (shdr->sh_flags & SHF_STRINGS) != 0
3661 section [%2zu] '%s': strings flag set without merge flag\n"),
3662 cnt, section_name (ebl, cnt));
3664 if ((shdr->sh_flags & SHF_MERGE) != 0 && shdr->sh_entsize == 0)
3666 section [%2zu] '%s': merge flag set but entry size is zero\n"),
3667 cnt, section_name (ebl, cnt));
3669 if (shdr->sh_flags & SHF_GROUP)
3670 check_scn_group (ebl, cnt);
3672 if (shdr->sh_flags & SHF_EXECINSTR)
3674 switch (shdr->sh_type)
3684 section [%2zu] '%s' has unexpected type %d for an executable section\n"),
3685 cnt, section_name (ebl, cnt), shdr->sh_type);
3689 if ((shdr->sh_flags & SHF_WRITE)
3690 && !ebl_check_special_section (ebl, cnt, shdr,
3691 section_name (ebl, cnt)))
3693 section [%2zu] '%s' is both executable and writable\n"),
3694 cnt, section_name (ebl, cnt));
3697 if (ehdr->e_type != ET_REL && (shdr->sh_flags & SHF_ALLOC) != 0)
3699 /* Make sure the section is contained in a loaded segment
3700 and that the initialization part matches NOBITS sections. */
3705 for (pcnt = 0; pcnt < phnum; ++pcnt)
3706 if ((phdr = gelf_getphdr (ebl->elf, pcnt, &phdr_mem)) != NULL
3707 && ((phdr->p_type == PT_LOAD
3708 && (shdr->sh_flags & SHF_TLS) == 0)
3709 || (phdr->p_type == PT_TLS
3710 && (shdr->sh_flags & SHF_TLS) != 0))
3711 && phdr->p_offset <= shdr->sh_offset
3712 && ((shdr->sh_offset - phdr->p_offset <= phdr->p_filesz
3713 && (shdr->sh_offset - phdr->p_offset < phdr->p_filesz
3714 || shdr->sh_size == 0))
3715 || (shdr->sh_offset - phdr->p_offset < phdr->p_memsz
3716 && shdr->sh_type == SHT_NOBITS)))
3718 /* Found the segment. */
3719 if (phdr->p_offset + phdr->p_memsz
3720 < shdr->sh_offset + shdr->sh_size)
3722 section [%2zu] '%s' not fully contained in segment of program header entry %d\n"),
3723 cnt, section_name (ebl, cnt), pcnt);
3725 if (shdr->sh_type == SHT_NOBITS)
3727 if (shdr->sh_offset < phdr->p_offset + phdr->p_filesz
3730 section [%2zu] '%s' has type NOBITS but is read from the file in segment of program header entry %d\n"),
3731 cnt, section_name (ebl, cnt), pcnt);
3735 const GElf_Off end = phdr->p_offset + phdr->p_filesz;
3736 if (shdr->sh_offset > end ||
3737 (shdr->sh_offset == end && shdr->sh_size != 0))
3739 section [%2zu] '%s' has not type NOBITS but is not read from the file in segment of program header entry %d\n"),
3740 cnt, section_name (ebl, cnt), pcnt);
3743 if (shdr->sh_type != SHT_NOBITS)
3745 if ((shdr->sh_flags & SHF_EXECINSTR) != 0)
3747 segment_flags[pcnt] |= PF_X;
3748 if ((phdr->p_flags & PF_X) == 0)
3750 section [%2zu] '%s' is executable in nonexecutable segment %d\n"),
3751 cnt, section_name (ebl, cnt), pcnt);
3754 if ((shdr->sh_flags & SHF_WRITE) != 0)
3756 segment_flags[pcnt] |= PF_W;
3757 if (0 /* XXX vdso images have this */
3758 && (phdr->p_flags & PF_W) == 0)
3760 section [%2zu] '%s' is writable in unwritable segment %d\n"),
3761 cnt, section_name (ebl, cnt), pcnt);
3770 section [%2zu] '%s': alloc flag set but section not in any loaded segment\n"),
3771 cnt, section_name (ebl, cnt));
3774 if (cnt == shstrndx && shdr->sh_type != SHT_STRTAB)
3776 section [%2zu] '%s': ELF header says this is the section header string table but type is not SHT_TYPE\n"),
3777 cnt, section_name (ebl, cnt));
3779 switch (shdr->sh_type)
3782 if (ehdr->e_type == ET_REL)
3784 section [%2zu] '%s': relocatable files cannot have dynamic symbol tables\n"),
3785 cnt, section_name (ebl, cnt));
3788 check_symtab (ebl, ehdr, shdr, cnt);
3792 check_rela (ebl, ehdr, shdr, cnt);
3796 check_rel (ebl, ehdr, shdr, cnt);
3800 check_dynamic (ebl, ehdr, shdr, cnt);
3803 case SHT_SYMTAB_SHNDX:
3804 check_symtab_shndx (ebl, ehdr, shdr, cnt);
3808 check_hash (shdr->sh_type, ebl, ehdr, shdr, cnt);
3813 check_hash (shdr->sh_type, ebl, ehdr, shdr, cnt);
3818 check_null (ebl, shdr, cnt);
3822 check_group (ebl, ehdr, shdr, cnt);
3826 check_note_section (ebl, ehdr, shdr, cnt);
3829 case SHT_GNU_versym:
3830 /* We cannot process this section now since we have no guarantee
3831 that the verneed and verdef sections have already been read.
3832 Just remember the section index. */
3833 if (versym_scnndx != 0)
3834 ERROR (gettext ("more than one version symbol table present\n"));
3835 versym_scnndx = cnt;
3838 case SHT_GNU_verneed:
3839 check_verneed (ebl, shdr, cnt);
3842 case SHT_GNU_verdef:
3843 check_verdef (ebl, shdr, cnt);
3846 case SHT_GNU_ATTRIBUTES:
3847 check_attributes (ebl, ehdr, shdr, cnt);
3856 if (has_interp_segment && !dot_interp_section)
3857 ERROR (gettext ("INTERP program header entry but no .interp section\n"));
3860 for (unsigned int pcnt = 0; pcnt < phnum; ++pcnt)
3863 GElf_Phdr *phdr = gelf_getphdr (ebl->elf, pcnt, &phdr_mem);
3864 if (phdr != NULL && (phdr->p_type == PT_LOAD || phdr->p_type == PT_TLS))
3866 if ((phdr->p_flags & PF_X) != 0
3867 && (segment_flags[pcnt] & PF_X) == 0)
3869 loadable segment [%u] is executable but contains no executable sections\n"),
3872 if ((phdr->p_flags & PF_W) != 0
3873 && (segment_flags[pcnt] & PF_W) == 0)
3875 loadable segment [%u] is writable but contains no writable sections\n"),
3880 free (segment_flags);
3882 if (version_namelist != NULL)
3884 if (versym_scnndx == 0)
3886 no .gnu.versym section present but .gnu.versym_d or .gnu.versym_r section exist\n"));
3888 check_versym (ebl, versym_scnndx);
3890 /* Check for duplicate index numbers. */
3893 struct version_namelist *runp = version_namelist->next;
3894 while (runp != NULL)
3896 if (version_namelist->ndx == runp->ndx)
3898 ERROR (gettext ("duplicate version index %d\n"),
3899 (int) version_namelist->ndx);
3905 struct version_namelist *old = version_namelist;
3906 version_namelist = version_namelist->next;
3909 while (version_namelist != NULL);
3911 else if (versym_scnndx != 0)
3913 .gnu.versym section present without .gnu.versym_d or .gnu.versym_r\n"));
3915 if (hash_idx != 0 && gnu_hash_idx != 0)
3916 compare_hash_gnu_hash (ebl, ehdr, hash_idx, gnu_hash_idx);
3923 check_note_data (Ebl *ebl, const GElf_Ehdr *ehdr,
3924 Elf_Data *data, int shndx, int phndx, GElf_Off start)
3927 size_t last_offset = 0;
3931 while (offset < data->d_size
3932 && (offset = gelf_getnote (data, offset,
3933 &nhdr, &name_offset, &desc_offset)) > 0)
3935 last_offset = offset;
3937 /* Make sure it is one of the note types we know about. */
3938 if (ehdr->e_type == ET_CORE)
3939 switch (nhdr.n_type)
3944 case NT_TASKSTRUCT: /* NT_PRXREG on Solaris. */
3962 phdr[%d]: unknown core file note type %" PRIu32 " at offset %" PRIu64 "\n"),
3963 phndx, (uint32_t) nhdr.n_type, start + offset);
3966 section [%2d] '%s': unknown core file note type %" PRIu32
3967 " at offset %Zu\n"),
3968 shndx, section_name (ebl, shndx),
3969 (uint32_t) nhdr.n_type, offset);
3972 switch (nhdr.n_type)
3974 case NT_GNU_ABI_TAG:
3976 case NT_GNU_BUILD_ID:
3977 case NT_GNU_GOLD_VERSION:
3981 /* Linux vDSOs use a type 0 note for the kernel version word. */
3982 if (nhdr.n_namesz == sizeof "Linux"
3983 && !memcmp (data->d_buf + name_offset, "Linux", sizeof "Linux"))
3989 phdr[%d]: unknown object file note type %" PRIu32 " at offset %Zu\n"),
3990 phndx, (uint32_t) nhdr.n_type, offset);
3993 section [%2d] '%s': unknown object file note type %" PRIu32
3994 " at offset %Zu\n"),
3995 shndx, section_name (ebl, shndx),
3996 (uint32_t) nhdr.n_type, offset);
4005 check_note (Ebl *ebl, GElf_Ehdr *ehdr, GElf_Phdr *phdr, int cnt)
4007 if (ehdr->e_type != ET_CORE && ehdr->e_type != ET_REL
4008 && ehdr->e_type != ET_EXEC && ehdr->e_type != ET_DYN)
4010 phdr[%d]: no note entries defined for the type of file\n"),
4014 /* The p_offset values in a separate debug file are bogus. */
4017 if (phdr->p_filesz == 0)
4020 GElf_Off notes_size = 0;
4021 Elf_Data *data = elf_getdata_rawchunk (ebl->elf,
4022 phdr->p_offset, phdr->p_filesz,
4025 notes_size = check_note_data (ebl, ehdr, data, 0, cnt, phdr->p_offset);
4027 if (notes_size == 0)
4028 ERROR (gettext ("phdr[%d]: cannot get content of note section: %s\n"),
4029 cnt, elf_errmsg (-1));
4030 else if (notes_size != phdr->p_filesz)
4031 ERROR (gettext ("phdr[%d]: extra %" PRIu64 " bytes after last note\n"),
4032 cnt, phdr->p_filesz - notes_size);
4037 check_note_section (Ebl *ebl, GElf_Ehdr *ehdr, GElf_Shdr *shdr, int idx)
4039 if (shdr->sh_size == 0)
4042 Elf_Data *data = elf_getdata (elf_getscn (ebl->elf, idx), NULL);
4045 ERROR (gettext ("section [%2d] '%s': cannot get section data\n"),
4046 idx, section_name (ebl, idx));
4050 if (ehdr->e_type != ET_CORE && ehdr->e_type != ET_REL
4051 && ehdr->e_type != ET_EXEC && ehdr->e_type != ET_DYN)
4053 section [%2d] '%s': no note entries defined for the type of file\n"),
4054 idx, section_name (ebl, idx));
4056 GElf_Off notes_size = check_note_data (ebl, ehdr, data, idx, 0, 0);
4058 if (notes_size == 0)
4059 ERROR (gettext ("section [%2d] '%s': cannot get content of note section\n"),
4060 idx, section_name (ebl, idx));
4061 else if (notes_size != shdr->sh_size)
4062 ERROR (gettext ("section [%2d] '%s': extra %" PRIu64
4063 " bytes after last note\n"),
4064 idx, section_name (ebl, idx), shdr->sh_size - notes_size);
4068 /* Index of the PT_GNU_EH_FRAME program eader entry. */
4069 static int pt_gnu_eh_frame_pndx;
4073 check_program_header (Ebl *ebl, GElf_Ehdr *ehdr)
4075 if (ehdr->e_phoff == 0)
4078 if (ehdr->e_type != ET_EXEC && ehdr->e_type != ET_DYN
4079 && ehdr->e_type != ET_CORE)
4081 only executables, shared objects, and core files can have program headers\n"));
4083 int num_pt_interp = 0;
4085 int num_pt_relro = 0;
4087 for (unsigned int cnt = 0; cnt < phnum; ++cnt)
4092 phdr = gelf_getphdr (ebl->elf, cnt, &phdr_mem);
4095 ERROR (gettext ("cannot get program header entry %d: %s\n"),
4096 cnt, elf_errmsg (-1));
4100 if (phdr->p_type >= PT_NUM && phdr->p_type != PT_GNU_EH_FRAME
4101 && phdr->p_type != PT_GNU_STACK && phdr->p_type != PT_GNU_RELRO
4102 /* Check for a known machine-specific type. */
4103 && ebl_segment_type_name (ebl, phdr->p_type, NULL, 0) == NULL)
4105 program header entry %d: unknown program header entry type %#" PRIx64 "\n"),
4106 cnt, (uint64_t) phdr->p_type);
4108 if (phdr->p_type == PT_LOAD)
4109 has_loadable_segment = true;
4110 else if (phdr->p_type == PT_INTERP)
4112 if (++num_pt_interp != 1)
4114 if (num_pt_interp == 2)
4116 more than one INTERP entry in program header\n"));
4118 has_interp_segment = true;
4120 else if (phdr->p_type == PT_TLS)
4122 if (++num_pt_tls == 2)
4123 ERROR (gettext ("more than one TLS entry in program header\n"));
4125 else if (phdr->p_type == PT_NOTE)
4126 check_note (ebl, ehdr, phdr, cnt);
4127 else if (phdr->p_type == PT_DYNAMIC)
4129 if (ehdr->e_type == ET_EXEC && ! has_interp_segment)
4131 static executable cannot have dynamic sections\n"));
4134 /* Check that the .dynamic section, if it exists, has
4135 the same address. */
4136 Elf_Scn *scn = NULL;
4137 while ((scn = elf_nextscn (ebl->elf, scn)) != NULL)
4140 GElf_Shdr *shdr = gelf_getshdr (scn, &shdr_mem);
4141 if (shdr != NULL && shdr->sh_type == SHT_DYNAMIC)
4143 if (phdr->p_offset != shdr->sh_offset)
4145 dynamic section reference in program header has wrong offset\n"));
4146 if (phdr->p_memsz != shdr->sh_size)
4148 dynamic section size mismatch in program and section header\n"));
4154 else if (phdr->p_type == PT_GNU_RELRO)
4156 if (++num_pt_relro == 2)
4158 more than one GNU_RELRO entry in program header\n"));
4161 /* Check that the region is in a writable segment. */
4163 for (inner = 0; inner < phnum; ++inner)
4165 GElf_Phdr phdr2_mem;
4168 phdr2 = gelf_getphdr (ebl->elf, inner, &phdr2_mem);
4172 if (phdr2->p_type == PT_LOAD
4173 && phdr->p_vaddr >= phdr2->p_vaddr
4174 && (phdr->p_vaddr + phdr->p_memsz
4175 <= phdr2->p_vaddr + phdr2->p_memsz))
4177 if ((phdr2->p_flags & PF_W) == 0)
4179 loadable segment GNU_RELRO applies to is not writable\n"));
4180 if ((phdr2->p_flags & ~PF_W) != (phdr->p_flags & ~PF_W))
4182 loadable segment [%u] flags do not match GNU_RELRO [%u] flags\n"),
4190 %s segment not contained in a loaded segment\n"), "GNU_RELRO");
4193 else if (phdr->p_type == PT_PHDR)
4195 /* Check that the region is in a writable segment. */
4197 for (inner = 0; inner < phnum; ++inner)
4199 GElf_Phdr phdr2_mem;
4202 phdr2 = gelf_getphdr (ebl->elf, inner, &phdr2_mem);
4204 && phdr2->p_type == PT_LOAD
4205 && phdr->p_vaddr >= phdr2->p_vaddr
4206 && (phdr->p_vaddr + phdr->p_memsz
4207 <= phdr2->p_vaddr + phdr2->p_memsz))
4213 %s segment not contained in a loaded segment\n"), "PHDR");
4215 /* Check that offset in segment corresponds to offset in ELF
4217 if (phdr->p_offset != ehdr->e_phoff)
4219 program header offset in ELF header and PHDR entry do not match"));
4221 else if (phdr->p_type == PT_GNU_EH_FRAME)
4223 /* If there is an .eh_frame_hdr section it must be
4224 referenced by this program header entry. */
4225 Elf_Scn *scn = NULL;
4227 GElf_Shdr *shdr = NULL;
4229 while ((scn = elf_nextscn (ebl->elf, scn)) != NULL)
4232 shdr = gelf_getshdr (scn, &shdr_mem);
4234 && shdr->sh_type == (is_debuginfo
4235 ? SHT_NOBITS : SHT_PROGBITS)
4236 && ! strcmp (".eh_frame_hdr",
4237 elf_strptr (ebl->elf, shstrndx, shdr->sh_name)))
4241 if (phdr->p_offset != shdr->sh_offset)
4243 call frame search table reference in program header has wrong offset\n"));
4244 if (phdr->p_memsz != shdr->sh_size)
4246 call frame search table size mismatch in program and section header\n"));
4254 /* If there is no section header table we don't
4255 complain. But if there is one there should be an
4256 entry for .eh_frame_hdr. */
4259 PT_GNU_EH_FRAME present but no .eh_frame_hdr section\n"));
4263 /* The section must be allocated and not be writable and
4265 if ((phdr->p_flags & PF_R) == 0)
4267 call frame search table must be allocated\n"));
4268 else if (shdr != NULL && (shdr->sh_flags & SHF_ALLOC) == 0)
4270 section [%2zu] '%s' must be allocated\n"), elf_ndxscn (scn), ".eh_frame_hdr");
4272 if ((phdr->p_flags & PF_W) != 0)
4274 call frame search table must not be writable\n"));
4275 else if (shdr != NULL && (shdr->sh_flags & SHF_WRITE) != 0)
4277 section [%2zu] '%s' must not be writable\n"),
4278 elf_ndxscn (scn), ".eh_frame_hdr");
4280 if ((phdr->p_flags & PF_X) != 0)
4282 call frame search table must not be executable\n"));
4283 else if (shdr != NULL && (shdr->sh_flags & SHF_EXECINSTR) != 0)
4285 section [%2zu] '%s' must not be executable\n"),
4286 elf_ndxscn (scn), ".eh_frame_hdr");
4289 /* Remember which entry this is. */
4290 pt_gnu_eh_frame_pndx = cnt;
4293 if (phdr->p_filesz > phdr->p_memsz
4294 && (phdr->p_memsz != 0 || phdr->p_type != PT_NOTE))
4296 program header entry %d: file size greater than memory size\n"),
4299 if (phdr->p_align > 1)
4301 if (!powerof2 (phdr->p_align))
4303 program header entry %d: alignment not a power of 2\n"), cnt);
4304 else if ((phdr->p_vaddr - phdr->p_offset) % phdr->p_align != 0)
4306 program header entry %d: file offset and virtual address not module of alignment\n"), cnt);
4313 check_exception_data (Ebl *ebl __attribute__ ((unused)),
4314 GElf_Ehdr *ehdr __attribute__ ((unused)))
4316 if ((ehdr->e_type == ET_EXEC || ehdr->e_type == ET_DYN)
4317 && pt_gnu_eh_frame_pndx == 0 && eh_frame_hdr_scnndx != 0)
4318 ERROR (gettext ("executable/DSO with .eh_frame_hdr section does not have "
4319 "a PT_GNU_EH_FRAME program header entry"));
4323 /* Process one file. */
4325 process_elf_file (Elf *elf, const char *prefix, const char *suffix,
4326 const char *fname, size_t size, bool only_one)
4328 /* Reset variables. */
4333 needed_textrel = false;
4334 has_loadable_segment = false;
4335 has_interp_segment = false;
4338 GElf_Ehdr *ehdr = gelf_getehdr (elf, &ehdr_mem);
4341 /* Print the file name. */
4345 printf ("\n%s(%s)%s:\n", prefix, fname, suffix);
4347 printf ("\n%s:\n", fname);
4352 ERROR (gettext ("cannot read ELF header: %s\n"), elf_errmsg (-1));
4356 ebl = ebl_openbackend (elf);
4357 /* If there is no appropriate backend library we cannot test
4358 architecture and OS specific features. Any encountered extension
4361 /* Go straight by the gABI, check all the parts in turn. */
4362 check_elf_header (ebl, ehdr, size);
4364 /* Check the program header. */
4365 check_program_header (ebl, ehdr);
4367 /* Next the section headers. It is OK if there are no section
4369 check_sections (ebl, ehdr);
4371 /* Check the exception handling data, if it exists. */
4372 if (pt_gnu_eh_frame_pndx != 0 || eh_frame_hdr_scnndx != 0
4373 || eh_frame_scnndx != 0 || gcc_except_table_scnndx != 0)
4374 check_exception_data (ebl, ehdr);
4376 /* Report if no relocation section needed the text relocation flag. */
4377 if (textrel && !needed_textrel)
4378 ERROR (gettext ("text relocation flag set but not needed\n"));
4380 /* Free the resources. */
4381 ebl_closebackend (ebl);
4385 #include "debugpred.h"
projects / platform / upstream / elfutils.git / blob