1/*- 2 * Copyright (c) 2006 Joseph Koshy 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS `AS IS' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27#include <ar.h> 28#include <assert.h> 29#include <ctype.h> 30#include "libelf.h" 31#include <stdlib.h> 32#include <string.h> 33 34#include "_libelf.h" 35 36#define LIBELF_NALLOC_SIZE 16 37 38/* 39 * `ar' archive handling. 40 * 41 * `ar' archives start with signature `ARMAG'. Each archive member is 42 * preceded by a header containing meta-data for the member. This 43 * header is described in <ar.h> (struct ar_hdr). The header always 44 * starts on an even address. File data is padded with "\n" 45 * characters to keep this invariant. 46 * 47 * Special considerations for `ar' archives: 48 * 49 * The `ar' header only has space for a 16 character file name. File 50 * names are terminated with a '/', so this effectively leaves 15 51 * characters for the actual file name. In order to accomodate longer 52 * file names, names may be stored in a separate 'string table' and 53 * referenced indirectly by a member header. The string table itself 54 * appears as an archive member with name "// ". An indirect file name 55 * in an `ar' header matches the pattern "/[0-9]*". The digits form a 56 * decimal number that corresponds to a byte offset into the string 57 * table where the actual file name of the object starts. Strings in 58 * the string table are padded to start on even addresses. 59 * 60 * Archives may also have a symbol table (see ranlib(1)), mapping 61 * program symbols to object files inside the archive. A symbol table 62 * uses a file name of "/ " in its archive header. The symbol table 63 * is structured as: 64 * - a 4-byte count of entries stored as a binary value, MSB first 65 * - 'n' 4-byte offsets, stored as binary values, MSB first 66 * - 'n' NUL-terminated strings, for ELF symbol names, stored unpadded. 67 * 68 * If the symbol table and string table are is present in an archive 69 * they must be the very first objects and in that order. 70 */ 71 72/* 73 * Convert a string bounded by `start' and `start+sz' (exclusive) to a 74 * number in the specified base. 75 */ 76static int 77_libelf_ar_get_number(char *s, size_t sz, int base, size_t *ret) 78{ 79 int c, v; 80 size_t r; 81 char *e; 82 83 assert(base <= 10); 84 85 e = s + sz; 86 87 /* skip leading blanks */ 88 for (;s < e && (c = *s) == ' '; s++) 89 ; 90 91 r = 0L; 92 for (;s < e; s++) { 93 if ((c = *s) == ' ') 94 break; 95 if (c < '0' || c > '9') 96 return (0); 97 v = c - '0'; 98 if (v >= base) /* Illegal digit. */ 99 break; 100 r *= base; 101 r += v; 102 } 103 104 *ret = r; 105 106 return (1); 107} 108 109/* 110 * Retrieve a string from a name field. If `rawname' is set, leave 111 * ar(1) control characters in. 112 */ 113static char * 114_libelf_ar_get_string(const char *buf, size_t bufsize, int rawname) 115{ 116 const char *q; 117 char *r; 118 size_t sz; 119 120 if (rawname) 121 sz = bufsize + 1; 122 else { 123 /* Skip back over trailing blanks. */ 124 for (q = buf + bufsize - 1; q >= buf && *q == ' '; --q) 125 ; 126 127 if (q < buf) { 128 /* 129 * If the input buffer only had blanks in it, 130 * return a zero-length string. 131 */ 132 buf = ""; 133 sz = 1; 134 } else { 135 /* 136 * Remove the trailing '/' character, but only 137 * if the name isn't one of the special names 138 * "/" and "//". 139 */ 140 if (q > buf + 1 || 141 (q == (buf + 1) && *buf != '/')) 142 q--; 143 144 sz = q - buf + 2; /* Space for a trailing NUL. */ 145 } 146 } 147 148 if ((r = malloc(sz)) == NULL) { 149 LIBELF_SET_ERROR(RESOURCE, 0); 150 return (NULL); 151 } 152 153 (void) strncpy(r, buf, sz); 154 r[sz - 1] = '\0'; 155 156 return (r); 157} 158 159/* 160 * Retrieve the full name of the archive member. 161 */ 162static char * 163_libelf_ar_get_name(char *buf, size_t bufsize, Elf *e) 164{ 165 char c, *q, *r, *s; 166 size_t len; 167 size_t offset; 168 169 assert(e->e_kind == ELF_K_AR); 170 171 if (buf[0] == '/' && (c = buf[1]) >= '0' && c <= '9') { 172 /* 173 * The value in field ar_name is a decimal offset into 174 * the archive string table where the actual name 175 * resides. 176 */ 177 if (_libelf_ar_get_number(buf + 1, bufsize - 1, 10, 178 &offset) == 0) { 179 LIBELF_SET_ERROR(ARCHIVE, 0); 180 return (NULL); 181 } 182 183 if (offset > e->e_u.e_ar.e_rawstrtabsz) { 184 LIBELF_SET_ERROR(ARCHIVE, 0); 185 return (NULL); 186 } 187 188 s = q = e->e_u.e_ar.e_rawstrtab + offset; 189 r = e->e_u.e_ar.e_rawstrtab + e->e_u.e_ar.e_rawstrtabsz; 190 191 for (s = q; s < r && *s != '/'; s++) 192 ; 193 len = s - q + 1; /* space for the trailing NUL */ 194 195 if ((s = malloc(len)) == NULL) { 196 LIBELF_SET_ERROR(RESOURCE, 0); 197 return (NULL); 198 } 199 200 (void) strncpy(s, q, len); 201 s[len - 1] = '\0'; 202 203 return (s); 204 } 205 206 /* 207 * Normal 'name' 208 */ 209 return (_libelf_ar_get_string(buf, bufsize, 0)); 210} 211 212 213Elf_Arhdr * 214_libelf_ar_gethdr(Elf *e) 215{ 216 Elf *parent; 217 struct ar_hdr *arh; 218 Elf_Arhdr *eh; 219 size_t n; 220 221 if ((parent = e->e_parent) == NULL) { 222 LIBELF_SET_ERROR(ARGUMENT, 0); 223 return (NULL); 224 } 225 226 arh = (struct ar_hdr *) ((uintptr_t) e->e_rawfile - sizeof(struct ar_hdr)); 227 228 assert((uintptr_t) arh >= (uintptr_t) parent->e_rawfile + SARMAG); 229 assert((uintptr_t) arh <= (uintptr_t) parent->e_rawfile + parent->e_rawsize - 230 sizeof(struct ar_hdr)); 231 232 if ((eh = malloc(sizeof(Elf_Arhdr))) == NULL) { 233 LIBELF_SET_ERROR(RESOURCE, 0); 234 return (NULL); 235 } 236 237 e->e_arhdr = eh; 238 eh->ar_name = eh->ar_rawname = NULL; 239 240 if ((eh->ar_name = _libelf_ar_get_name(arh->ar_name, sizeof(arh->ar_name), 241 parent)) == NULL) 242 goto error; 243 244 if (_libelf_ar_get_number(arh->ar_uid, sizeof(arh->ar_uid), 10, &n) == 0) 245 goto error; 246 eh->ar_uid = (uid_t) n; 247 248 if (_libelf_ar_get_number(arh->ar_gid, sizeof(arh->ar_gid), 10, &n) == 0) 249 goto error; 250 eh->ar_gid = (gid_t) n; 251 252 if (_libelf_ar_get_number(arh->ar_mode, sizeof(arh->ar_mode), 8, &n) == 0) 253 goto error; 254 eh->ar_mode = (mode_t) n; 255 256 if (_libelf_ar_get_number(arh->ar_size, sizeof(arh->ar_size), 10, &n) == 0) 257 goto error; 258 eh->ar_size = n; 259 260 if ((eh->ar_rawname = _libelf_ar_get_string(arh->ar_name, 261 sizeof(arh->ar_name), 1)) == NULL) 262 goto error; 263 264 return (eh); 265 266 error: 267 if (eh) { 268 if (eh->ar_name) 269 free(eh->ar_name); 270 if (eh->ar_rawname) 271 free(eh->ar_rawname); 272 free(eh); 273 } 274 e->e_arhdr = NULL; 275 276 return (NULL); 277} 278 279Elf * 280_libelf_ar_open_member(int fd, Elf_Cmd c, Elf *elf) 281{ 282 Elf *e; 283 off_t next; 284 struct ar_hdr *arh; 285 size_t sz; 286 287 assert(elf->e_kind == ELF_K_AR); 288 289 next = elf->e_u.e_ar.e_next; 290 291 /* 292 * `next' is only set to zero by elf_next() when the last 293 * member of an archive is processed. 294 */ 295 if (next == (off_t) 0) 296 return (NULL); 297 298 assert((next & 1) == 0); 299 300 arh = (struct ar_hdr *) (elf->e_rawfile + next); 301 302 if (_libelf_ar_get_number(arh->ar_size, sizeof(arh->ar_size), 10, &sz) == 0) { 303 LIBELF_SET_ERROR(ARCHIVE, 0); 304 return (NULL); 305 } 306 307 assert(sz > 0); 308 309 arh++; /* skip over archive member header */ 310 311 if ((e = elf_memory((char *) arh, sz)) == NULL) 312 return (NULL); 313 314 e->e_fd = fd; 315 e->e_cmd = c; 316 317 elf->e_u.e_ar.e_nchildren++; 318 e->e_parent = elf; 319 320 return (e); 321} 322 323Elf * 324_libelf_ar_open(Elf *e) 325{ 326 int i; 327 char *s, *end; 328 size_t sz; 329 struct ar_hdr arh; 330 331 e->e_kind = ELF_K_AR; 332 e->e_u.e_ar.e_nchildren = 0; 333 e->e_u.e_ar.e_next = (off_t) -1; 334 335 /* 336 * Look for special members. 337 */ 338 339 s = e->e_rawfile + SARMAG; 340 end = e->e_rawfile + e->e_rawsize; 341 342 assert(e->e_rawsize > 0); 343 344 /* 345 * Look for magic names "/ " and "// " in the first two entries 346 * of the archive. 347 */ 348 for (i = 0; i < 2; i++) { 349 350 if (s + sizeof(arh) > end) { 351 LIBELF_SET_ERROR(ARCHIVE, 0); 352 return (NULL); 353 } 354 355 (void) memcpy(&arh, s, sizeof(arh)); 356 357 if (arh.ar_fmag[0] != '`' || arh.ar_fmag[1] != '\n') { 358 LIBELF_SET_ERROR(ARCHIVE, 0); 359 return (NULL); 360 } 361 362 if (arh.ar_name[0] != '/') /* not a special symbol */ 363 break; 364 365 if (_libelf_ar_get_number(arh.ar_size, sizeof(arh.ar_size), 10, &sz) == 0) { 366 LIBELF_SET_ERROR(ARCHIVE, 0); 367 return (NULL); 368 } 369 370 assert(sz > 0); 371 372 s += sizeof(arh); 373 374 if (arh.ar_name[1] == ' ') { /* "/ " => symbol table */ 375 376 e->e_u.e_ar.e_rawsymtab = s; 377 e->e_u.e_ar.e_rawsymtabsz = sz; 378 379 } else if (arh.ar_name[1] == '/' && arh.ar_name[2] == ' ') { 380 381 /* "// " => string table for long file names */ 382 e->e_u.e_ar.e_rawstrtab = s; 383 e->e_u.e_ar.e_rawstrtabsz = sz; 384 } 385 386 sz = LIBELF_ADJUST_AR_SIZE(sz); 387 388 s += sz; 389 } 390 391 e->e_u.e_ar.e_next = (off_t) (s - e->e_rawfile); 392 393 return (e); 394} 395 396/* 397 * An ar(1) symbol table has the following layout: 398 * 399 * The first 4 bytes are a binary count of the number of entries in the 400 * symbol table, stored MSB-first. 401 * 402 * Then there are 'n' 4-byte binary offsets, also stored MSB first. 403 * 404 * Following this, there are 'n' null-terminated strings. 405 */ 406 407#define GET_WORD(P, V) do { \ 408 (V) = 0; \ 409 (V) = (P)[0]; (V) <<= 8; \ 410 (V) += (P)[1]; (V) <<= 8; \ 411 (V) += (P)[2]; (V) <<= 8; \ 412 (V) += (P)[3]; \ 413 } while (0) 414 415#define INTSZ 4 416 417Elf_Arsym * 418_libelf_ar_process_symtab(Elf *e, size_t *count) 419{ 420 size_t n, nentries, off; 421 Elf_Arsym *symtab, *sym; 422 char *p, *s, *end; 423 424 assert(e != NULL); 425 assert(count != NULL); 426 427 if (e->e_u.e_ar.e_rawsymtabsz < INTSZ) { 428 LIBELF_SET_ERROR(ARCHIVE, 0); 429 return (NULL); 430 } 431 432 p = e->e_u.e_ar.e_rawsymtab; 433 end = p + e->e_u.e_ar.e_rawsymtabsz; 434 435 GET_WORD(p, nentries); 436 p += INTSZ; 437 438 if (nentries == 0 || p + nentries * INTSZ >= end) { 439 LIBELF_SET_ERROR(ARCHIVE, 0); 440 return (NULL); 441 } 442 443 /* Allocate space for a nentries + a sentinel. */ 444 if ((symtab = malloc(sizeof(Elf_Arsym) * (nentries+1))) == NULL) { 445 LIBELF_SET_ERROR(RESOURCE, 0); 446 return (NULL); 447 } 448 449 s = p + (nentries * INTSZ); /* start of the string table. */ 450 451 for (n = nentries, sym = symtab; n > 0; n--) { 452 off = 0; 453 454 GET_WORD(p, off); 455 456 sym->as_off = off; 457 sym->as_hash = elf_hash(s); 458 sym->as_name = s; 459 460 p += INTSZ; 461 sym++; 462 463 for (; s < end && *s++ != '\0';) /* skip to next string */ 464 ; 465 if (s > end) { 466 LIBELF_SET_ERROR(ARCHIVE, 0); 467 free(symtab); 468 return (NULL); 469 } 470 } 471 472 /* Fill up the sentinel entry. */ 473 sym->as_name = NULL; 474 sym->as_hash = ~0UL; 475 sym->as_off = (off_t) 0; 476 477 *count = e->e_u.e_ar.e_symtabsz = nentries + 1; 478 e->e_u.e_ar.e_symtab = symtab; 479 480 return (symtab); 481} 482