From: Christos Zoulas Date: Thu, 27 Mar 2008 22:00:28 +0000 (+0000) Subject: elfcore fixes from Bob. X-Git-Tag: FILE5_05~414 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=17d241f08f5b97636350bc267bf79d3b756137cd;p=file elfcore fixes from Bob. --- diff --git a/ChangeLog b/ChangeLog index 1c25102c..90526139 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,20 @@ +2008-03-27 16:16 Robert Byrnes + + * src/readelf.c (donote): + ELF core file command name/line bug fixes and enhancements: + + Try larger offsets first to avoid false matches + from earlier data that happen to look like strings; + this primarily affected SunOS 5.x 32-bit Intel core files. + + Add support for command line (instead of just short name) + for SunOS 5.x. + + Add information about NT_PSINFO for SunOS 5.x. + + Only trim whitespace from end of command line. + 2007-02-11 01:36 Reuben Thomas * Change strength of ! from MULT to 0, as it matches almost diff --git a/src/readelf.c b/src/readelf.c index 8d18a63e..8e0a8fe3 100644 --- a/src/readelf.c +++ b/src/readelf.c @@ -38,7 +38,7 @@ #include "magic.h" #ifndef lint -FILE_RCSID("@(#)$File: readelf.c,v 1.72 2008/02/19 15:53:09 christos Exp $") +FILE_RCSID("@(#)$File: readelf.c,v 1.73 2008/03/27 22:00:28 christos Exp $") #endif #ifdef ELFCORE @@ -192,18 +192,38 @@ getu64(int swap, uint64_t value) : prpsoffsets64[i]) #ifdef ELFCORE +/* + * Try larger offsets first to avoid false matches + * from earlier data that happen to look like strings. + */ static const size_t prpsoffsets32[] = { - 8, /* FreeBSD */ - 44, /* Linux (path name) */ +#ifdef USE_NT_PSINFO + 104, /* SunOS 5.x (command line) */ + 88, /* SunOS 5.x (short name) */ +#endif /* USE_NT_PSINFO */ + + 100, /* SunOS 5.x (command line) */ + 84, /* SunOS 5.x (short name) */ + + 44, /* Linux (command line) */ 28, /* Linux 2.0.36 (short name) */ - 84, /* SunOS 5.x */ + + 8, /* FreeBSD */ }; static const size_t prpsoffsets64[] = { - 16, /* FreeBSD, 64-bit */ - 56, /* Linux (path name) */ +#ifdef USE_NT_PSINFO + 152, /* SunOS 5.x (command line) */ + 136, /* SunOS 5.x (short name) */ +#endif /* USE_NT_PSINFO */ + + 136, /* SunOS 5.x, 64-bit (command line) */ + 120, /* SunOS 5.x, 64-bit (short name) */ + + 56, /* Linux (command line) */ 40, /* Linux (tested on core from 2.4.x, short name) */ - 120, /* SunOS 5.x, 64-bit */ + + 16, /* FreeBSD, 64-bit */ }; #define NOFFSETS32 (sizeof prpsoffsets32 / sizeof prpsoffsets32[0]) @@ -223,6 +243,14 @@ static const size_t prpsoffsets64[] = { * SVR4-flavored systems, and Linux) containing the start of the * command line for that program. * + * SunOS 5.x core files contain two PT_NOTE sections, with the types + * NT_PRPSINFO (old) and NT_PSINFO (new). These structs contain the + * same info about the command name and command line, so it probably + * isn't worthwhile to look for NT_PSINFO, but the offsets are provided + * above (see USE_NT_PSINFO), in case we ever decide to do so. The + * NT_PRPSINFO and NT_PSINFO sections are always in order and adjacent; + * the SunOS 5.x file command relies on this (and prefers the latter). + * * The signal number probably appears in a section of type NT_PRSTATUS, * but that's also rather OS-dependent, in ways that are harder to * dissect with heuristics, so I'm not bothering with the signal number. @@ -700,7 +728,11 @@ core: &nbuf[doff + prpsoffsets(i)]; for (cp = cname; *cp && isprint(*cp); cp++) continue; - if (cp > cname) + /* + * Linux apparently appends a space at the end + * of the command line: remove it. + */ + while (cp > cname && isspace(cp[-1])) cp--; if (file_printf(ms, ", from '%.*s'", (int)(cp - cname), cname) == -1)