From 509070d662aa0647d508fa7de3902df9bea827fc Mon Sep 17 00:00:00 2001 From: Christos Zoulas Date: Thu, 5 Jun 2008 12:59:15 +0000 Subject: [PATCH] Comment #3 From Jakub Jelinek on 2006-10-06 07:42 EST [reply] The file is the stripped-into-separate-file debuginfo, in which sections that are present in the stripped file are made SHT_NOBITS and not present at all. So, file needs to check for SHT_NOBITS .note sections and don't look at them at all. Currently it just reads some completely unrelated data (probably part of one of the .debug_* sections). Comment #6 From Jakub Jelinek on 2006-10-17 10:48 EST [reply] Proposed patch. While it would be possible to do what I proposed (i.e. for each PT_NOTE look up in section header table in which section the virtual address falls in and test if it is not SHT_NOBITS), this is far easier and faster and has a nice side-effect that it doesn't duplication information in file output. Unpatched file will e.g. say: file /bin/bash /bin/bash: ELF 64-bit LSB executable, AMD x86-64, version 1 (SYSV), for GNU/Linux 2.6.9, dynamically linked (uses shared libs), for GNU/Linux 2.6.9, stripped (note the .note.ABI-tag section being parsed and printed twice, once when found through PT_NOTE, once when found through SHT_NOTE). When the executable has a section header table, then it is safe to assume that either there will be a SHT_NOTE section corresponding to the PT_NOTE program header, or it will be SHT_NOBITS in a debuginfo file (at which point it is not present). --- src/elfclass.h | 3 ++- src/readelf.c | 8 +++++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/src/elfclass.h b/src/elfclass.h index 8b7f6f90..91a0e5c9 100644 --- a/src/elfclass.h +++ b/src/elfclass.h @@ -49,7 +49,8 @@ (off_t)elf_getu(swap, elfhdr.e_phoff), elf_getu16(swap, elfhdr.e_phnum), (size_t)elf_getu16(swap, elfhdr.e_phentsize), - fsize, &flags) == -1) + fsize, &flags, elf_getu16(swap, elfhdr.e_shnum)) + == -1) return -1; /*FALLTHROUGH*/ case ET_REL: diff --git a/src/readelf.c b/src/readelf.c index 4b86d56f..3e492932 100644 --- a/src/readelf.c +++ b/src/readelf.c @@ -38,7 +38,7 @@ #include "magic.h" #ifndef lint -FILE_RCSID("@(#)$File: readelf.c,v 1.73 2008/03/27 22:00:28 christos Exp $") +FILE_RCSID("@(#)$File: readelf.c,v 1.74 2008/05/28 21:02:29 christos Exp $") #endif #ifdef ELFCORE @@ -46,7 +46,7 @@ private int dophn_core(struct magic_set *, int, int, int, off_t, int, size_t, off_t, int *); #endif private int dophn_exec(struct magic_set *, int, int, int, off_t, int, size_t, - off_t, int *); + off_t, int *, int); private int doshn(struct magic_set *, int, int, int, off_t, int, size_t, int *, int); private size_t donote(struct magic_set *, unsigned char *, size_t, size_t, int, @@ -1008,7 +1008,7 @@ doshn(struct magic_set *ms, int class, int swap, int fd, off_t off, int num, */ private int dophn_exec(struct magic_set *ms, int class, int swap, int fd, off_t off, - int num, size_t size, off_t fsize, int *flags) + int num, size_t size, off_t fsize, int *flags, int sh_num) { Elf32_Phdr ph32; Elf64_Phdr ph64; @@ -1077,6 +1077,8 @@ dophn_exec(struct magic_set *ms, int class, int swap, int fd, off_t off, return -1; align = 4; } + if (sh_num) + break; /* * This is a PT_NOTE section; loop through all the notes * in the section. -- 2.40.0