int QElfParser::parse(const char *dataStart, ulong fdlen, const QString &library, QLibraryPrivate *lib, long *pos, ulong *sectionlen)
{
#if defined(QELFPARSER_DEBUG)
qDebug() << "QElfParser::parse " << library;
#endif
if (fdlen < 64){
if (lib)
lib->errorString = QLibrary::tr("'%1' is not an ELF object (%2)").arg(library).arg(QLatin1String("file too small"));
return NotElf;
}
const char *data = dataStart;
if (qstrncmp(data, "\177ELF", 4) != 0) {
if (lib)
lib->errorString = QLibrary::tr("'%1' is not an ELF object").arg(library);
return NotElf;
}
// 32 or 64 bit
if (data[4] != 1 && data[4] != 2) {
if (lib)
lib->errorString = QLibrary::tr("'%1' is an invalid ELF object (%2)").arg(library).arg(QLatin1String("odd cpu architecture"));
return Corrupt;
}
m_bits = (data[4] << 5);
/* If you remove this check, to read ELF objects of a different arch, please make sure you modify the typedefs
to match the _plugin_ architecture.
*/
if ((sizeof(void*) == 4 && m_bits != 32) || (sizeof(void*) == 8 && m_bits != 64)) {
if (lib)
lib->errorString = QLibrary::tr("'%1' is an invalid ELF object (%2)").arg(library).arg(QLatin1String("wrong cpu architecture"));
return Corrupt;
}
// endian
if (data[5] == 0) {
if (lib)
lib->errorString = QLibrary::tr("'%1' is an invalid ELF object (%2)").arg(library).arg(QLatin1String("odd endianess"));
return Corrupt;
}
m_endian = (data[5] == 1 ? ElfLittleEndian : ElfBigEndian);
data += 16 // e_ident
+ sizeof(qelfhalf_t) // e_type
+ sizeof(qelfhalf_t) // e_machine
+ sizeof(qelfword_t) // e_version
+ sizeof(qelfaddr_t) // e_entry
+ sizeof(qelfoff_t); // e_phoff
qelfoff_t e_shoff = read<qelfoff_t> (data);
data += sizeof(qelfoff_t) // e_shoff
+ sizeof(qelfword_t); // e_flags
qelfhalf_t e_shsize = read<qelfhalf_t> (data);
if (e_shsize > fdlen) {
if (lib)
lib->errorString = QLibrary::tr("'%1' is an invalid ELF object (%2)").arg(library).arg(QLatin1String("unexpected e_shsize"));
return Corrupt;
}
data += sizeof(qelfhalf_t) // e_ehsize
+ sizeof(qelfhalf_t) // e_phentsize
+ sizeof(qelfhalf_t); // e_phnum
qelfhalf_t e_shentsize = read<qelfhalf_t> (data);
if (e_shentsize % 4){
if (lib)
lib->errorString = QLibrary::tr("'%1' is an invalid ELF object (%2)").arg(library).arg(QLatin1String("unexpected e_shentsize"));
return Corrupt;
}
data += sizeof(qelfhalf_t); // e_shentsize
qelfhalf_t e_shnum = read<qelfhalf_t> (data);
data += sizeof(qelfhalf_t); // e_shnum
qelfhalf_t e_shtrndx = read<qelfhalf_t> (data);
data += sizeof(qelfhalf_t); // e_shtrndx
if ((quint32)(e_shnum * e_shentsize) > fdlen) {
if (lib)
lib->errorString = QLibrary::tr("'%1' is an invalid ELF object (%2)").arg(library)
.arg(QLatin1String("announced %2 sections, each %3 bytes, exceed file size"))
.arg(e_shnum).arg(e_shentsize);
return Corrupt;
}
#if defined(QELFPARSER_DEBUG)
qDebug() << e_shnum << "sections starting at " << ("0x" + QByteArray::number(e_shoff, 16)).data() << "each" << e_shentsize << "bytes";
#endif
ElfSectionHeader strtab;
qulonglong soff = e_shoff + e_shentsize * (e_shtrndx);
if ((soff + e_shentsize) > fdlen || soff % 4 || soff == 0) {
if (lib)
lib->errorString = QLibrary::tr("'%1' is an invalid ELF object (%2)").arg(library)
.arg(QLatin1String("shstrtab section header seems to be at %1"))
.arg(QString::number(soff, 16));
return Corrupt;
}
parseSectionHeader(dataStart + soff, &strtab);
m_stringTableFileOffset = strtab.offset;
if ((quint32)(m_stringTableFileOffset + e_shentsize) >= fdlen || m_stringTableFileOffset == 0) {
if (lib)
lib->errorString = QLibrary::tr("'%1' is an invalid ELF object (%2)").arg(library)
.arg(QLatin1String("string table seems to be at %1"))
.arg(QString::number(soff, 16));
return Corrupt;
}
#if defined(QELFPARSER_DEBUG)
qDebug(".shstrtab at 0x%s", QByteArray::number(m_stringTableFileOffset, 16).data());
#endif
const char *s = dataStart + e_shoff;
for (int i = 0; i < e_shnum; ++i) {
ElfSectionHeader sh;
parseSectionHeader(s, &sh);
if (sh.name == 0) {
s += e_shentsize;
continue;
}
const char *shnam = dataStart + m_stringTableFileOffset + sh.name;
if (m_stringTableFileOffset + sh.name > fdlen) {
if (lib)
lib->errorString = QLibrary::tr("'%1' is an invalid ELF object (%2)").arg(library)
.arg(QLatin1String("section name %2 of %3 behind end of file"))
.arg(i).arg(e_shnum);
return Corrupt;
}
#if defined(QELFPARSER_DEBUG)
qDebug() << "++++" << i << shnam;
#endif
if (qstrcmp(shnam, ".qtmetadata") == 0 || qstrcmp(shnam, ".rodata") == 0) {
if (!(sh.type & 0x1)) {
if (shnam[1] == 'r') {
if (lib)
lib->errorString = QLibrary::tr("'%1' is an invalid ELF object (%2)").arg(library)
.arg(QLatin1String("empty .rodata. not a library."));
return Corrupt;
}
#if defined(QELFPARSER_DEBUG)
qDebug()<<"section is not program data. skipped.";
#endif
s += e_shentsize;
continue;
}
if (sh.offset == 0 || (sh.offset + sh.size) > fdlen || sh.size < 1) {
if (lib)
lib->errorString = QLibrary::tr("'%1' is an invalid ELF object (%2)").arg(library)
.arg(QLatin1String("missing section data. This is not a library."));
return Corrupt;
}
*pos = sh.offset;
*sectionlen = sh.size - 1;
if (shnam[1] == 'q')
return QtMetaDataSection;
}
s += e_shentsize;
}
return NoQtSection;
}
ElfReader::Result ElfReader::readIt()
{
if (!m_elfData.sectionHeaders.isEmpty())
return Ok;
if (!m_elfData.programHeaders.isEmpty())
return Ok;
ElfMapper mapper(this);
if (!mapper.map())
return Corrupt;
const quint64 fdlen = mapper.fdlen;
if (fdlen < 64) {
m_errorString = QStringLiteral("'%1' is not an ELF object (file too small)").arg(QDir::toNativeSeparators(m_binary));
return NotElf;
}
if (strncmp(mapper.start, "\177ELF", 4) != 0) {
m_errorString = QStringLiteral("'%1' is not an ELF object").arg(QDir::toNativeSeparators(m_binary));
return NotElf;
}
// 32 or 64 bit
m_elfData.elfclass = ElfClass(mapper.start[4]);
const bool is64Bit = m_elfData.elfclass == Elf_ELFCLASS64;
if (m_elfData.elfclass != Elf_ELFCLASS32 && m_elfData.elfclass != Elf_ELFCLASS64) {
m_errorString = msgInvalidElfObject(m_binary, QStringLiteral("odd cpu architecture"));
return Corrupt;
}
// int bits = (data[4] << 5);
// If you remove this check to read ELF objects of a different arch,
// please make sure you modify the typedefs
// to match the _plugin_ architecture.
// if ((sizeof(void*) == 4 && bits != 32)
// || (sizeof(void*) == 8 && bits != 64)) {
// if (errorString)
// *errorString = QLibrary::QStringLiteral("'%1' is an invalid ELF object (%2)")
// .arg(m_binary).arg(QLatin1String("wrong cpu architecture"));
// return Corrupt;
// }
// Read Endianhness.
m_elfData.endian = ElfEndian(mapper.ustart[5]);
if (m_elfData.endian != Elf_ELFDATA2LSB && m_elfData.endian != Elf_ELFDATA2MSB) {
m_errorString = msgInvalidElfObject(m_binary, QStringLiteral("odd endianness"));
return Corrupt;
}
const uchar *data = mapper.ustart + 16; // e_ident
m_elfData.elftype = ElfType(getHalfWord(data, m_elfData));
m_elfData.elfmachine = ElfMachine(getHalfWord(data, m_elfData));
/* e_version = */ getWord(data, m_elfData);
m_elfData.entryPoint = getAddress(data, m_elfData);
quint64 e_phoff = getOffset(data, m_elfData);
quint64 e_shoff = getOffset(data, m_elfData);
/* e_flags = */ getWord(data, m_elfData);
quint32 e_shsize = getHalfWord(data, m_elfData);
if (e_shsize > fdlen) {
m_errorString = msgInvalidElfObject(m_binary, QStringLiteral("unexpected e_shsize"));
return Corrupt;
}
quint32 e_phentsize = getHalfWord(data, m_elfData);
if (e_phentsize != (is64Bit ? 56 : 32)) {
m_errorString = msgInvalidElfObject(m_binary, QStringLiteral("invalid structure"));
return ElfReader::Corrupt;
}
quint32 e_phnum = getHalfWord(data, m_elfData);
quint32 e_shentsize = getHalfWord(data, m_elfData);
if (e_shentsize % 4) {
m_errorString = msgInvalidElfObject(m_binary, QStringLiteral("unexpected e_shentsize"));
return Corrupt;
}
quint32 e_shnum = getHalfWord(data, m_elfData);
quint32 e_shtrndx = getHalfWord(data, m_elfData);
if (data != mapper.ustart + (is64Bit ? 64 : 52)) {
m_errorString = msgInvalidElfObject(m_binary, QStringLiteral("unexpected e_phentsize"));
return ElfReader::Corrupt;
}
if (quint64(e_shnum) * e_shentsize > fdlen) {
const QString reason = QStringLiteral("announced %1 sections, each %2 bytes, exceed file size").arg(e_shnum).arg(e_shentsize);
m_errorString = msgInvalidElfObject(m_binary, reason);
return Corrupt;
}
quint64 soff = e_shoff + e_shentsize * e_shtrndx;
// if ((soff + e_shentsize) > fdlen || soff % 4 || soff == 0) {
// m_errorString = QLibrary::QStringLiteral("'%1' is an invalid ELF object (%2)")
// .arg(m_binary)
// .arg(QLatin1String("shstrtab section header seems to be at %1"))
// .arg(QString::number(soff, 16));
// return Corrupt;
// }
if (e_shoff) {
ElfSectionHeader strtab;
parseSectionHeader(mapper.ustart + soff, &strtab, m_elfData);
const quint64 stringTableFileOffset = strtab.offset;
if (quint32(stringTableFileOffset + e_shentsize) >= fdlen
|| stringTableFileOffset == 0) {
const QString reason = QStringLiteral("string table seems to be at 0x%1").arg(soff, 0, 16);
m_errorString = msgInvalidElfObject(m_binary, reason);
return Corrupt;
}
for (quint32 i = 0; i < e_shnum; ++i) {
const uchar *s = mapper.ustart + e_shoff + i * e_shentsize;
ElfSectionHeader sh;
parseSectionHeader(s, &sh, m_elfData);
if (stringTableFileOffset + sh.index > fdlen) {
const QString reason = QStringLiteral("section name %1 of %2 behind end of file")
.arg(i).arg(e_shnum);
m_errorString = msgInvalidElfObject(m_binary, reason);
return Corrupt;
}
sh.name = mapper.start + stringTableFileOffset + sh.index;
if (sh.name == ".gdb_index") {
m_elfData.symbolsType = FastSymbols;
} else if (sh.name == ".debug_info") {
m_elfData.symbolsType = PlainSymbols;
} else if (sh.name == ".gnu_debuglink") {
m_elfData.debugLink = QByteArray(mapper.start + sh.offset);
m_elfData.symbolsType = LinkedSymbols;
} else if (sh.name == ".note.gnu.build-id") {
m_elfData.symbolsType = BuildIdSymbols;
if (sh.size > 16)
m_elfData.buildId = QByteArray(mapper.start + sh.offset + 16,
sh.size - 16).toHex();
}
m_elfData.sectionHeaders.append(sh);
}
}
if (e_phoff) {
for (quint32 i = 0; i < e_phnum; ++i) {
const uchar *s = mapper.ustart + e_phoff + i * e_phentsize;
ElfProgramHeader ph;
parseProgramHeader(s, &ph, m_elfData);
m_elfData.programHeaders.append(ph);
}
}
return Ok;
}
