diff --git a/src/patchelf.cc b/src/patchelf.cc index 1a90edb1..ee009189 100644 --- a/src/patchelf.cc +++ b/src/patchelf.cc @@ -664,14 +664,14 @@ template void ElfFile::writeReplacedSections(Elf_Off & curOff, Elf_Addr startAddr, Elf_Off startOffset) { - /* Overwrite the old section contents with 'X's. Do this + /* Overwrite the old section contents with 'Z's. Do this *before* writing the new section contents (below) to prevent clobbering previously written new section contents. */ for (auto & i : replacedSections) { const std::string & sectionName = i.first; const Elf_Shdr & shdr = findSectionHeader(sectionName); if (rdi(shdr.sh_type) != SHT_NOBITS) - memset(fileContents->data() + rdi(shdr.sh_offset), 'X', rdi(shdr.sh_size)); + memset(fileContents->data() + rdi(shdr.sh_offset), 'Z', rdi(shdr.sh_size)); } std::set noted_phdrs = {}; @@ -1538,7 +1538,7 @@ void ElfFile::modifyRPath(RPathOp op, /* !!! We assume that the virtual address in the DT_STRTAB entry of the dynamic section corresponds to the .dynstr section. */ - auto shdrDynStr = findSectionHeader(".dynstr"); + auto& shdrDynStr = findSectionHeader(".dynstr"); char * strTab = (char *) fileContents->data() + rdi(shdrDynStr.sh_offset); @@ -1621,24 +1621,39 @@ void ElfFile::modifyRPath(RPathOp op, } changed = true; - /* Zero out the previous rpath to prevent retained dependencies in - Nix. */ + bool rpathStrShared = false; size_t rpathSize = 0; if (rpath) { - rpathSize = strlen(rpath); + std::string_view rpathView {rpath}; + rpathSize = rpathView.size(); + + size_t rpathStrReferences = 0; + forAllStringReferences(shdrDynStr, [&] (auto refIdx) { + if (rpathView.end() == std::string_view(strTab + rdi(refIdx)).end()) + rpathStrReferences++; + }); + assert(rpathStrReferences >= 1); + debug("Number of rpath references: %lu\n", rpathStrReferences); + rpathStrShared = rpathStrReferences > 1; + } + + /* Zero out the previous rpath to prevent retained dependencies in + Nix. */ + if (rpath && !rpathStrShared) { + debug("Tainting old rpath with Xs\n"); memset(rpath, 'X', rpathSize); } debug("new rpath is '%s'\n", newRPath.c_str()); - if (newRPath.size() <= rpathSize) { + if (!rpathStrShared && newRPath.size() <= rpathSize) { if (rpath) memcpy(rpath, newRPath.c_str(), newRPath.size() + 1); return; } /* Grow the .dynstr section to make room for the new RPATH. */ - debug("rpath is too long, resizing...\n"); + debug("rpath is too long or shared, resizing...\n"); std::string & newDynStr = replaceSection(".dynstr", rdi(shdrDynStr.sh_size) + newRPath.size() + 1); @@ -2293,6 +2308,42 @@ void ElfFile::modifyExecstack(ExecstackMode op) printf("execstack: %c\n", result); } +template +template +void ElfFile::forAllStringReferences(const Elf_Shdr& strTabHdr, StrIdxCallback&& fn) +{ + for (auto& sym : tryGetSectionSpan(".dynsym")) + fn(sym.st_name); + + for (auto& dyn : tryGetSectionSpan(".dynamic")) + switch (rdi(dyn.d_tag)) + { + case DT_NEEDED: + case DT_SONAME: + case DT_RPATH: + case DT_RUNPATH: fn(dyn.d_un.d_val); + default:; + } + + if (auto verdHdr = tryFindSectionHeader(".gnu.version_d")) + { + if (&shdrs.at(rdi(verdHdr->get().sh_link)) == &strTabHdr) + forAll_ElfVer(getSectionSpan(*verdHdr), + [] (auto& /*vd*/) {}, + [&] (auto& vda) { fn(vda.vda_name); } + ); + } + + if (auto vernHdr = tryFindSectionHeader(".gnu.version_r")) + { + if (&shdrs.at(rdi(vernHdr->get().sh_link)) == &strTabHdr) + forAll_ElfVer(getSectionSpan(*vernHdr), + [&] (auto& vn) { fn(vn.vn_file); }, + [&] (auto& vna) { fn(vna.vna_name); } + ); + } +} + static bool printInterpreter = false; static bool printOsAbi = false; static bool setOsAbi = false; @@ -2397,9 +2448,9 @@ static void patchElf() const std::string & outputFileName2 = outputFileName.empty() ? fileName : outputFileName; if (getElfType(fileContents).is32Bit) - patchElf2(ElfFile(fileContents), fileContents, outputFileName2); + patchElf2(ElfFile(fileContents), fileContents, outputFileName2); else - patchElf2(ElfFile(fileContents), fileContents, outputFileName2); + patchElf2(ElfFile(fileContents), fileContents, outputFileName2); } } diff --git a/src/patchelf.h b/src/patchelf.h index 9fab18c0..4e229d67 100644 --- a/src/patchelf.h +++ b/src/patchelf.h @@ -10,8 +10,8 @@ using FileContents = std::shared_ptr>; -#define ElfFileParams class Elf_Ehdr, class Elf_Phdr, class Elf_Shdr, class Elf_Addr, class Elf_Off, class Elf_Dyn, class Elf_Sym, class Elf_Verneed, class Elf_Versym, class Elf_Rel, class Elf_Rela, unsigned ElfClass -#define ElfFileParamNames Elf_Ehdr, Elf_Phdr, Elf_Shdr, Elf_Addr, Elf_Off, Elf_Dyn, Elf_Sym, Elf_Verneed, Elf_Versym, Elf_Rel, Elf_Rela, ElfClass +#define ElfFileParams class Elf_Ehdr, class Elf_Phdr, class Elf_Shdr, class Elf_Addr, class Elf_Off, class Elf_Dyn, class Elf_Sym, class Elf_Versym, class Elf_Verdef, class Elf_Verdaux, class Elf_Verneed, class Elf_Vernaux, class Elf_Rel, class Elf_Rela, unsigned ElfClass +#define ElfFileParamNames Elf_Ehdr, Elf_Phdr, Elf_Shdr, Elf_Addr, Elf_Off, Elf_Dyn, Elf_Sym, Elf_Versym, Elf_Verdef, Elf_Verdaux, Elf_Verneed, Elf_Vernaux, Elf_Rel, Elf_Rela, ElfClass template struct span @@ -237,6 +237,40 @@ class ElfFile } } + template + void forAllStringReferences(const Elf_Shdr& strTabHdr, StrIdxCallback&& fn); + + template + auto follow(U* ptr, size_t offset) -> T* { + return offset ? (T*)(((char*)ptr)+offset) : nullptr; + }; + + template + void forAll_ElfVer(span vdspan, VdFn&& vdfn, VaFn&& vafn) + { + auto* vd = vdspan.begin(); + for (; vd; vd = follow(vd, rdi(vd->vd_next))) + { + vdfn(*vd); + auto va = follow(vd, rdi(vd->vd_aux)); + for (; va; va = follow(va, rdi(va->vda_next))) + vafn(*va); + } + } + + template + void forAll_ElfVer(span vnspan, VnFn&& vnfn, VaFn&& vafn) + { + auto* vn = vnspan.begin(); + for (; vn; vn = follow(vn, rdi(vn->vn_next))) + { + vnfn(*vn); + auto va = follow(vn, rdi(vn->vn_aux)); + for (; va; va = follow(va, rdi(va->vna_next))) + vafn(*va); + } + } + /* Convert an integer in big or little endian representation (as specified by the ELF header) to this platform's integer representation. */ diff --git a/tests/Makefile.am b/tests/Makefile.am index 0b648f83..5dba8042 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -49,6 +49,7 @@ src_TESTS = \ modify-execstack.sh \ rename-dynamic-symbols.sh \ overlapping-segments-after-rounding.sh \ + shared-rpath.sh \ empty-note.sh build_TESTS = \ @@ -121,7 +122,7 @@ check_DATA = libbig-dynstr.debug # - with libtool, it is difficult to control options # - with libtool, it is not possible to compile convenience *dynamic* libraries :-( check_PROGRAMS += libfoo.so libfoo-scoped.so libbar.so libbar-scoped.so libsimple.so libsimple-execstack.so libbuildid.so libtoomanystrtab.so \ - phdr-corruption.so many-syms-main libmany-syms.so liboveralign.so + phdr-corruption.so many-syms-main libmany-syms.so liboveralign.so libshared-rpath.so libbuildid_so_SOURCES = simple.c libbuildid_so_LDFLAGS = $(LDFLAGS_sharedlib) -Wl,--build-id @@ -148,6 +149,9 @@ libsimple_so_LDFLAGS = $(LDFLAGS_sharedlib) -Wl,-z,noexecstack liboveralign_so_SOURCES = simple.c liboveralign_so_LDFLAGS = $(LDFLAGS_sharedlib) -Wl,-z,max-page-size=0x10000 +libshared_rpath_so_SOURCES = shared-rpath.c +libshared_rpath_so_LDFLAGS = $(LDFLAGS_sharedlib) -Wl,-rpath=a_symbol_name + libsimple_execstack_so_SOURCES = simple.c libsimple_execstack_so_LDFLAGS = $(LDFLAGS_sharedlib) -Wl,-z,execstack diff --git a/tests/shared-rpath.c b/tests/shared-rpath.c new file mode 100644 index 00000000..8a3ee7c9 --- /dev/null +++ b/tests/shared-rpath.c @@ -0,0 +1,2 @@ +int a_symbol_name; +int foo() { return a_symbol_name; } diff --git a/tests/shared-rpath.sh b/tests/shared-rpath.sh new file mode 100755 index 00000000..8e6e26f3 --- /dev/null +++ b/tests/shared-rpath.sh @@ -0,0 +1,51 @@ +#! /bin/sh -e + +PATCHELF=$(readlink -f "../src/patchelf") +SCRATCH="scratch/$(basename "$0" .sh)" +READELF=${READELF:-readelf} + +LIB_NAME="${PWD}/libshared-rpath.so" + +rm -rf "${SCRATCH}" +mkdir -p "${SCRATCH}" +cd "${SCRATCH}" + +has_x() { + strings "$1" | grep -c "XXXXXXXX" +} + +nm -D "${LIB_NAME}" | grep a_symbol_name +previous_cnt="$(strings "${LIB_NAME}" | grep -c a_symbol_name)" + +echo "#### Number of a_symbol_name strings in the library: $previous_cnt" + +echo "#### Rename the rpath to something larger than the original" +# Pathelf should detect that the rpath string is shared with the symbol name string and avoid +# tainting the string with Xs +"${PATCHELF}" --set-rpath a_very_big_rpath_that_is_larger_than_original --output liblarge-rpath.so "${LIB_NAME}" + +echo "#### Checking symbol is still there" +nm -D liblarge-rpath.so | grep a_symbol_name + +echo "#### Checking there are no Xs" +[ "$(has_x liblarge-rpath.so)" -eq 0 ] || exit 1 + +current_cnt="$(strings liblarge-rpath.so | grep -c a_symbol_name)" +echo "#### Number of a_symbol_name strings in the modified library: $current_cnt" +[ "$current_cnt" -eq "$previous_cnt" ] || exit 1 + +echo "#### Rename the rpath to something shorter than the original" +# Pathelf should detect that the rpath string is shared with the symbol name string and avoid +# overwriting the existing string +"${PATCHELF}" --set-rpath shrt_rpth --output libshort-rpath.so "${LIB_NAME}" + +echo "#### Checking symbol is still there" +nm -D libshort-rpath.so | grep a_symbol_name + +echo "#### Number of a_symbol_name strings in the modified library: $current_cnt" +current_cnt="$(strings libshort-rpath.so | grep -c a_symbol_name)" +[ "$current_cnt" -eq "$previous_cnt" ] || exit 1 + +echo "#### Now liblarge-rpath.so should have its own rpath, so it should be allowed to taint it" +"${PATCHELF}" --set-rpath a_very_big_rpath_that_is_larger_than_original__even_larger --output liblarge-rpath2.so liblarge-rpath.so +[ "$(has_x liblarge-rpath2.so)" -eq 1 ] || exit 1