3 #include <libelfu/libelfu.h>
5 int elfu_eCheck(Elf *e)
9 GElf_Phdr *phdrs = NULL;
10 GElf_Shdr *shdrs = NULL;
11 size_t i, j, numPhdr, numShdr;
16 elfclass = gelf_getclass(e);
17 if (elfclass == ELFCLASSNONE) {
18 ELFU_WARNELF("getclass");
22 if (!gelf_getehdr(e, &ehdr)) {
23 ELFU_WARNELF("gelf_getehdr");
27 if (ehdr.e_machine != EM_386 && ehdr.e_machine != EM_X86_64) {
28 ELFU_WARN("Sorry, only x86-32 and x86-64 ELF files are supported at the moment.\n");
32 if (elf_getphdrnum(e, &numPhdr)) {
33 ELFU_WARNELF("elf_getphdrnum");
37 if (elf_getshdrnum(e, &numShdr)) {
38 ELFU_WARNELF("elf_getshdrnum");
44 phdrs = malloc(numPhdr * sizeof(GElf_Phdr));
46 ELFU_WARN("elfu_eCheck: malloc() failed for phdrs.\n");
50 /* Attempt to load all PHDRs at once to catch any errors early */
51 for (i = 0; i < numPhdr; i++) {
53 if (gelf_getphdr(e, i, &phdr) != &phdr) {
54 ELFU_WARN("gelf_getphdr() failed for #%d: %s\n", i, elf_errmsg(-1));
61 /* Check that LOAD PHDR memory ranges do not overlap, and that others
62 * are either fully contained in a LOAD range, or not at all. */
63 for (i = 0; i < numPhdr; i++) {
64 if (phdrs[i].p_type != PT_LOAD) {
68 for (j = 0; j < numPhdr; j++) {
69 if (j == i || phdrs[j].p_type != PT_LOAD) {
73 if (OVERLAPPING(phdrs[i].p_vaddr, phdrs[i].p_memsz,
74 phdrs[j].p_vaddr, phdrs[j].p_memsz)) {
75 if (phdrs[j].p_type == PT_LOAD) {
76 ELFU_WARN("elfu_eCheck: Found LOAD PHDRs that overlap in memory.\n");
78 } else if (!FULLY_OVERLAPPING(phdrs[i].p_vaddr, phdrs[i].p_memsz,
79 phdrs[j].p_vaddr, phdrs[j].p_memsz)) {
80 ELFU_WARN("elfu_eCheck: PHDRs %d and %d partially overlap in memory.\n", i, j);
90 /* SHDRs should not overlap with PHDRs. */
91 if (OVERLAPPING(ehdr.e_shoff, numShdr * ehdr.e_shentsize,
92 ehdr.e_phoff, numPhdr * ehdr.e_phentsize)) {
93 ELFU_WARN("elfu_eCheck: SHDRs overlap with PHDRs.\n");
97 shdrs = malloc(numShdr * sizeof(GElf_Shdr));
99 ELFU_WARN("elfu_eCheck: malloc() failed for shdrs.\n");
103 /* Attempt to load all SHDRs at once to catch any errors early */
104 for (i = 1; i < numShdr; i++) {
108 scn = elf_getscn(e, i);
110 ELFU_WARN("elf_getscn() failed for #%d: %s\n", i, elf_errmsg(-1));
113 if (gelf_getshdr(scn, &shdr) != &shdr) {
114 ELFU_WARNELF("gelf_getshdr");
122 /* Check that Section memory ranges do not overlap.
123 * NB: Section 0 is reserved and thus ignored. */
124 for (i = 1; i < numShdr; i++) {
125 /* Section should not overlap with EHDR. */
126 if (shdrs[i].sh_offset == 0) {
127 ELFU_WARN("elfu_eCheck: Section %d overlaps with EHDR.\n", i);
131 /* Section should not overlap with PHDRs. */
132 if (OVERLAPPING(shdrs[i].sh_offset, SCNFILESIZE(&shdrs[i]),
133 ehdr.e_phoff, numPhdr * ehdr.e_phentsize)) {
134 ELFU_WARN("elfu_eCheck: Section %d overlaps with PHDR.\n", i);
138 /* Section should not overlap with SHDRs. */
139 if (OVERLAPPING(shdrs[i].sh_offset, SCNFILESIZE(&shdrs[i]),
140 ehdr.e_shoff, numShdr * ehdr.e_shentsize)) {
141 ELFU_WARN("elfu_eCheck: Section %d overlaps with SHDRs.\n", i);
145 for (j = 1; j < numShdr; j++) {
150 /* Sections must not overlap in memory. */
151 if (shdrs[i].sh_addr != 0
152 && shdrs[j].sh_addr != 0
153 && OVERLAPPING(shdrs[i].sh_addr, shdrs[i].sh_size,
154 shdrs[j].sh_addr, shdrs[j].sh_size)) {
155 ELFU_WARN("elfu_eCheck: Sections %d and %d overlap in memory.\n", i, j);
159 /* Sections must not overlap in file. */
160 if (OVERLAPPING(shdrs[i].sh_offset, SCNFILESIZE(&shdrs[i]),
161 shdrs[j].sh_offset, SCNFILESIZE(&shdrs[j]))) {
162 ELFU_WARN("elfu_eCheck: Sections %d and %d overlap in file.\n", i, j);
167 /* Section addr/offset should match parent PHDR.
168 * Find parent PHDR: */
169 for (j = 0; j < numPhdr; j++) {
170 if (PHDR_CONTAINS_SCN_IN_MEMORY(&phdrs[j], &shdrs[i])) {
171 GElf_Off shoff = phdrs[j].p_offset + (shdrs[i].sh_addr - phdrs[j].p_vaddr);
173 if (shdrs[i].sh_offset != shoff
174 || !PHDR_CONTAINS_SCN_IN_FILE(&phdrs[j], &shdrs[i])) {
175 ELFU_WARN("elfu_eCheck: Memory/file offsets/sizes are not congruent for SHDR %d, PHDR %d.\n", i, j);
181 /* sh_link members should not point to sections out of range. */
182 if (shdrs[i].sh_link >= numShdr) {
183 ELFU_WARN("elfu_eCheck: Bogus sh_link in SHDR %d.\n", i);
199 ELFU_WARN("elfu_eCheck: Errors found.\n");