linker-diff 0.9.0

Diffs and validates ELF binaries
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154

use crate::header_diff::DiffMode;
use crate::header_diff::FieldValues;
use anyhow::Result;
use linker_utils::elf::secnames::GNU_VERSION_D_SECTION_NAME_STR;
use linker_utils::elf::secnames::GNU_VERSION_SECTION_NAME_STR;
use object::LittleEndian;
use object::Object;
use object::ObjectSymbol;
use object::elf;
use object::elf::VER_FLG_BASE;
use object::elf::VERSYM_HIDDEN;
use object::elf::VERSYM_VERSION;
use object::read::elf::Sym;
use object::read::elf::VersionIndex;

pub(crate) fn report_diffs(report: &mut crate::Report, objects: &[crate::Binary]) {
    report.add_diffs(crate::header_diff::diff_fields(
        objects,
        read_gnu_version_d,
        "version_d",
        DiffMode::Normal,
    ));
    report.add_diffs(crate::header_diff::diff_fields(
        objects,
        read_gnu_version,
        "version",
        DiffMode::IgnoreMissingValues,
    ));
}

// Reads version names defined in the binary's version_d section and their parent name to find
// whether all the versions are present.
fn read_gnu_version_d(bin: &crate::Binary) -> Result<FieldValues> {
    let e = LittleEndian;
    let mut values = FieldValues::default();

    let Some((mut verdef_iterator, strings_index)) = bin
        .elf_file
        .elf_section_table()
        .gnu_verdef(e, bin.elf_file.data())?
    else {
        values.insert_string_owned(
            GNU_VERSION_D_SECTION_NAME_STR.to_owned(),
            "Missing".to_owned(),
        );
        return Ok(values);
    };

    let strings =
        bin.elf_file
            .elf_section_table()
            .strings(e, bin.elf_file.data(), strings_index)?;

    while let Some((verdef, mut aux_iterator)) = verdef_iterator.next()? {
        let verdef_index = verdef.vd_ndx.get(e);
        let mut verdef_version = String::new();

        if let Some(aux) = aux_iterator.next()? {
            let name = std::str::from_utf8(aux.name(e, strings)?)?;
            verdef_version = format!("Version name: {name}");
        }

        // The base version points to the name of the binary, which is problematic for integration
        // tests. They will add `.<linker_name>` or `.<linker_name>.so` to the output name.
        // Thus, we strip it here.
        if verdef.vd_flags.get(e) & VER_FLG_BASE != 0 {
            verdef_version = verdef_version.trim_end_matches(".so").to_string();
            if let Some(pos) = verdef_version.rfind(".") {
                verdef_version.truncate(pos);
            }
        }

        let mut version_parents = Vec::new();
        while let Some(aux) = aux_iterator.next()? {
            version_parents.push(std::str::from_utf8(aux.name(e, strings)?)?);
        }
        if !version_parents.is_empty() {
            verdef_version += &format!(" Version parents: {}", version_parents.join(","));
        }

        values.insert_string_owned(format!("verdef_{verdef_index}"), verdef_version);
    }

    Ok(values)
}

// Reads dynamic symbol names and their corresponding version names to find whether all dynamic
// symbols have the correct version.
fn read_gnu_version(bin: &crate::Binary) -> Result<FieldValues> {
    let e = LittleEndian;
    let mut values = FieldValues::default();

    let Some((versyms, _)) = bin
        .elf_file
        .elf_section_table()
        .gnu_versym(e, bin.elf_file.data())?
    else {
        values.insert_string_owned(
            GNU_VERSION_SECTION_NAME_STR.to_owned(),
            "Missing".to_owned(),
        );
        return Ok(values);
    };

    let versions = bin
        .elf_file
        .elf_section_table()
        .versions(e, bin.elf_file.data())?
        .unwrap();

    let dynsym_iter = bin.elf_file.dynamic_symbols();

    // dynsym_iter skips the first symbol, make versym the same.
    for (versym, dynsym) in versyms.iter().skip(1).zip(dynsym_iter) {
        let Ok(sym_name) = dynsym.name_bytes() else {
            continue;
        };

        let version_index_raw = versym.0.get(e);
        let version_index = version_index_raw & VERSYM_VERSION;
        let hidden = version_index_raw & VERSYM_HIDDEN == VERSYM_HIDDEN;

        // TODO: Currently Wild doesn't differentiate between local and global symbols.
        let version_name = if version_index <= 1 {
            b"local or global"
        } else {
            versions
                .version(VersionIndex(version_index))?
                .unwrap()
                .name()
        };

        // GNU ld creates an empty symbol for each version, Wild doesn't, so we skip it.
        if dynsym.elf_symbol().st_type() == elf::STT_OBJECT
            && dynsym.elf_symbol().is_absolute(e)
            && sym_name == version_name
        {
            continue;
        }

        values.insert_string_owned(
            str::from_utf8(sym_name)?.to_string(),
            format!(
                "{}{}",
                str::from_utf8(version_name)?,
                if hidden { " (hidden)" } else { "" }
            ),
        );
    }

    values.sort_values();

    Ok(values)
}