/src/libbpf/elfutils/libelf/elf_strptr.c

Source
/* Return string pointer from string section.
   Copyright (C) 1998-2002, 2004, 2008, 2009, 2015 Red Hat, Inc.
   This file is part of elfutils.
   Contributed by Ulrich Drepper <drepper@redhat.com>, 1998.

   This file is free software; you can redistribute it and/or modify
   it under the terms of either

     * the GNU Lesser General Public License as published by the Free
       Software Foundation; either version 3 of the License, or (at
       your option) any later version

   or

     * the GNU General Public License as published by the Free
       Software Foundation; either version 2 of the License, or (at
       your option) any later version

   or both in parallel, as here.

   elfutils is distributed in the hope that it will be useful, but
   WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   General Public License for more details.

   You should have received copies of the GNU General Public License and
   the GNU Lesser General Public License along with this program.  If
   not, see <http://www.gnu.org/licenses/>.  */

#ifdef HAVE_CONFIG_H
# include <config.h>
#endif

#include <libelf.h>
#include <stdbool.h>
#include <stddef.h>

#include "libelfP.h"


static void *
get_zdata (Elf_Scn *strscn)
{
  size_t zsize, zalign;
  void *zdata = __libelf_decompress_elf (strscn, &zsize, &zalign);
  if (zdata == NULL)
    return NULL;

  strscn->zdata_base = zdata;
  strscn->zdata_size = zsize;
  strscn->zdata_align = zalign;

  return zdata;
}

static bool validate_str (const char *str, size_t from, size_t to)
{
#if HAVE_DECL_MEMRCHR
  // Check end first, which is likely a zero terminator, to prevent function call
  return ((to > 0 && str[to - 1]  == '\0')
    || (to - from > 0 && memrchr (&str[from], '\0', to - from - 1) != NULL));
#else
  do {
    if (to <= from)
      return false;

    to--;
  } while (str[to]);

  return true;
#endif
}

char *
elf_strptr (Elf *elf, size_t idx, size_t offset)
{
  if (elf == NULL)
    return NULL;

  if (elf->kind != ELF_K_ELF)
    {
      __libelf_seterrno (ELF_E_INVALID_HANDLE);
      return NULL;
    }

  rwlock_rdlock (elf->lock);

  char *result = NULL;
  Elf_Scn *strscn;

  /* Find the section in the list.  */
  Elf_ScnList *runp = (elf->class == ELFCLASS32
           || (offsetof (struct Elf, state.elf32.scns)
         == offsetof (struct Elf, state.elf64.scns))
           ? &elf->state.elf32.scns : &elf->state.elf64.scns);
  while (1)
    {
      if (idx < runp->max)
  {
    if (idx < runp->cnt)
      strscn = &runp->data[idx];
    else
      {
        __libelf_seterrno (ELF_E_INVALID_INDEX);
        goto out;
      }
    break;
  }

      idx -= runp->max;

      runp = runp->next;
      if (runp == NULL)
  {
    __libelf_seterrno (ELF_E_INVALID_INDEX);
    goto out;
  }
    }

  size_t sh_size = 0;
  if (elf->class == ELFCLASS32)
    {
      Elf32_Shdr *shdr = strscn->shdr.e32 ?: __elf32_getshdr_rdlock (strscn);
      if (unlikely (shdr == NULL || shdr->sh_type != SHT_STRTAB))
  {
    /* This is no string section.  */
    __libelf_seterrno (ELF_E_INVALID_SECTION);
    goto out;
  }

      if ((shdr->sh_flags & SHF_COMPRESSED) == 0)
  sh_size = shdr->sh_size;
      else
  {
    if (strscn->zdata_base == NULL && get_zdata (strscn) == NULL)
      goto out;
    sh_size = strscn->zdata_size;
  }

      if (unlikely (offset >= sh_size))
  {
    /* The given offset is too big, it is beyond this section.  */
    __libelf_seterrno (ELF_E_OFFSET_RANGE);
    goto out;
  }
    }
  else
    {
      Elf64_Shdr *shdr = strscn->shdr.e64 ?: __elf64_getshdr_rdlock (strscn);
      if (unlikely (shdr == NULL || shdr->sh_type != SHT_STRTAB))
  {
    /* This is no string section.  */
    __libelf_seterrno (ELF_E_INVALID_SECTION);
    goto out;
  }

      if ((shdr->sh_flags & SHF_COMPRESSED) == 0)
  sh_size = shdr->sh_size;
      else
  {
    if (strscn->zdata_base == NULL && get_zdata (strscn) == NULL)
      goto out;
    sh_size = strscn->zdata_size;
  }

      if (unlikely (offset >= sh_size))
  {
    /* The given offset is too big, it is beyond this section.  */
    __libelf_seterrno (ELF_E_OFFSET_RANGE);
    goto out;
  }
    }

  if (strscn->rawdata_base == NULL && ! strscn->data_read)
    {
      rwlock_unlock (elf->lock);
      rwlock_wrlock (elf->lock);
      if (strscn->rawdata_base == NULL && ! strscn->data_read
  /* Read the section data.  */
    && __libelf_set_rawdata_wrlock (strscn) != 0)
  goto out;
    }

  if (unlikely (strscn->zdata_base != NULL))
    {
      /* Make sure the string is NUL terminated.  Start from the end,
         which very likely is a NUL char.  */
      if (likely (validate_str (strscn->zdata_base, offset, sh_size)))
        result = &strscn->zdata_base[offset];
      else
        __libelf_seterrno (ELF_E_INVALID_INDEX);
    }
  else if (likely (strscn->data_list_rear == NULL))
    {
      // XXX The above is currently correct since elf_newdata will
      // make sure to convert the rawdata into the datalist if
      // necessary. But it would be more efficient to keep the rawdata
      // unconverted and only then iterate over the rest of the (newly
      // added data) list.  Note that when the ELF file is mmapped
      // rawdata_base can be set while rawdata.d hasn't been
      // initialized yet (when data_read is zero). So we cannot just
      // look at the rawdata.d.d_size.

      /* Make sure the string is NUL terminated.  Start from the end,
   which very likely is a NUL char.  */
      if (likely (validate_str (strscn->rawdata_base, offset, sh_size)))
  result = &strscn->rawdata_base[offset];
      else
  __libelf_seterrno (ELF_E_INVALID_INDEX);
    }
  else
    {
      /* This is a file which is currently created.  Use the list of
   data blocks.  */
      struct Elf_Data_List *dl = &strscn->data_list;
      while (dl != NULL)
  {
    if (offset >= (size_t) dl->data.d.d_off
        && offset < dl->data.d.d_off + dl->data.d.d_size)
      {
        /* Make sure the string is NUL terminated.  Start from
     the end, which very likely is a NUL char.  */
        if (likely (validate_str ((char *) dl->data.d.d_buf,
          offset - dl->data.d.d_off,
          dl->data.d.d_size)))
    result = ((char *) dl->data.d.d_buf
        + (offset - dl->data.d.d_off));
        else
    __libelf_seterrno (ELF_E_INVALID_INDEX);
        break;
      }

    dl = dl->next;
  }
    }

 out:
  rwlock_unlock (elf->lock);

  return result;
}
INTDEF(elf_strptr)

Coverage Report

Created: 2025-10-13 07:02

Line	Count	Source
1		/* Return string pointer from string section.
2		Copyright (C) 1998-2002, 2004, 2008, 2009, 2015 Red Hat, Inc.
3		This file is part of elfutils.
4		Contributed by Ulrich Drepper <drepper@redhat.com>, 1998.
5
6		This file is free software; you can redistribute it and/or modify
7		it under the terms of either
8
9		* the GNU Lesser General Public License as published by the Free
10		Software Foundation; either version 3 of the License, or (at
11		your option) any later version
12
13		or
14
15		* the GNU General Public License as published by the Free
16		Software Foundation; either version 2 of the License, or (at
17		your option) any later version
18
19		or both in parallel, as here.
20
21		elfutils is distributed in the hope that it will be useful, but
22		WITHOUT ANY WARRANTY; without even the implied warranty of
23		MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
24		General Public License for more details.
25
26		You should have received copies of the GNU General Public License and
27		the GNU Lesser General Public License along with this program. If
28		not, see <http://www.gnu.org/licenses/>. */
29
30		#ifdef HAVE_CONFIG_H
31		# include <config.h>
32		#endif
33
34		#include <libelf.h>
35		#include <stdbool.h>
36		#include <stddef.h>
37
38		#include "libelfP.h"
39
40
41		static void *
42		get_zdata (Elf_Scn *strscn)
43	2.35k	{
44	2.35k	size_t zsize, zalign;
45	2.35k	void *zdata = __libelf_decompress_elf (strscn, &zsize, &zalign);
46	2.35k	if (zdata == NULL)
47	2.34k	return NULL;
48
49	9	strscn->zdata_base = zdata;
50	9	strscn->zdata_size = zsize;
51	9	strscn->zdata_align = zalign;
52
53	9	return zdata;
54	2.35k	}
55
56		static bool validate_str (const char *str, size_t from, size_t to)
57	73.0k	{
58	73.0k	#if HAVE_DECL_MEMRCHR
59		// Check end first, which is likely a zero terminator, to prevent function call
60	73.0k	return ((to > 0 && str[to - 1] == '\0')
61	36.9k	\|\| (to - from > 0 && memrchr (&str[from], '\0', to - from - 1) != NULL));
62		#else
63		do {
64		if (to <= from)
65		return false;
66
67		to--;
68		} while (str[to]);
69
70		return true;
71		#endif
72	73.0k	}
73
74		char *
75		elf_strptr (Elf *elf, size_t idx, size_t offset)
76	81.6k	{
77	81.6k	if (elf == NULL)
78	0	return NULL;
79
80	81.6k	if (elf->kind != ELF_K_ELF)
81	0	{
82	0	__libelf_seterrno (ELF_E_INVALID_HANDLE);
83	0	return NULL;
84	0	}
85
86	81.6k	rwlock_rdlock (elf->lock);
87
88	81.6k	char *result = NULL;
89	81.6k	Elf_Scn *strscn;
90
91		/* Find the section in the list. */
92	81.6k	Elf_ScnList *runp = (elf->class == ELFCLASS32
93	81.6k	\|\| (offsetof (struct Elf, state.elf32.scns)
94	81.6k	== offsetof (struct Elf, state.elf64.scns))
95	81.6k	? &elf->state.elf32.scns : &elf->state.elf64.scns);
96	81.6k	while (1)
97	81.6k	{
98	81.6k	if (idx < runp->max)
99	81.5k	{
100	81.5k	if (idx < runp->cnt)
101	81.5k	strscn = &runp->data[idx];
102	0	else
103	0	{
104	0	__libelf_seterrno (ELF_E_INVALID_INDEX);
105	0	goto out;
106	0	}
107	81.5k	break;
108	81.5k	}
109
110	64	idx -= runp->max;
111
112	64	runp = runp->next;
113	64	if (runp == NULL)
114	64	{
115	64	__libelf_seterrno (ELF_E_INVALID_INDEX);
116	64	goto out;
117	64	}
118	64	}
119
120	81.5k	size_t sh_size = 0;
121	81.5k	if (elf->class == ELFCLASS32)
122	0	{
123	0	Elf32_Shdr *shdr = strscn->shdr.e32 ?: __elf32_getshdr_rdlock (strscn);
124	0	if (unlikely (shdr == NULL \|\| shdr->sh_type != SHT_STRTAB))
125	0	{
126		/* This is no string section. */
127	0	__libelf_seterrno (ELF_E_INVALID_SECTION);
128	0	goto out;
129	0	}
130
131	0	if ((shdr->sh_flags & SHF_COMPRESSED) == 0)
132	0	sh_size = shdr->sh_size;
133	0	else
134	0	{
135	0	if (strscn->zdata_base == NULL && get_zdata (strscn) == NULL)
136	0	goto out;
137	0	sh_size = strscn->zdata_size;
138	0	}
139
140	0	if (unlikely (offset >= sh_size))
141	0	{
142		/* The given offset is too big, it is beyond this section. */
143	0	__libelf_seterrno (ELF_E_OFFSET_RANGE);
144	0	goto out;
145	0	}
146	0	}
147	81.5k	else
148	81.5k	{
149	81.5k	Elf64_Shdr *shdr = strscn->shdr.e64 ?: __elf64_getshdr_rdlock (strscn);
150	81.5k	if (unlikely (shdr == NULL \|\| shdr->sh_type != SHT_STRTAB))
151	844	{
152		/* This is no string section. */
153	844	__libelf_seterrno (ELF_E_INVALID_SECTION);
154	844	goto out;
155	844	}
156
157	80.7k	if ((shdr->sh_flags & SHF_COMPRESSED) == 0)
158	78.1k	sh_size = shdr->sh_size;
159	2.55k	else
160	2.55k	{
161	2.55k	if (strscn->zdata_base == NULL && get_zdata (strscn) == NULL)
162	2.34k	goto out;
163	205	sh_size = strscn->zdata_size;
164	205	}
165
166	78.3k	if (unlikely (offset >= sh_size))
167	4.73k	{
168		/* The given offset is too big, it is beyond this section. */
169	4.73k	__libelf_seterrno (ELF_E_OFFSET_RANGE);
170	4.73k	goto out;
171	4.73k	}
172	78.3k	}
173
174	73.6k	if (strscn->rawdata_base == NULL && ! strscn->data_read)
175	596	{
176	596	rwlock_unlock (elf->lock);
177	596	rwlock_wrlock (elf->lock);
178	596	if (strscn->rawdata_base == NULL && ! strscn->data_read
179		/* Read the section data. */
180	596	&& __libelf_set_rawdata_wrlock (strscn) != 0)
181	594	goto out;
182	596	}
183
184	73.0k	if (unlikely (strscn->zdata_base != NULL))
185	0	{
186		/* Make sure the string is NUL terminated. Start from the end,
187		which very likely is a NUL char. */
188	0	if (likely (validate_str (strscn->zdata_base, offset, sh_size)))
189	0	result = &strscn->zdata_base[offset];
190	0	else
191	0	__libelf_seterrno (ELF_E_INVALID_INDEX);
192	0	}
193	73.0k	else if (likely (strscn->data_list_rear == NULL))
194	70.5k	{
195		// XXX The above is currently correct since elf_newdata will
196		// make sure to convert the rawdata into the datalist if
197		// necessary. But it would be more efficient to keep the rawdata
198		// unconverted and only then iterate over the rest of the (newly
199		// added data) list. Note that when the ELF file is mmapped
200		// rawdata_base can be set while rawdata.d hasn't been
201		// initialized yet (when data_read is zero). So we cannot just
202		// look at the rawdata.d.d_size.
203
204		/* Make sure the string is NUL terminated. Start from the end,
205		which very likely is a NUL char. */
206	70.5k	if (likely (validate_str (strscn->rawdata_base, offset, sh_size)))
207	70.2k	result = &strscn->rawdata_base[offset];
208	259	else
209	259	__libelf_seterrno (ELF_E_INVALID_INDEX);
210	70.5k	}
211	2.47k	else
212	2.47k	{
213		/* This is a file which is currently created. Use the list of
214		data blocks. */
215	2.47k	struct Elf_Data_List *dl = &strscn->data_list;
216	2.47k	while (dl != NULL)
217	2.47k	{
218	2.47k	if (offset >= (size_t) dl->data.d.d_off
219	2.47k	&& offset < dl->data.d.d_off + dl->data.d.d_size)
220	2.47k	{
221		/* Make sure the string is NUL terminated. Start from
222		the end, which very likely is a NUL char. */
223	2.47k	if (likely (validate_str ((char *) dl->data.d.d_buf,
224	2.47k	offset - dl->data.d.d_off,
225	2.47k	dl->data.d.d_size)))
226	2.24k	result = ((char *) dl->data.d.d_buf
227	2.24k	+ (offset - dl->data.d.d_off));
228	229	else
229	229	__libelf_seterrno (ELF_E_INVALID_INDEX);
230	2.47k	break;
231	2.47k	}
232
233	0	dl = dl->next;
234	0	}
235	2.47k	}
236
237	81.6k	out:
238	81.6k	rwlock_unlock (elf->lock);
239
240	81.6k	return result;
241	73.0k	}
242		INTDEF(elf_strptr)