-
Notifications
You must be signed in to change notification settings - Fork 158
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support ELF with empty PT_DYNAMIC reference #193
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sorry I missed this somehow
I'm just curious, why would this be empty? |
Unfortunately, I don’t know the full chain that created such a file. Probably, the data pointed to by the header has been stripped, and to keep things easier the header was only rewritten instead of removed. At least, I’ve seen this behavior with sections. |
I can’t remember isn’t the filessz effectively the dynamic loader filename ? Which means the binary is just malformed if it’s 0. Also afaik you cant meaningfully strip the PT_DYNAMIC, since it’s a program header and not a section header. |
I would be curious to understand how a valid ELF file can have a @jan-auer can you share the sample ? |
Yea I’m pretty sure it can’t. Iiuc it would have an empty dynamic loader and the kernel wouldn’t exec. At least last I checked these things. Curious to see sample as well :) |
Will try to do that - iirc this happened on a file we pulled from the Debian debug server, so it should be possible to share it. |
Oh interesting. That might be it. If I recall correctly the stripped debug symbols (usually from objcopy) are a dynamic library that gdb knows to load if its build id matches another binary you run gdb on. |
Yeah |
Some ELF files may contain
PT_DYNAMIC
program headers that have a zerop_filesz
pointing to invalid memory if the corresponding section has been stripped. This currently causes an error when parsing the dynamic headers.