From 8e28aa3a51bf0ef3683f2aed4b5b448744897b66 Mon Sep 17 00:00:00 2001 From: Fangrui Song Date: Mon, 2 May 2022 09:06:39 -0700 Subject: elf: Remove fallback to the start of DT_STRTAB for dladdr When neither DT_HASH nor DT_GNU_HASH is present, the code scans [DT_SYMTAB, DT_STRTAB). However, there is no guarantee that .dynstr immediately follows .dynsym (e.g. lld typically places .gnu.version after .dynsym). In the absence of a hash table, symbol lookup will always fail (map->l_nbuckets == 0 in dl-lookup.c) as if the object has no symbol, so it seems fair for dladdr to do the same. Reviewed-by: Florian Weimer --- elf/dl-addr.c | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/elf/dl-addr.c b/elf/dl-addr.c index e3c5598e1a..c4278075ef 100644 --- a/elf/dl-addr.c +++ b/elf/dl-addr.c @@ -71,18 +71,10 @@ determine_info (const ElfW(Addr) addr, struct link_map *match, Dl_info *info, } } } - else + else if (match->l_info[DT_HASH] != NULL) { - const ElfW(Sym) *symtabend; - if (match->l_info[DT_HASH] != NULL) - symtabend = (symtab - + ((Elf_Symndx *) D_PTR (match, l_info[DT_HASH]))[1]); - else - /* There is no direct way to determine the number of symbols in the - dynamic symbol table and no hash table is present. The ELF - binary is ill-formed but what shall we do? Use the beginning of - the string table which generally follows the symbol table. */ - symtabend = (const ElfW(Sym) *) strtab; + const ElfW (Sym) *symtabend + = (symtab + ((Elf_Symndx *) D_PTR (match, l_info[DT_HASH]))[1]); for (; (void *) symtab < (void *) symtabend; ++symtab) if ((ELFW(ST_BIND) (symtab->st_info) == STB_GLOBAL @@ -96,6 +88,8 @@ determine_info (const ElfW(Addr) addr, struct link_map *match, Dl_info *info, && symtab->st_name < strtabsize) matchsym = (ElfW(Sym) *) symtab; } + /* In the absence of a hash table, treat the object as if it has no symbol. + */ if (mapp) *mapp = match; -- cgit 1.4.1