This is the mail archive of the elfutils-devel@sourceware.org mailing list for the elfutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

A safe/clean way to rebuild the string table?

From: Jay Vaughan <jay dot vaughan at thalesgroup dot com>
To: elfutils-devel at lists dot fedorahosted dot org
Date: Wed, 24 Feb 2010 09:10:06 +0100
Subject: A safe/clean way to rebuild the string table?

Hi all,

I am building an application which utilizes elfutils to add NOTE records to ELF files ..
the purpose of this application is to provide a form of 'internal inventory control' over
executables being used within our specialized environment, and for that purpose a NOTE 
record is added to ELF files containing an MD5 sum of various parts of the ELF files 
themselves.  In addition, other information may be attached to these NOTE records in our 
production line, so I really need to nail down adding NOTES to ELF files programmatically.

All has been working fine with this utility program so far, but I have run into some
problems with the handling of the string table - namely, where I was once realloc()'ing
the string table data buffer and appending my new ".note.MD5" string to the list, and this
approach of course is just plain wrong.

So my next approach has been to, as I'm iterating through the original ELF file, make a
new string table out of the headers for each section, and upon completion (calculation of
the to-be-inserted md5 string, construction of a proper NOTE record, attachment of the
NOTE to the ELF file, etc.) I then burn the old string table and attach the new one.

However, I'm really not sure if this is the safe way to do things, or if there is any
other way that I could utilize - its a bit 'dodgy' to me at first blush, because what if
there are cases out there in our ELF collection where I somehow mess up the string table,
or what about the unspoken cases where a string table is expected to be something that
libebl doesn't reproduce - I've already noted that some string tables created through
libebl don't exactly 100% match the original ones (such as the ones in my redhat machines
libc) due to internal optimization of the string table itself (finding overlaps and not
inserting duplicate string values and so on..)

I posted about this issue on the elftoolchain-developers list (wrong list) and received 
this suggestion, with my response:

 > >
 > > 1. Calculate the checksum or other stuff of the ELF, construct the Elf Notes
 > >    and then write all the bits to a temporary file, say '/tmp/foo'.
 > > 2. Execute objcopy to add a .note.MD5 section to the ELF file:
 > >    objcopy --add-section '.note.MD5=/tmp/foo' your_executable
 > >   (objcopy will handle all the string table, section table headers stuff etc)

One thing this method doesn't do is properly update the name/namesz and type fields, I
have found (correct me if I'm wrong) - so for my purposes it appears that the objcopy
technique will not produce an *entirely* valid (to-spec) NOTE record.  What I am doing now 
is using a struct like this in my elfnoter application:

#define INTW1X_ELF_SECTION      ".note.MD5"
#define ELF_TEXT_NAME           ".text"
#define INTW1X_MD5_NOTE_NAME    "w1x_md5"
#define INTW1X_MD5_TYPE         1
#define MD5_DESC 		"deadbeefd00df00ddeadbeefd00df00d"
#define MD5_BUF_LEN 		33

const struct intw1x_elf_note_md5 local_elf_note_md5
      __attribute__ ((section(INTW1X_ELF_SECTION))) =
{
      .elf_note = {
      	.n_namesz = sizeof(INTW1X_MD5_NOTE_NAME),
	.n_descsz = MD5_BUF_LEN,
	.n_type = INTW1X_MD5_TYPE
      },
      .name = INTW1X_MD5_NOTE_NAME,
      .desc = MD5_DESC
};

.. then, locating this ELF record internally within my elfnoter app programmatically, and
'injecting' it into the target executable after the md5 string is updated, so that I
produce an entirely valid (all fields correct) record in the destination binary.  At least
the thinking is that inlining the definition of this record means that the final object is
going to be as standard as gcc and related tools (linker) is going to make it and thus all 
I have to do is modify the string and glom the object onto my target ELF binary.  This is 
working, its just a little delicate when it comes to updating the string table, alas.

My question to the wise developers on this list is whether or not there is another way to
safely add an entry to an existing string table without doing too much
create-new/destroy-old processing?  I've added the use of libebl to my project, and I'm
under way with completing my implementation as described above, but I'd really like some
dialog with other ELF hackers on what they think about this method?  Is there a cleaner 
method to update the string table than recreating it completely from scratch?

BTW, I plan to release my "ELFNoter" app as GPL when its working/debugged .. I wonder if
there is interest in including a working app to attach ELF Notes in the elfutils package?
I'd be happy were that the case, to provide this app for review and inclusion - I have 
seen in my searches that there are other applications for such a utility, so perhaps its 
worth consideration?

-- 
;
--
Jay Vaughan
jay.vaughan@thalesgroup.com

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]