parseThat not outputting executable binary (Exec format error)

[jdetter]

Mohamed is having an issue where he runs:

parseThat --binary-edit=ssh-dyn -i 0 /usr/bin/ssh

and the output binary ssh-dyn will not execute due to an exec format error. The header information looks correct to me so I'm not sure why exec won't take it:

detter@ubuntu-16:~/Mohamed$ readelf -h ./ssh-dyn
ELF Header:
  Magic:   7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
  Class:                             ELF64
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              DYN (Shared object file)
  Machine:                           Advanced Micro Devices X86-64
  Version:                           0x1
  Entry point address:               0xdea0
  Start of program headers:          64 (bytes into file)
  Start of section headers:          768992 (bytes into file)
  Flags:                             0x0
  Size of this header:               64 (bytes)
  Size of program headers:           56 (bytes)
  Number of program headers:         10
  Size of section headers:           64 (bytes)
  Number of section headers:         40
  Section header string table index: 39

Ubuntu's version of /usr/bin/ssh can be found here
The ssh-dyn binary generated by parseThat can be found here

[jdetter]

@wrwilliams or @cuviper do you see anything wrong with the header? Here is a gist of the full readelf output for ssh-dyn:

https://gist.github.com/jdetter/8b2268edf4a61190848b358863ae12cd

[cuviper]

Looks like the interp adjustments are still not right. The section header shifted by a page size without changing for the extra phdr, and the program headers also got a bad page size update.

Section Headers:
  [Nr] Name              Type             Address           Offset
       Size              EntSize          Flags  Link  Info  Align
  [ 0]                   NULL             0000000000000000  00000000
       0000000000000000  0000000000000000           0     0     0
  [ 1] .interp           PROGBITS         0000000000001238  00001238
       000000000000001c  0000000000000000   A       0     0     1

Program Headers:
  Type           Offset             VirtAddr           PhysAddr
                 FileSiz            MemSiz              Flags  Align
  PHDR           0x0000000000000040 0x0000000000000040 0x0000000000000040
                 0x0000000000000230 0x0000000000000230  R E    8
  INTERP         0x0000000000001270 0x0000000000000270 0x0000000000000270
                 0x000000000000001c 0x000000000000001c  R      1
      [Requesting program interpreter: ]
  LOAD           0x0000000000000000 0x0000000000000000 0x0000000000000000
                 0x00000000000a9b7c 0x00000000000a9b7c  R E    200000

[jdetter]

Would you have time to try to fix this? You have a much better idea of what's going on.

[cuviper]

I'll give it a shot.

[jdetter]

Mohamed is looking for an update on this, I told him were all busy looking at the test4_2 issue but after that someone will have time to look at this.

[cuviper]

Yes, sorry about that, the runtime hangs were more pressing to me. I think we've got a handle on that though, so I'll get back to this one. I'm going to see if I can simplify this logic to just "interp goes directly after phdrs, no matter what."