Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add file section type and more flags for the ELF sections information ("iS") #404

Closed
XVilka opened this issue Jan 20, 2021 · 9 comments · Fixed by #746
Closed

Add file section type and more flags for the ELF sections information ("iS") #404

XVilka opened this issue Jan 20, 2021 · 9 comments · Fixed by #746
Labels
ELF good first issue Good for newcomers high-priority test-required
Milestone
0.3.0

Comments

@XVilka
Copy link
Member

XVilka commented Jan 20, 2021
edited

iS/iSj should contain more information about sections in case of ELF. Missing information about section type and additional flags:

[i] ℤ rizin 001.make.elf.x86_64                                                                                                                                                                                                   16:10:26 
 -- Step through your seek history with the commands 'u' (undo) and 'U' (redo)
[0x00407f1c]> iS
[Sections]

nth paddr          size vaddr         vsize perm name
―――――――――――――――――――――――――――――――――――――――――――――――――――――
0   0x00000000      0x0 0x00000000      0x0 ---- 
1   0x00000238     0x1c 0x00400238     0x1c -r-- .interp
2   0x00000254     0x20 0x00400254     0x20 -r-- .note.ABI_tag
3   0x00000278    0xab0 0x00400278    0xab0 -r-- .hash
4   0x00000d28   0x2748 0x00400d28   0x2748 -r-- .dynsym
5   0x00003470   0x14fa 0x00403470   0x14fa -r-- .dynstr
6   0x0000496a    0x346 0x0040496a    0x346 -r-- .gnu.version
7   0x00004cb0     0x70 0x00404cb0     0x70 -r-- .gnu.version_r
8   0x00004d20     0xc0 0x00404d20     0xc0 -r-- .rela.dyn
9   0x00004de0    0xb40 0x00404de0    0xb40 -r-- .rela.plt
10  0x00005920     0x1a 0x00405920     0x1a -r-x .init
11  0x00005940    0x790 0x00405940    0x790 -r-x .plt
12  0x000060d0  0x206b0 0x004060d0  0x206b0 -r-x .text
13  0x00026780      0x9 0x00426780      0x9 -r-x .fini
14  0x000267a0   0x64c8 0x004267a0   0x64c8 -r-- .rodata
15  0x0002cc68    0xacc 0x0042cc68    0xacc -r-- .eh_frame_hdr
16  0x0002d738   0x4654 0x0042d738   0x4654 -r-- .eh_frame
17  0x00031e08      0x8 0x00631e08      0x8 -rw- .init_array
18  0x00031e10      0x8 0x00631e10      0x8 -rw- .fini_array
19  0x00031e18    0x1e0 0x00631e18    0x1e0 -rw- .dynamic
20  0x00031ff8      0x8 0x00631ff8      0x8 -rw- .got
21  0x00032000    0x3d8 0x00632000    0x3d8 -rw- .got.plt
22  0x000323e0    0xe10 0x006323e0    0xe10 -rw- .data
23  0x000331f0      0x0 0x00633200   0x3898 -rw- .bss
24  0x000331f0     0x3f 0x00000000     0x3f ---- .comment
25  0x0003322f    0x5c0 0x00000000    0x5c0 ---- .debug_aranges
26  0x000337ef  0x39947 0x00000000  0x39947 ---- .debug_info
27  0x0006d136   0x6244 0x00000000   0x6244 ---- .debug_abbrev
28  0x0007337a  0x19873 0x00000000  0x19873 ---- .debug_line
29  0x0008cbed   0x43ed 0x00000000   0x43ed ---- .debug_str
30  0x00090fda  0x385dd 0x00000000  0x385dd ---- .debug_loc
31  0x000c95b7   0x7300 0x00000000   0x7300 ---- .debug_ranges
32  0x000d08b8   0x4680 0x00000000   0x4680 ---- .symtab
33  0x000d4f38   0x29e0 0x00000000   0x29e0 ---- .strtab
34  0x000d7918    0x145 0x00000000    0x145 ---- .shstrtab

Compare that with the output of readelf -SW:

[i] ℤ readelf -SW 001.make.elf.x86_64                                                                                                                                                                                             16:16:03 
There are 35 section headers, starting at offset 0xd7a60:

Section Headers:
  [Nr] Name              Type            Address          Off    Size   ES Flg Lk Inf Al
  [ 0]                   NULL            0000000000000000 000000 000000 00      0   0  0
  [ 1] .interp           PROGBITS        0000000000400238 000238 00001c 00   A  0   0  1
  [ 2] .note.ABI-tag     NOTE            0000000000400254 000254 000020 00   A  0   0  4
  [ 3] .hash             HASH            0000000000400278 000278 000ab0 04   A  4   0  8
  [ 4] .dynsym           DYNSYM          0000000000400d28 000d28 002748 18   A  5   1  8
  [ 5] .dynstr           STRTAB          0000000000403470 003470 0014fa 00   A  0   0  1
  [ 6] .gnu.version      VERSYM          000000000040496a 00496a 000346 02   A  4   0  2
  [ 7] .gnu.version_r    VERNEED         0000000000404cb0 004cb0 000070 00   A  5   2  8
  [ 8] .rela.dyn         RELA            0000000000404d20 004d20 0000c0 18   A  4   0  8
  [ 9] .rela.plt         RELA            0000000000404de0 004de0 000b40 18  AI  4  21  8
  [10] .init             PROGBITS        0000000000405920 005920 00001a 00  AX  0   0  4
  [11] .plt              PROGBITS        0000000000405940 005940 000790 10  AX  0   0 16
  [12] .text             PROGBITS        00000000004060d0 0060d0 0206b0 00  AX  0   0 16
  [13] .fini             PROGBITS        0000000000426780 026780 000009 00  AX  0   0  4
  [14] .rodata           PROGBITS        00000000004267a0 0267a0 0064c8 00   A  0   0 32
  [15] .eh_frame_hdr     PROGBITS        000000000042cc68 02cc68 000acc 00   A  0   0  4
  [16] .eh_frame         PROGBITS        000000000042d738 02d738 004654 00   A  0   0  8
  [17] .init_array       INIT_ARRAY      0000000000631e08 031e08 000008 08  WA  0   0  8
  [18] .fini_array       FINI_ARRAY      0000000000631e10 031e10 000008 08  WA  0   0  8
  [19] .dynamic          DYNAMIC         0000000000631e18 031e18 0001e0 10  WA  5   0  8
  [20] .got              PROGBITS        0000000000631ff8 031ff8 000008 08  WA  0   0  8
  [21] .got.plt          PROGBITS        0000000000632000 032000 0003d8 08  WA  0   0  8
  [22] .data             PROGBITS        00000000006323e0 0323e0 000e10 00  WA  0   0 32
  [23] .bss              NOBITS          0000000000633200 0331f0 003898 00  WA  0   0 32
  [24] .comment          PROGBITS        0000000000000000 0331f0 00003f 01  MS  0   0  1
  [25] .debug_aranges    PROGBITS        0000000000000000 03322f 0005c0 00      0   0  1
  [26] .debug_info       PROGBITS        0000000000000000 0337ef 039947 00      0   0  1
  [27] .debug_abbrev     PROGBITS        0000000000000000 06d136 006244 00      0   0  1
  [28] .debug_line       PROGBITS        0000000000000000 07337a 019873 00      0   0  1
  [29] .debug_str        PROGBITS        0000000000000000 08cbed 0043ed 01  MS  0   0  1
  [30] .debug_loc        PROGBITS        0000000000000000 090fda 0385dd 00      0   0  1
  [31] .debug_ranges     PROGBITS        0000000000000000 0c95b7 007300 00      0   0  1
  [32] .symtab           SYMTAB          0000000000000000 0d08b8 004680 18     33 335  8
  [33] .strtab           STRTAB          0000000000000000 0d4f38 0029e0 00      0   0  1
  [34] .shstrtab         STRTAB          0000000000000000 0d7918 000145 00      0   0  1
Key to Flags:
  W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
  L (link order), O (extra OS processing required), G (group), T (TLS),
  C (compressed), x (unknown), o (OS specific), E (exclude),
  l (large), p (processor specific)

001.make.elf.x86_64.zip
@XVilka XVilka added this to the 0.2.0 milestone Jan 20, 2021
@PinkNoize
Copy link
Contributor

I plan to try to fix this but have a few questions.

  1. Would the flag section use the shorthand notation (A) or the string representation (alloc)? Ex:
nth paddr          size vaddr         vsize perm type flags  name
―――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――
9   0x00004de0    0xb40 0x00404de0    0xb40 -r-- RELA AI     .rela.plt

vs.

nth paddr          size vaddr         vsize perm type flags      name
――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――
9   0x00004de0    0xb40 0x00404de0    0xb40 -r-- RELA alloc,info .rela.plt
  1. Would the JSON representation use a list for the flags key? Ex:
"flags": ["alloc", "info"]

vs.

"flags": "AI"
  1. What would be the expected behavior for file formats where the type and flags fields do not make sense, such as with a PE? I would assume they are left blank.

@ITAYC0HEN
Copy link
Member

Hey! Good questions, thank you!

  1. In general, I always prefer full-words rather than abbreviations. So I would go for "alloc", "info"
  2. In my opinion, a list of flags is better as it is clearer what is meant
  3. Can you give example for such cases? and examples for how other programs handle this in non-ELF (also, I see that the concept of section flags exist in PE https://docs.microsoft.com/en-us/windows/win32/debug/pe-format#section-flags)

@XVilka
Copy link
Member Author

XVilka commented Feb 19, 2021

A side note - the output can be colorized if scr.color is enabled and no pipe is being used.

@XVilka XVilka modified the milestones: 0.2.0, 0.3.0 Mar 1, 2021
@sandhrabino
Copy link
Contributor 

[Sections]

nth paddr          size vaddr         vsize perm FLG type       name
--------------------------------------------------------------------
0   0x00000000      0x0 0x00000000      0x0 ----     NULL                          
1   0x000002e0     0x1c 0x000002e0     0x1c -r-- A   PROGBITS   .interp            
2   0x000002fc     0x24 0x000002fc     0x24 -r-- A   NOTE       .note.gnu.build_id 
3   0x00000320     0x20 0x00000320     0x20 -r-- A   NOTE       .note.ABI_tag      
4   0x00000340     0x24 0x00000340     0x24 -r-- A   GNU_HASH   .gnu.hash          
5   0x00000368    0x708 0x00000368    0x708 -r-- A   DYNSYM     .dynsym            
6   0x00000a70    0x4bc 0x00000a70    0x4bc -r-- A   STRTAB     .dynstr            
7   0x00000f2c     0x96 0x00000f2c     0x96 -r-- A   VERSYM     .gnu.version       
8   0x00000fc8     0xf0 0x00000fc8     0xf0 -r-- A   VERNEED    .gnu.version_r     
9   0x000010b8   0x40f8 0x000010b8   0x40f8 -r-- A   RELA       .rela.dyn          
10  0x000051b0     0x48 0x000051b0     0x48 -r-- AI  RELA       .rela.plt          
11  0x00006000     0x1b 0x00006000     0x1b -r-x AX  PROGBITS   .init              
12  0x00006020     0x40 0x00006020     0x40 -r-x AX  PROGBITS   .plt               
13  0x00006060      0x8 0x00006060      0x8 -r-x AX  PROGBITS   .plt.got           
14  0x00006070  0x357d3 0x00006070  0x357d3 -r-x AX  PROGBITS   .text              
15  0x0003b844      0xd 0x0003b844      0xd -r-x AX  PROGBITS   .fini              
16  0x0003c000   0x4dd6 0x0003c000   0x4dd6 -r-- A   PROGBITS   .rodata            
17  0x00040dd8    0xefc 0x00040dd8    0xefc -r-- A   PROGBITS   .eh_frame_hdr      
18  0x00041cd8   0x5290 0x00041cd8   0x5290 -r-- A   PROGBITS   .eh_frame          
19  0x00046f68   0x1e34 0x00046f68   0x1e34 -r-- A   PROGBITS   .gcc_except_table  
20  0x00049320      0x0 0x0004a320     0x78 -rw- WAT NOBITS     .tbss              
21  0x00049320     0x10 0x0004a320     0x10 -rw- WA  INIT_ARRAY .init_array        
22  0x00049330      0x8 0x0004a330      0x8 -rw- WA  FINI_ARRAY .fini_array        
23  0x00049338   0x23c8 0x0004a338   0x23c8 -rw- WA  PROGBITS   .data.rel.ro       
24  0x0004b700    0x230 0x0004c700    0x230 -rw- WA  DYNAMIC    .dynamic           
25  0x0004b930    0x6c0 0x0004c930    0x6c0 -rw- WA  PROGBITS   .got               
26  0x0004c000     0x50 0x0004d000     0x50 -rw- WA  PROGBITS   .data              
27  0x0004c050      0x0 0x0004d050    0x238 -rw- WA  NOBITS     .bss               
28  0x0004c050     0x2a 0x00000000     0x2a ---- MS  PROGBITS   .comment           
29  0x0004c07a   0x8ad0 0x00000000   0x8ad0 ----     PROGBITS   .debug_aranges     
30  0x00054b4a  0x4ef2d 0x00000000  0x4ef2d ----     PROGBITS   .debug_pubnames    
31  0x000a3a77  0xb831e 0x00000000  0xb831e ----     PROGBITS   .debug_info        
32  0x0015bd95    0xaaa 0x00000000    0xaaa ----     PROGBITS   .debug_abbrev      
33  0x0015c83f  0x62fde 0x00000000  0x62fde ----     PROGBITS   .debug_line        
34  0x001bf820    0x168 0x00000000    0x168 ----     PROGBITS   .debug_frame       
35  0x001bf988  0xdd4df 0x00000000  0xdd4df ---- MS  PROGBITS   .debug_str         
36  0x0029ce67     0xa2 0x00000000     0xa2 ----     PROGBITS   .debug_pubtypes    
37  0x0029cf09  0x82450 0x00000000  0x82450 ----     PROGBITS   .debug_ranges      
38  0x0031f360   0x5d60 0x00000000   0x5d60 ----     SYMTAB     .symtab            
39  0x003250c0   0xb1ce 0x00000000   0xb1ce ----     STRTAB     .strtab            
40  0x0033028e    0x19e 0x00000000    0x19e ----     STRTAB     .shstrtab

@PinkNoize and I have together obtained this Output, should I also add the entire string to the "FLG" parameter as I thought that might affect the tabular structure of the dump. Also this has been implemented for ELF's. I can add the entire section flag names if necessary.
@XVilka Can you please review?

@XVilka
Copy link
Member Author

XVilka commented Mar 1, 2021

Looks fine. I think you can keep short flags but then you need to print a legend below as readelf does.

@sandhrabino
Copy link
Contributor

Looks fine. I think you can keep short flags but then you need to print a legend below as readelf does.

Okay yeah

@sandhrabino
Copy link
Contributor 

Key to Flags:
  W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
  L (link order), O (extra OS processing required), G (group), T (TLS),
  C (compressed), E (exclude)
nth paddr          size vaddr         vsize perm Flags type       name
----------------------------------------------------------------------
0   0x00000000      0x0 0x00000000      0x0 ----       NULL                          
1   0x000002e0     0x1c 0x000002e0     0x1c -r-- A     PROGBITS   .interp            
2   0x000002fc     0x24 0x000002fc     0x24 -r-- A     NOTE       .note.gnu.build_id 
3   0x00000320     0x20 0x00000320     0x20 -r-- A     NOTE       .note.ABI_tag      
4   0x00000340     0x24 0x00000340     0x24 -r-- A     GNU_HASH   .gnu.hash          
5   0x00000368    0x708 0x00000368    0x708 -r-- A     DYNSYM     .dynsym            
6   0x00000a70    0x4bc 0x00000a70    0x4bc -r-- A     STRTAB     .dynstr            
7   0x00000f2c     0x96 0x00000f2c     0x96 -r-- A     VERSYM     .gnu.version       
8   0x00000fc8     0xf0 0x00000fc8     0xf0 -r-- A     VERNEED    .gnu.version_r     
9   0x000010b8   0x40f8 0x000010b8   0x40f8 -r-- A     RELA       .rela.dyn          
10  0x000051b0     0x48 0x000051b0     0x48 -r-- AI    RELA       .rela.plt          
11  0x00006000     0x1b 0x00006000     0x1b -r-x AX    PROGBITS   .init              
12  0x00006020     0x40 0x00006020     0x40 -r-x AX    PROGBITS   .plt               
13  0x00006060      0x8 0x00006060      0x8 -r-x AX    PROGBITS   .plt.got           
14  0x00006070  0x357d3 0x00006070  0x357d3 -r-x AX    PROGBITS   .text              
15  0x0003b844      0xd 0x0003b844      0xd -r-x AX    PROGBITS   .fini              
16  0x0003c000   0x4dd6 0x0003c000   0x4dd6 -r-- A     PROGBITS   .rodata            
17  0x00040dd8    0xefc 0x00040dd8    0xefc -r-- A     PROGBITS   .eh_frame_hdr      
18  0x00041cd8   0x5290 0x00041cd8   0x5290 -r-- A     PROGBITS   .eh_frame          
19  0x00046f68   0x1e34 0x00046f68   0x1e34 -r-- A     PROGBITS   .gcc_except_table  
20  0x00049320      0x0 0x0004a320     0x78 -rw- WAT   NOBITS     .tbss              
21  0x00049320     0x10 0x0004a320     0x10 -rw- WA    INIT_ARRAY .init_array        
22  0x00049330      0x8 0x0004a330      0x8 -rw- WA    FINI_ARRAY .fini_array        
23  0x00049338   0x23c8 0x0004a338   0x23c8 -rw- WA    PROGBITS   .data.rel.ro       
24  0x0004b700    0x230 0x0004c700    0x230 -rw- WA    DYNAMIC    .dynamic           
25  0x0004b930    0x6c0 0x0004c930    0x6c0 -rw- WA    PROGBITS   .got               
26  0x0004c000     0x50 0x0004d000     0x50 -rw- WA    PROGBITS   .data              
27  0x0004c050      0x0 0x0004d050    0x238 -rw- WA    NOBITS     .bss               
28  0x0004c050     0x2a 0x00000000     0x2a ---- MS    PROGBITS   .comment           
29  0x0004c07a   0x8ad0 0x00000000   0x8ad0 ----       PROGBITS   .debug_aranges     
30  0x00054b4a  0x4ef2d 0x00000000  0x4ef2d ----       PROGBITS   .debug_pubnames    
31  0x000a3a77  0xb831e 0x00000000  0xb831e ----       PROGBITS   .debug_info        
32  0x0015bd95    0xaaa 0x00000000    0xaaa ----       PROGBITS   .debug_abbrev      
33  0x0015c83f  0x62fde 0x00000000  0x62fde ----       PROGBITS   .debug_line        
34  0x001bf820    0x168 0x00000000    0x168 ----       PROGBITS   .debug_frame       
35  0x001bf988  0xdd4df 0x00000000  0xdd4df ---- MS    PROGBITS   .debug_str         
36  0x0029ce67     0xa2 0x00000000     0xa2 ----       PROGBITS   .debug_pubtypes    
37  0x0029cf09  0x82450 0x00000000  0x82450 ----       PROGBITS   .debug_ranges      
38  0x0031f360   0x5d60 0x00000000   0x5d60 ----       SYMTAB     .symtab            
39  0x003250c0   0xb1ce 0x00000000   0xb1ce ----       STRTAB     .strtab            
40  0x0033028e    0x19e 0x00000000    0x19e ----       STRTAB     .shstrtab      ```
Updated .

@ret2libc
Copy link
Member

ret2libc commented Mar 1, 2021

@sandrabeme is the code to get that anywhere? Would you mind creating a PR in draft mode so you can start getting some early feedback about it?

Do these flags make sense with other bin plugins? Are we going to list all flags of all plugins? If yes, I think there will be a super long list of bin-specific flags.

@PinkNoize PinkNoize mentioned this issue Mar 1, 2021
Merged
4 tasks
@PinkNoize
Copy link
Contributor

Draft PR is here: #746

@XVilka XVilka added RSoC and removed RSoC labels Mar 5, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
ELF good first issue Good for newcomers high-priority test-required
Projects
None yet
Milestone
0.3.0
Development

Successfully merging a pull request may close this issue.

Add file section type and more flags for the ELF sections information (iS) ##bin PinkNoize/rizin
5 participants
@XVilka @ret2libc @ITAYC0HEN @PinkNoize @sandhrabino