Fix various issues with ELF files containing many sections

Fix various issues with ELF files containing many sections

[Mark Wielaard]

Through an accident Fedora rawhide created various ELF files with thousands
of sections. This showed various issues in libelf, libdw and some of the
elfutils tools. When an ELF file has more than SHN_LORESERVE (0xff00, 65280)
sections then the Ehdr e_shnum and e_shshstrndx fields are too small to
hold the section number directly. They will then be stored in the Shdr
sh_info and sh_link fields of section zero. The following patches make sure
the correct values are read and setup. Various test cases have been added
that create files with ten thousand sections to check everything works
as expected.

[PATCH 01/10] backends: Always use elf_getshdrstrndx in check_special_symbol
[PATCH 02/10] backends: Use elf_getshdrstrndx to find .odp section in ppc64_init
[PATCH 03/10] libebl: Use elf_getshdrstrndx in ebl_section_strip_p
[PATCH 04/10] elfcmp: Get, check and shdrstrndx for section names
[PATCH 05/10] libelf: Fix shnum and section zero handling
[PATCH 06/10] elflint: Use shnum and shstrndx instead of ehdr field directly
[PATCH 07/10] libdw: dwarf_begin_elf should use elf_getshdrstrndx to get names
[PATCH 08/10] strip,unstrip: Use and set shdrstrndx consistently
[PATCH 09/10] readelf: Use elf_getshdrnum in print_shdr and print_phdr
[PATCH 10/10] libdwfl: Document core memory and remote memory ELF shdrs reading

[PATCH 09/10] readelf: Use elf_getshdrnum in print_shdr and print_phdr.

[Mark Wielaard]

print_shdr didn't print the correct number of sections if there were
more than SHN_LORESERVE sections. print_phdr wouldn't match up the
(allocated) sections and segements if there were more than SHN_LORESERVE
sections in the ELF file.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 src/ChangeLog |  5 +++++
 src/readelf.c | 25 ++++++++++++++++++++-----
 2 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/src/ChangeLog b/src/ChangeLog
index 524c81a..6a702ee 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,5 +1,10 @@
 2018-09-13  Mark Wielaard  <mark@klomp.org>
 
+	* readelf.c (print_shdr): Get number of section with elf_getshdrnum.
+	(print_phdr): Likewise.
+
+2018-09-13  Mark Wielaard  <mark@klomp.org>
+
 	* strip.c (handle_elf): Check against shstrndx, not e_shstrndx.
 	Explicitly set shdrstrndx for debug file.
 	* unstrip.c (copy_elf): Explicitly copy shstrndx.
diff --git a/src/readelf.c b/src/readelf.c
index 7b488ac..bddcd70 100644
--- a/src/readelf.c
+++ b/src/readelf.c
@@ -1184,15 +1184,24 @@ print_shdr (Ebl *ebl, GElf_Ehdr *ehdr)
   size_t shstrndx;
 
   if (! print_file_header)
-    printf (gettext ("\
-There are %d section headers, starting at offset %#" PRIx64 ":\n\
+    {
+      size_t sections;
+      if (unlikely (elf_getshdrnum (ebl->elf, &sections) < 0))
+	error (EXIT_FAILURE, 0,
+	       gettext ("cannot get number of sections: %s"),
+	       elf_errmsg (-1));
+
+      printf (gettext ("\
+There are %zd section headers, starting at offset %#" PRIx64 ":\n\
 \n"),
-	    ehdr->e_shnum, ehdr->e_shoff);
+	      sections, ehdr->e_shoff);
+    }
 
   /* Get the section header string table index.  */
   if (unlikely (elf_getshdrstrndx (ebl->elf, &shstrndx) < 0))
     error (EXIT_FAILURE, 0,
-	   gettext ("cannot get section header string table index"));
+	   gettext ("cannot get section header string table index: %s"),
+	   elf_errmsg (-1));
 
   puts (gettext ("Section Headers:"));
 
@@ -1384,7 +1393,13 @@ print_phdr (Ebl *ebl, GElf_Ehdr *ehdr)
 	}
     }
 
-  if (ehdr->e_shnum == 0)
+  size_t sections;
+  if (unlikely (elf_getshdrnum (ebl->elf, &sections) < 0))
+    error (EXIT_FAILURE, 0,
+           gettext ("cannot get number of sections: %s"),
+           elf_errmsg (-1));
+
+  if (sections == 0)
     /* No sections in the file.  Punt.  */
     return;
 
-- 
1.8.3.1

[PATCH 01/10] backends: Always use elf_getshdrstrndx in check_special_symbol.

[Mark Wielaard]

The check_special_symbol backend functions used the Ehdr e_shstrndx
field to get at the name of sections. This is not correct if there
are more than SHN_LORESERVE sections. Always use elf_getshdrstrndx
to get the shstrtab section. And drop the Ehdr argument that isn't
necessary anymore.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 backends/ChangeLog                | 10 ++++++++++
 backends/aarch64_symbol.c         |  9 ++++++---
 backends/alpha_symbol.c           |  1 -
 backends/ppc64_symbol.c           |  7 +++++--
 backends/ppc_symbol.c             |  7 +++++--
 backends/riscv_symbol.c           |  7 +++++--
 libebl/ChangeLog                  |  7 +++++++
 libebl/ebl-hooks.h                |  2 +-
 libebl/ebl_check_special_symbol.c |  4 ++--
 libebl/eblopenbackend.c           |  3 +--
 libebl/libebl.h                   |  2 +-
 src/ChangeLog                     |  5 +++++
 src/elflint.c                     |  4 ++--
 13 files changed, 50 insertions(+), 18 deletions(-)

diff --git a/backends/ChangeLog b/backends/ChangeLog
index 5214948..ada349f 100644
--- a/backends/ChangeLog
+++ b/backends/ChangeLog
@@ -1,3 +1,13 @@
+2018-09-12  Mark Wielaard  <mark@klomp.org>
+
+	* aarch64_symbol.c (aarch64_check_special_symbol): Drop ehdr argument,
+	use elf_getshdrstrndx.
+	* alpha_symbol.c (alpha_check_special_symbol): Drop ehdr argument.
+	* ppc64_symbol.c (ppc64_check_special_symbol): Likewise and use
+	elf_getshdrstrndx.
+	* ppc_symbol.c (ppc_check_special_symbol): Likewise.
+	* riscv_symbol.c (riscv_check_special_symbol): Likewise.
+
 2018-07-21  Andreas Schwab  <schwab@linux-m68k.org>
 
 	* Makefile.am (m68k_SRCS): Add m68k_cfi.c and m68k_initreg.c.
diff --git a/backends/aarch64_symbol.c b/backends/aarch64_symbol.c
index da3382e..dfd755a 100644
--- a/backends/aarch64_symbol.c
+++ b/backends/aarch64_symbol.c
@@ -62,13 +62,16 @@ aarch64_reloc_simple_type (Ebl *ebl __attribute__ ((unused)), int type)
    https://bugzilla.redhat.com/show_bug.cgi?id=1201778
  */
 bool
-aarch64_check_special_symbol (Elf *elf, GElf_Ehdr *ehdr, const GElf_Sym *sym,
+aarch64_check_special_symbol (Elf *elf, const GElf_Sym *sym,
                               const char *name, const GElf_Shdr *destshdr)
 {
   if (name != NULL
       && strcmp (name, "_GLOBAL_OFFSET_TABLE_") == 0)
     {
-      const char *sname = elf_strptr (elf, ehdr->e_shstrndx, destshdr->sh_name);
+      size_t shstrndx;
+      if (elf_getshdrstrndx (elf, &shstrndx) != 0)
+	return false;
+      const char *sname = elf_strptr (elf, shstrndx, destshdr->sh_name);
       if (sname != NULL
 	  && (strcmp (sname, ".got") == 0 || strcmp (sname, ".got.plt") == 0))
 	{
@@ -79,7 +82,7 @@ aarch64_check_special_symbol (Elf *elf, GElf_Ehdr *ehdr, const GElf_Sym *sym,
 	      GElf_Shdr *shdr = gelf_getshdr (scn, &shdr_mem);
 	      if (shdr != NULL)
 		{
-		  sname = elf_strptr (elf, ehdr->e_shstrndx, shdr->sh_name);
+		  sname = elf_strptr (elf, shstrndx, shdr->sh_name);
 		  if (sname != NULL && strcmp (sname, ".got") == 0)
 		    return (sym->st_value >= shdr->sh_addr
 			    && sym->st_value < shdr->sh_addr + shdr->sh_size);
diff --git a/backends/alpha_symbol.c b/backends/alpha_symbol.c
index 657d9ee..b7f7c17 100644
--- a/backends/alpha_symbol.c
+++ b/backends/alpha_symbol.c
@@ -130,7 +130,6 @@ alpha_check_special_section (Ebl *ebl,
    normal checks.  */
 bool
 alpha_check_special_symbol (Elf *elf __attribute__ ((unused)),
-			    GElf_Ehdr *ehdr __attribute__ ((unused)),
 			    const GElf_Sym *sym __attribute__ ((unused)),
 			    const char *name,
 			    const GElf_Shdr *destshdr __attribute__ ((unused)))
diff --git a/backends/ppc64_symbol.c b/backends/ppc64_symbol.c
index 0feddce..40ba4f7 100644
--- a/backends/ppc64_symbol.c
+++ b/backends/ppc64_symbol.c
@@ -94,12 +94,15 @@ ppc64_dynamic_tag_check (int64_t tag)
 /* Check whether given symbol's st_value and st_size are OK despite failing
    normal checks.  */
 bool
-ppc64_check_special_symbol (Elf *elf, GElf_Ehdr *ehdr,
+ppc64_check_special_symbol (Elf *elf,
 			    const GElf_Sym *sym __attribute__ ((unused)),
 			    const char *name __attribute__ ((unused)),
 			    const GElf_Shdr *destshdr)
 {
-  const char *sname = elf_strptr (elf, ehdr->e_shstrndx, destshdr->sh_name);
+  size_t shstrndx;
+  if (elf_getshdrstrndx (elf, &shstrndx) != 0)
+    return false;
+  const char *sname = elf_strptr (elf, shstrndx, destshdr->sh_name);
   if (sname == NULL)
     return false;
   return strcmp (sname, ".opd") == 0;
diff --git a/backends/ppc_symbol.c b/backends/ppc_symbol.c
index 4b32003..35b1431 100644
--- a/backends/ppc_symbol.c
+++ b/backends/ppc_symbol.c
@@ -135,7 +135,7 @@ find_dyn_got (Elf *elf, GElf_Addr *addr)
 /* Check whether given symbol's st_value and st_size are OK despite failing
    normal checks.  */
 bool
-ppc_check_special_symbol (Elf *elf, GElf_Ehdr *ehdr, const GElf_Sym *sym,
+ppc_check_special_symbol (Elf *elf, const GElf_Sym *sym,
 			  const char *name, const GElf_Shdr *destshdr)
 {
   if (name == NULL)
@@ -152,7 +152,10 @@ ppc_check_special_symbol (Elf *elf, GElf_Ehdr *ehdr, const GElf_Sym *sym,
       return true;
     }
 
-  const char *sname = elf_strptr (elf, ehdr->e_shstrndx, destshdr->sh_name);
+  size_t shstrndx;
+  if (elf_getshdrstrndx (elf, &shstrndx) != 0)
+    return false;
+  const char *sname = elf_strptr (elf, shstrndx, destshdr->sh_name);
   if (sname == NULL)
     return false;
 
diff --git a/backends/riscv_symbol.c b/backends/riscv_symbol.c
index dce8e35..866a2d7 100644
--- a/backends/riscv_symbol.c
+++ b/backends/riscv_symbol.c
@@ -64,13 +64,16 @@ riscv_machine_flag_check (GElf_Word flags)
 /* Check whether given symbol's st_value and st_size are OK despite failing
    normal checks.  */
 bool
-riscv_check_special_symbol (Elf *elf, GElf_Ehdr *ehdr, const GElf_Sym *sym,
+riscv_check_special_symbol (Elf *elf, const GElf_Sym *sym,
 			    const char *name, const GElf_Shdr *destshdr)
 {
   if (name == NULL)
     return false;
 
-  const char *sname = elf_strptr (elf, ehdr->e_shstrndx, destshdr->sh_name);
+  size_t shstrndx;
+  if (elf_getshdrstrndx (elf, &shstrndx) != 0)
+    return false;
+  const char *sname = elf_strptr (elf, shstrndx, destshdr->sh_name);
   if (sname == NULL)
     return false;
 
diff --git a/libebl/ChangeLog b/libebl/ChangeLog
index f76afd1..574aae6 100644
--- a/libebl/ChangeLog
+++ b/libebl/ChangeLog
@@ -1,3 +1,10 @@
+2018-09-12  Mark Wielaard  <mark@klomp.org>
+
+	* ebl-hooks.h (check_special_symbol): Drop ehdr argument.
+	* ebl_check_special_symbol.c (ebl_check_special_symbol): Likewise.
+	* eblopenbackend.c (default_check_special_symbol): Likewise.
+	* libebl.h (ebl_check_special_symbol): Likewise.
+
 2018-07-04  Ross Burton <ross.burton@intel.com>
 
 	* eblopenbackend.c: Remove error.h include.
diff --git a/libebl/ebl-hooks.h b/libebl/ebl-hooks.h
index f3a0e64..7a355cd 100644
--- a/libebl/ebl-hooks.h
+++ b/libebl/ebl-hooks.h
@@ -118,7 +118,7 @@ bool EBLHOOK(none_reloc_p) (int);
 bool EBLHOOK(relative_reloc_p) (int);
 
 /* Check whether given symbol's value is ok despite normal checks.  */
-bool EBLHOOK(check_special_symbol) (Elf *, GElf_Ehdr *, const GElf_Sym *,
+bool EBLHOOK(check_special_symbol) (Elf *, const GElf_Sym *,
 			      const char *, const GElf_Shdr *);
 
 /* Check if this is a data marker symbol.  e.g. '$d' symbols for ARM.  */
diff --git a/libebl/ebl_check_special_symbol.c b/libebl/ebl_check_special_symbol.c
index bdcb026..1f60c3f 100644
--- a/libebl/ebl_check_special_symbol.c
+++ b/libebl/ebl_check_special_symbol.c
@@ -35,11 +35,11 @@
 
 
 bool
-ebl_check_special_symbol (Ebl *ebl, GElf_Ehdr *ehdr, const GElf_Sym *sym,
+ebl_check_special_symbol (Ebl *ebl, const GElf_Sym *sym,
 			  const char *name, const GElf_Shdr *destshdr)
 {
   if (ebl == NULL)
     return false;
 
-  return ebl->check_special_symbol (ebl->elf, ehdr, sym, name, destshdr);
+  return ebl->check_special_symbol (ebl->elf, sym, name, destshdr);
 }
diff --git a/libebl/eblopenbackend.c b/libebl/eblopenbackend.c
index 1962e60..f5b3de2 100644
--- a/libebl/eblopenbackend.c
+++ b/libebl/eblopenbackend.c
@@ -181,7 +181,7 @@ static bool default_debugscn_p (const char *name);
 static bool default_copy_reloc_p (int reloc);
 static bool default_none_reloc_p (int reloc);
 static bool default_relative_reloc_p (int reloc);
-static bool default_check_special_symbol (Elf *elf, GElf_Ehdr *ehdr,
+static bool default_check_special_symbol (Elf *elf,
 					  const GElf_Sym *sym,
 					  const char *name,
 					  const GElf_Shdr *destshdr);
@@ -673,7 +673,6 @@ strong_alias (default_copy_reloc_p, default_relative_reloc_p)
 
 static bool
 default_check_special_symbol (Elf *elf __attribute__ ((unused)),
-			      GElf_Ehdr *ehdr __attribute__ ((unused)),
 			      const GElf_Sym *sym __attribute__ ((unused)),
 			      const char *name __attribute__ ((unused)),
 			      const GElf_Shdr *destshdr __attribute__ ((unused)))
diff --git a/libebl/libebl.h b/libebl/libebl.h
index 882bdb9..0e1f41b 100644
--- a/libebl/libebl.h
+++ b/libebl/libebl.h
@@ -152,7 +152,7 @@ extern bool ebl_dynamic_tag_check (Ebl *ebl, int64_t tag);
 
 /* Check whether given symbol's st_value and st_size are OK despite failing
    normal checks.  */
-extern bool ebl_check_special_symbol (Ebl *ebl, GElf_Ehdr *ehdr,
+extern bool ebl_check_special_symbol (Ebl *ebl,
 				      const GElf_Sym *sym, const char *name,
 				      const GElf_Shdr *destshdr);
 
diff --git a/src/ChangeLog b/src/ChangeLog
index 29d3644..a118519 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,8 @@
+2018-09-12  Mark Wielaard  <mark@klomp.org>
+
+	* elflint.c (check_symtab): Call ebl_check_special_symbol without
+	ehdr.
+
 2018-07-30  Mark Wielaard  <mark@klomp.org>
 
 	* strip.c (handle_elf): Track allocated/unallocated sections seen. Set
diff --git a/src/elflint.c b/src/elflint.c
index 90e8fed..b49436c 100644
--- a/src/elflint.c
+++ b/src/elflint.c
@@ -796,7 +796,7 @@ section [%2d] '%s': symbol %zu: function in COMMON section is nonsense\n"),
 		st_value = sym->st_value;
 	      if (GELF_ST_TYPE (sym->st_info) != STT_TLS)
 		{
-		  if (! ebl_check_special_symbol (ebl, ehdr, sym, name,
+		  if (! ebl_check_special_symbol (ebl, sym, name,
 						  destshdr))
 		    {
 		      if (st_value - sh_addr > destshdr->sh_size)
@@ -997,7 +997,7 @@ section [%2d] '%s'\n"),
 	      if (destshdr != NULL)
 		{
 		  /* Found it.  */
-		  if (!ebl_check_special_symbol (ebl, ehdr, sym, name,
+		  if (!ebl_check_special_symbol (ebl, sym, name,
 						 destshdr))
 		    {
 		      if (ehdr->e_type != ET_REL
-- 
1.8.3.1

[PATCH 04/10] elfcmp: Get, check and shdrstrndx for section names.

[Mark Wielaard]

elfcmp would use the Ehdr e_shstrndx field to find the shdr string
index table. Use elf_getshdrstrndx instead to be able to handle ELF
files with more than SHN_LORESERVE sections.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 src/ChangeLog |  4 ++++
 src/elfcmp.c  | 20 ++++++++++++++++++--
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/src/ChangeLog b/src/ChangeLog
index 7d046ec..79da69b 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,7 @@
+2018-09-13  Mark Wielaard  <mark@klomp.org>
+
+	* elfcmp.c (main): Get, check and shdrstrndx for section names.
+
 2018-09-12  Mark Wielaard  <mark@klomp.org>
 
 	* elfcmp.c (main): Call ebl_section_strip_p without ehdr.
diff --git a/src/elfcmp.c b/src/elfcmp.c
index b68df68..d5dc1ff 100644
--- a/src/elfcmp.c
+++ b/src/elfcmp.c
@@ -235,6 +235,22 @@ main (int argc, char *argv[])
       DIFFERENCE;
     }
 
+  size_t shstrndx1;
+  size_t shstrndx2;
+  if (elf_getshdrstrndx (elf1, &shstrndx1) != 0)
+    error (2, 0, gettext ("cannot get hdrstrndx of '%s': %s"),
+	   fname1, elf_errmsg (-1));
+  if (elf_getshdrstrndx (elf2, &shstrndx2) != 0)
+    error (2, 0, gettext ("cannot get hdrstrndx of '%s': %s"),
+	   fname2, elf_errmsg (-1));
+  if (shstrndx1 != shstrndx2)
+    {
+      if (! quiet)
+	error (0, 0, gettext ("%s %s diff: shdr string index"),
+	       fname1, fname2);
+      DIFFERENCE;
+    }
+
   /* Iterate over all sections.  We expect the sections in the two
      files to match exactly.  */
   Elf_Scn *scn1 = NULL;
@@ -251,7 +267,7 @@ main (int argc, char *argv[])
 	  scn1 = elf_nextscn (elf1, scn1);
 	  shdr1 = gelf_getshdr (scn1, &shdr1_mem);
 	  if (shdr1 != NULL)
-	    sname1 = elf_strptr (elf1, ehdr1->e_shstrndx, shdr1->sh_name);
+	    sname1 = elf_strptr (elf1, shstrndx1, shdr1->sh_name);
 	}
       while (scn1 != NULL
 	     && ebl_section_strip_p (ebl1, shdr1, sname1, true, false));
@@ -264,7 +280,7 @@ main (int argc, char *argv[])
 	  scn2 = elf_nextscn (elf2, scn2);
 	  shdr2 = gelf_getshdr (scn2, &shdr2_mem);
 	  if (shdr2 != NULL)
-	    sname2 = elf_strptr (elf2, ehdr2->e_shstrndx, shdr2->sh_name);
+	    sname2 = elf_strptr (elf2, shstrndx2, shdr2->sh_name);
 	}
       while (scn2 != NULL
 	     && ebl_section_strip_p (ebl2, shdr2, sname2, true, false));
-- 
1.8.3.1

[PATCH 06/10] elflint: Use shnum and shstrndx instead of ehdr field directly.

[Mark Wielaard]

We already got the right shnum and shstrndx. But were still using
e_shnum in one check for ELFCLASS64 (it was correct for ELFCLASS32).
And when getting section names in check_symtab we still used
e_shstrndx in two places.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 src/ChangeLog | 7 +++++++
 src/elflint.c | 6 +++---
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/ChangeLog b/src/ChangeLog
index 79da69b..a093a73 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,5 +1,12 @@
 2018-09-13  Mark Wielaard  <mark@klomp.org>
 
+	* elflint.c (check_elf_header): Use shnum instead of e_shnum for all
+	checks.
+	(check_symtab): Use shstrndx instead of e_shstrndx to get section
+	names.
+
+2018-09-13  Mark Wielaard  <mark@klomp.org>
+
 	* elfcmp.c (main): Get, check and shdrstrndx for section names.
 
 2018-09-12  Mark Wielaard  <mark@klomp.org>
diff --git a/src/elflint.c b/src/elflint.c
index b49436c..3d44595 100644
--- a/src/elflint.c
+++ b/src/elflint.c
@@ -541,7 +541,7 @@ invalid number of program header table entries\n"));
       if (ehdr->e_shentsize != 0 && ehdr->e_shentsize != sizeof (Elf64_Shdr))
 	ERROR (gettext ("invalid section header size: %hd\n"),
 	       ehdr->e_shentsize);
-      else if (ehdr->e_shoff + ehdr->e_shnum * ehdr->e_shentsize > size)
+      else if (ehdr->e_shoff + shnum * ehdr->e_shentsize > size)
 	ERROR (gettext ("invalid section header position or size\n"));
     }
 }
@@ -956,7 +956,7 @@ section [%2d] '%s': symbol %zu: non-local section symbol\n"),
 		      destshdr = gelf_getshdr (gscn, &destshdr_mem);
 		      assert (destshdr != NULL);
 		      const char *sname = elf_strptr (ebl->elf,
-						      ehdr->e_shstrndx,
+						      shstrndx,
 						      destshdr->sh_name);
 		      if (sname != NULL)
 			{
@@ -977,7 +977,7 @@ section [%2d] '%s': symbol %zu: non-local section symbol\n"),
 
 	      const char *sname = ((destshdr == NULL || xndx == SHN_UNDEF)
 				   ? NULL
-				   : elf_strptr (ebl->elf, ehdr->e_shstrndx,
+				   : elf_strptr (ebl->elf, shstrndx,
 						 destshdr->sh_name));
 	      if (sname == NULL)
 		{
-- 
1.8.3.1

[PATCH 10/10] libdwfl: Document core memory and remote memory ELF shdrs reading.

[Mark Wielaard]

There are two places, dwfl_segment_report_module and elf_from_remote_memory
in libdwfl where we use the Ehdr e_shnum directly. Document why this is fine.
Getting the shdrs in those two places is really just a nice bonus and if there
are more than 0xff00 then it is unlikely we will get them all anyway.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 libdwfl/ChangeLog                    | 6 ++++++
 libdwfl/dwfl_segment_report_module.c | 6 ++++++
 libdwfl/elf-from-memory.c            | 6 ++++++
 3 files changed, 18 insertions(+)

diff --git a/libdwfl/ChangeLog b/libdwfl/ChangeLog
index 15d7511..5e9b986 100644
--- a/libdwfl/ChangeLog
+++ b/libdwfl/ChangeLog
@@ -1,3 +1,9 @@
+2018-09-13  Mark Wielaard  <mark@klomp.org>
+
+	* dwfl_segment_report_module.c (dwfl_segment_report_module):
+	Document why we use e_shnum directly.
+	* elf-from-memory.c (elf_from_remote_memory): Likewise.
+
 2018-07-17  Ulf Hermann  <ulf.hermann@qt.io>
 
 	* linux-pid-attach.c: Include sys/uio.h only on linux.
diff --git a/libdwfl/dwfl_segment_report_module.c b/libdwfl/dwfl_segment_report_module.c
index 207a257..36e5c82 100644
--- a/libdwfl/dwfl_segment_report_module.c
+++ b/libdwfl/dwfl_segment_report_module.c
@@ -367,6 +367,11 @@ dwfl_segment_report_module (Dwfl *dwfl, int ndx, const char *name,
       phentsize = ehdr.e32.e_phentsize;
       if (phentsize != sizeof (Elf32_Phdr))
 	return finish ();
+      /* NOTE if the number of sections is > 0xff00 then e_shnum
+	 is zero and the actual number would come from the section
+	 zero sh_size field. We ignore this here because getting shdrs
+	 is just a nice bonus (see below in consider_phdr PT_LOAD
+	 where we trim the last segment).  */
       shdrs_end = ehdr.e32.e_shoff + ehdr.e32.e_shnum * ehdr.e32.e_shentsize;
       break;
 
@@ -380,6 +385,7 @@ dwfl_segment_report_module (Dwfl *dwfl, int ndx, const char *name,
       phentsize = ehdr.e64.e_phentsize;
       if (phentsize != sizeof (Elf64_Phdr))
 	return finish ();
+      /* See the NOTE above for shdrs_end and ehdr.e32.e_shnum.  */
       shdrs_end = ehdr.e64.e_shoff + ehdr.e64.e_shnum * ehdr.e64.e_shentsize;
       break;
 
diff --git a/libdwfl/elf-from-memory.c b/libdwfl/elf-from-memory.c
index 12a0a1b..c54c1b9 100644
--- a/libdwfl/elf-from-memory.c
+++ b/libdwfl/elf-from-memory.c
@@ -139,6 +139,11 @@ elf_from_remote_memory (GElf_Addr ehdr_vma,
       phentsize = ehdr.e32.e_phentsize;
       if (phentsize != sizeof (Elf32_Phdr) || phnum == 0)
 	goto bad_elf;
+      /* NOTE if the number of sections is > 0xff00 then e_shnum
+	 is zero and the actual number would come from the section
+	 zero sh_size field. We ignore this here because getting shdrs
+	 is just a nice bonus (see below where we trim the last phdrs
+	 PT_LOAD segment).  */
       shdrs_end = ehdr.e32.e_shoff + ehdr.e32.e_shnum * ehdr.e32.e_shentsize;
       break;
 
@@ -151,6 +156,7 @@ elf_from_remote_memory (GElf_Addr ehdr_vma,
       phentsize = ehdr.e64.e_phentsize;
       if (phentsize != sizeof (Elf64_Phdr) || phnum == 0)
 	goto bad_elf;
+      /* See the NOTE above for shdrs_end and ehdr.e32.e_shnum.  */
       shdrs_end = ehdr.e64.e_shoff + ehdr.e64.e_shnum * ehdr.e64.e_shentsize;
       break;
 
-- 
1.8.3.1

[PATCH 08/10] strip,unstrip: Use and set shdrstrndx consistently.

[Mark Wielaard]

In various places in strip we used e_shstrndx instead of shdrstrndx and we
didn't setup the shdrstrndx for the debug file. In unstrip we forgot to copy
the shdrstrndx in case the -o output option was used.

Added a new testcase that adds many sections to a testfile and runs strip, elflint,
unstrip and elfcmp.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 src/ChangeLog                |  7 +++++
 src/strip.c                  | 43 ++++++++++++++++++++++++++---
 src/unstrip.c                | 21 +++++++++++++-
 tests/ChangeLog              |  6 ++++
 tests/Makefile.am            |  4 +--
 tests/run-strip-test-many.sh | 66 ++++++++++++++++++++++++++++++++++++++++++++
 6 files changed, 140 insertions(+), 7 deletions(-)
 create mode 100755 tests/run-strip-test-many.sh

diff --git a/src/ChangeLog b/src/ChangeLog
index a093a73..524c81a 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,5 +1,12 @@
 2018-09-13  Mark Wielaard  <mark@klomp.org>
 
+	* strip.c (handle_elf): Check against shstrndx, not e_shstrndx.
+	Explicitly set shdrstrndx for debug file.
+	* unstrip.c (copy_elf): Explicitly copy shstrndx.
+	(find_alloc_sections_prelink): Document shnum usage.
+
+2018-09-13  Mark Wielaard  <mark@klomp.org>
+
 	* elflint.c (check_elf_header): Use shnum instead of e_shnum for all
 	checks.
 	(check_symtab): Use shstrndx instead of e_shstrndx to get section
diff --git a/src/strip.c b/src/strip.c
index dc71236..4a3db1b 100644
--- a/src/strip.c
+++ b/src/strip.c
@@ -820,7 +820,7 @@ handle_elf (int fd, Elf *elf, const char *prefix, const char *fname,
 	: (ebl_section_strip_p (ebl, &shdr_info[cnt].shdr,
 				shdr_info[cnt].name, remove_comment,
 				remove_debug)
-	   || cnt == ehdr->e_shstrndx
+	   || cnt == shstrndx
 	   || section_name_matches (remove_secs, shdr_info[cnt].name)))
       {
 	/* The user might want to explicitly keep this one.  */
@@ -1081,7 +1081,7 @@ handle_elf (int fd, Elf *elf, const char *prefix, const char *fname,
 				  && shdr_info[cnt].debug_data == NULL
 				  && shdr_info[cnt].shdr.sh_type != SHT_NOTE
 				  && shdr_info[cnt].shdr.sh_type != SHT_GROUP
-				  && cnt != ehdr->e_shstrndx);
+				  && cnt != shstrndx);
 
 	  /* Set the section header in the new file.  */
 	  GElf_Shdr debugshdr = shdr_info[cnt].shdr;
@@ -1134,7 +1134,42 @@ handle_elf (int fd, Elf *elf, const char *prefix, const char *fname,
       debugehdr->e_version = ehdr->e_version;
       debugehdr->e_entry = ehdr->e_entry;
       debugehdr->e_flags = ehdr->e_flags;
-      debugehdr->e_shstrndx = ehdr->e_shstrndx;
+
+      size_t shdrstrndx;
+      if (elf_getshdrstrndx (elf, &shdrstrndx) < 0)
+	{
+	  error (0, 0, gettext ("%s: error while getting shdrstrndx: %s"),
+		 fname, elf_errmsg (-1));
+	  result = 1;
+	  goto fail_close;
+	}
+
+      if (shstrndx < SHN_LORESERVE)
+	debugehdr->e_shstrndx = shdrstrndx;
+      else
+	{
+	  debugehdr->e_shstrndx = SHN_XINDEX;
+	  Elf_Scn *scn0 = elf_getscn (debugelf, 0);
+	  GElf_Shdr shdr0_mem;
+	  GElf_Shdr *shdr0 = gelf_getshdr (scn0, &shdr0_mem);
+	  if (shdr0 == NULL)
+	    {
+	      error (0, 0, gettext ("%s: error getting zero section: %s"),
+		     debug_fname, elf_errmsg (-1));
+	      result = 1;
+	      goto fail_close;
+	    }
+
+	  shdr0->sh_link = shdrstrndx;
+	  if (gelf_update_shdr (scn0, shdr0) == 0)
+	    {
+	      error (0, 0, gettext ("%s: error while updating zero section: %s"),
+		     debug_fname, elf_errmsg (-1));
+	      result = 1;
+	      goto fail_close;
+	    }
+
+	}
 
       if (unlikely (gelf_update_ehdr (debugelf, debugehdr) == 0))
 	{
@@ -1187,7 +1222,7 @@ handle_elf (int fd, Elf *elf, const char *prefix, const char *fname,
      the .shstrtab section which we would add again.  */
   bool removing_sections = !(cnt == idx
 			     || (cnt == idx + 1
-				 && shdr_info[ehdr->e_shstrndx].idx == 0));
+				 && shdr_info[shstrndx].idx == 0));
   if (output_fname == NULL && !removing_sections)
       goto fail_close;
 
diff --git a/src/unstrip.c b/src/unstrip.c
index ec46c95..e6f0947 100644
--- a/src/unstrip.c
+++ b/src/unstrip.c
@@ -239,8 +239,27 @@ copy_elf (Elf *outelf, Elf *inelf)
   ELF_CHECK (gelf_newehdr (outelf, gelf_getclass (inelf)),
 	     _("cannot create ELF header: %s"));
 
+  size_t shstrndx;
+  ELF_CHECK (elf_getshdrstrndx (inelf, &shstrndx) == 0,
+	     _("cannot get shdrstrndx:%s"));
+
   GElf_Ehdr ehdr_mem;
   GElf_Ehdr *ehdr = gelf_getehdr (inelf, &ehdr_mem);
+  if (shstrndx < SHN_LORESERVE)
+    ehdr->e_shstrndx = shstrndx;
+  else
+    {
+      ehdr->e_shstrndx = SHN_XINDEX;
+      Elf_Scn *scn0 = elf_getscn (outelf, 0);
+      GElf_Shdr shdr0_mem;
+      GElf_Shdr *shdr0 = gelf_getshdr (scn0, &shdr0_mem);
+      ELF_CHECK (shdr0 != NULL,
+		 _("cannot get new zero section: %s"));
+      shdr0->sh_link = shstrndx;
+      ELF_CHECK (gelf_update_shdr (scn0, shdr0),
+		 _("cannot update new zero section: %s"));
+    }
+
   ELF_CHECK (gelf_update_ehdr (outelf, ehdr),
 	     _("cannot copy ELF header: %s"));
 
@@ -1025,7 +1044,7 @@ find_alloc_sections_prelink (Elf *debug, Elf_Data *debug_shstrtab,
 		 _("cannot read '.gnu.prelink_undo' section: %s"));
 
       uint_fast16_t phnum;
-      uint_fast16_t shnum;
+      uint_fast16_t shnum;  /* prelink doesn't handle > SHN_LORESERVE.  */
       if (ehdr.e32.e_ident[EI_CLASS] == ELFCLASS32)
 	{
 	  phnum = ehdr.e32.e_phnum;
diff --git a/tests/ChangeLog b/tests/ChangeLog
index 33fee35..4e8b814 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,5 +1,11 @@
 2018-09-13  Mark Wielaard  <mark@klomp.org>
 
+	* run-strip-test-many.sh: New test.
+	* Makefile.am (TESTS): Add run-strip-test-many.sh.
+	(EXTRA_DIST): Likewise.
+
+2018-09-13  Mark Wielaard  <mark@klomp.org>
+
 	* run-typeiter-many.sh: New test.
 	* Makefile.am (TESTS): Add run-typeiter-many.sh.
 	(EXTRA_DIST): Likewise.
diff --git a/tests/Makefile.am b/tests/Makefile.am
index d8ebd03..74c477e 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -156,7 +156,7 @@ TESTS = run-arextract.sh run-arsymtest.sh run-ar.sh newfile test-nlist \
 	run-reloc-bpf.sh \
 	run-next-cfi.sh run-next-cfi-self.sh \
 	run-copyadd-sections.sh run-copymany-sections.sh \
-	run-typeiter-many.sh
+	run-typeiter-many.sh run-strip-test-many.sh
 
 if !BIARCH
 export ELFUTILS_DISABLE_BIARCH = 1
@@ -408,7 +408,7 @@ EXTRA_DIST = run-arextract.sh run-arsymtest.sh run-ar.sh \
 	     testfile-riscv64.bz2 testfile-riscv64-s.bz2 \
 	     testfile-riscv64-core.bz2 \
 	     run-copyadd-sections.sh run-copymany-sections.sh \
-	     run-typeiter-many.sh
+	     run-typeiter-many.sh run-strip-test-many.sh
 
 if USE_VALGRIND
 valgrind_cmd='valgrind -q --leak-check=full --error-exitcode=1'
diff --git a/tests/run-strip-test-many.sh b/tests/run-strip-test-many.sh
new file mode 100755
index 0000000..9a9657c
--- /dev/null
+++ b/tests/run-strip-test-many.sh
@@ -0,0 +1,66 @@
+#! /bin/sh
+# Copyright (C) 2018 Red Hat, Inc.
+# This file is part of elfutils.
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# elfutils is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+. $srcdir/test-subr.sh
+
+# Use the original file from run-strip-test.sh but with many sections
+testfiles testfile
+tempfiles testfile.strip testfile.debug testfile.unstrip
+
+echo "Adding sections to testfile"
+testrun ${abs_builddir}/addsections 65535 testfile
+
+echo "Testing strip -o"
+testrun ${abs_top_builddir}/src/strip -o testfile.strip -f testfile.debug testfile
+
+# Do the parts check out?
+echo "elflint testfile.strip"
+testrun ${abs_top_builddir}/src/elflint --gnu -q testfile.strip
+echo "elflint testfile.debug"
+testrun ${abs_top_builddir}/src/elflint --gnu -q -d testfile.debug
+
+# Now test unstrip recombining those files.
+echo "unstrip"
+testrun ${abs_top_builddir}/src/unstrip -o testfile.unstrip testfile.strip testfile.debug
+echo "elfcmp"
+testrun ${abs_top_builddir}/src/elfcmp testfile testfile.unstrip
+
+# test strip -g
+echo "Testing strip -g"
+testrun ${abs_top_builddir}/src/strip -g -o testfile.strip -f testfile.debug testfile
+
+# Do the parts check out?
+echo "elflint testfile.strip"
+testrun ${abs_top_builddir}/src/elflint --gnu -q testfile.strip
+echo "elflint testfile.debug"
+testrun ${abs_top_builddir}/src/elflint --gnu -q -d testfile.debug
+
+# Now strip "in-place" and make sure it is smaller.
+echo "TEsting strip in-place"
+SIZE_original=$(stat -c%s testfile)
+echo "original size $SIZE_original"
+
+testrun ${abs_top_builddir}/src/strip testfile
+SIZE_stripped=$(stat -c%s testfile)
+echo "stripped size $SIZE_stripped"
+test $SIZE_stripped -lt $SIZE_original ||
+  { echo "*** failure in-place strip file not smaller $original"; exit 1; }
+
+echo "elflint in-place"
+testrun ${abs_top_builddir}/src/elflint --gnu -q testfile
+
+exit 0
-- 
1.8.3.1

[PATCH 02/10] backends: Use elf_getshdrstrndx to find .odp section in ppc64_init

[Mark Wielaard]

The .odp section is found by name. But ppc64_init used the e_shstrndx
Ehdr field for that. This is wrong if the file contains more than
SHN_LORESERVE sections. Use elf_getshdrstrndx instead to find the
shstrtab section.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 backends/ChangeLog    | 4 ++++
 backends/ppc64_init.c | 6 ++++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/backends/ChangeLog b/backends/ChangeLog
index ada349f..fdff302 100644
--- a/backends/ChangeLog
+++ b/backends/ChangeLog
@@ -1,5 +1,9 @@
 2018-09-12  Mark Wielaard  <mark@klomp.org>
 
+	* ppc64_init.c (ppc64_init): Use elf_getshdrstrndx.
+
+2018-09-12  Mark Wielaard  <mark@klomp.org>
+
 	* aarch64_symbol.c (aarch64_check_special_symbol): Drop ehdr argument,
 	use elf_getshdrstrndx.
 	* alpha_symbol.c (alpha_check_special_symbol): Drop ehdr argument.
diff --git a/backends/ppc64_init.c b/backends/ppc64_init.c
index e567033..3db5e76 100644
--- a/backends/ppc64_init.c
+++ b/backends/ppc64_init.c
@@ -80,7 +80,9 @@ ppc64_init (Elf *elf __attribute__ ((unused)),
   if (elf != NULL)
     {
       GElf_Ehdr ehdr_mem, *ehdr = gelf_getehdr (elf, &ehdr_mem);
-      if (ehdr != NULL && ehdr->e_type != ET_REL)
+      size_t shstrndx;
+      if (ehdr != NULL && ehdr->e_type != ET_REL
+	  && elf_getshdrstrndx (elf, &shstrndx) == 0)
 	{
 	  /* We could also try through DT_PPC64_OPD and DT_PPC64_OPDSZ. */
 	  GElf_Shdr opd_shdr_mem, *opd_shdr;
@@ -93,7 +95,7 @@ ppc64_init (Elf *elf __attribute__ ((unused)),
 		  && opd_shdr->sh_type == SHT_PROGBITS
 		  && opd_shdr->sh_size > 0)
 		{
-		  const char *name = elf_strptr (elf, ehdr->e_shstrndx,
+		  const char *name = elf_strptr (elf, shstrndx,
 						 opd_shdr->sh_name);
 		  if (name != NULL && strcmp (name, ".opd") == 0)
 		    {
-- 
1.8.3.1

[PATCH 07/10] libdw: dwarf_begin_elf should use elf_getshdrstrndx to get section names.

[Mark Wielaard]

dwarf_begin_elf used the Ehdr e_shstrndx to get the shdr string table
section. This does not work for ELF files with more than SHN_LORESERVE
sections. Use elf_getshdrstrndx, and don't pass around the ehdr.

Add a simple testcase that fails before the patch because dwarf_begin
return an error.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 libdw/ChangeLog            |  9 +++++++++
 libdw/dwarf_begin_elf.c    | 27 +++++++++++++++++++--------
 tests/ChangeLog            |  6 ++++++
 tests/Makefile.am          |  6 ++++--
 tests/run-typeiter-many.sh | 31 +++++++++++++++++++++++++++++++
 5 files changed, 69 insertions(+), 10 deletions(-)
 create mode 100755 tests/run-typeiter-many.sh

diff --git a/libdw/ChangeLog b/libdw/ChangeLog
index 7cb2592..ebe002c 100644
--- a/libdw/ChangeLog
+++ b/libdw/ChangeLog
@@ -1,3 +1,12 @@
+2018-09-13  Mark Wielaard  <mark@klomp.org>
+
+	* dwarf_begin_elf.c (check_section): Drop ehdr argument, add and
+	use shstrndx argument.
+	(global_read): Likewise.
+	(scngrp_read): Likewise.
+	(dwarf_begin_elf): Call elf_getshdrstrndx. Pass shstrndx to
+	global_read or scngrp_read.
+
 2018-08-18  Mark Wielaard  <mark@klomp.org>
 
 	* dwarf_getabbrev.c (__libdw_getabbrev): Continue until both name
diff --git a/libdw/dwarf_begin_elf.c b/libdw/dwarf_begin_elf.c
index 184a6dc..38c8f5c 100644
--- a/libdw/dwarf_begin_elf.c
+++ b/libdw/dwarf_begin_elf.c
@@ -71,7 +71,7 @@ static const char dwarf_scnnames[IDX_last][19] =
 #define ndwarf_scnnames (sizeof (dwarf_scnnames) / sizeof (dwarf_scnnames[0]))
 
 static Dwarf *
-check_section (Dwarf *result, GElf_Ehdr *ehdr, Elf_Scn *scn, bool inscngrp)
+check_section (Dwarf *result, size_t shstrndx, Elf_Scn *scn, bool inscngrp)
 {
   GElf_Shdr shdr_mem;
   GElf_Shdr *shdr;
@@ -101,7 +101,7 @@ check_section (Dwarf *result, GElf_Ehdr *ehdr, Elf_Scn *scn, bool inscngrp)
 
   /* We recognize the DWARF section by their names.  This is not very
      safe and stable but the best we can do.  */
-  const char *scnname = elf_strptr (result->elf, ehdr->e_shstrndx,
+  const char *scnname = elf_strptr (result->elf, shstrndx,
 				    shdr->sh_name);
   if (scnname == NULL)
     {
@@ -302,19 +302,19 @@ valid_p (Dwarf *result)
 
 
 static Dwarf *
-global_read (Dwarf *result, Elf *elf, GElf_Ehdr *ehdr)
+global_read (Dwarf *result, Elf *elf, size_t shstrndx)
 {
   Elf_Scn *scn = NULL;
 
   while (result != NULL && (scn = elf_nextscn (elf, scn)) != NULL)
-    result = check_section (result, ehdr, scn, false);
+    result = check_section (result, shstrndx, scn, false);
 
   return valid_p (result);
 }
 
 
 static Dwarf *
-scngrp_read (Dwarf *result, Elf *elf, GElf_Ehdr *ehdr, Elf_Scn *scngrp)
+scngrp_read (Dwarf *result, Elf *elf, size_t shstrndx, Elf_Scn *scngrp)
 {
   GElf_Shdr shdr_mem;
   GElf_Shdr *shdr = gelf_getshdr (scngrp, &shdr_mem);
@@ -363,7 +363,7 @@ scngrp_read (Dwarf *result, Elf *elf, GElf_Ehdr *ehdr, Elf_Scn *scngrp)
 	  return NULL;
 	}
 
-      result = check_section (result, ehdr, scn, true);
+      result = check_section (result, shstrndx, scn, true);
       if (result == NULL)
 	break;
     }
@@ -425,15 +425,26 @@ dwarf_begin_elf (Elf *elf, Dwarf_Cmd cmd, Elf_Scn *scngrp)
 
   if (cmd == DWARF_C_READ || cmd == DWARF_C_RDWR)
     {
+      /* All sections are recognized by name, so pass the section header
+	 string index along to easily get the section names.  */
+      size_t shstrndx;
+      if (elf_getshdrstrndx (elf, &shstrndx) != 0)
+	{
+	  Dwarf_Sig8_Hash_free (&result->sig8_hash);
+	  __libdw_seterrno (DWARF_E_INVALID_ELF);
+	  free (result);
+	  return NULL;
+	}
+
       /* If the caller provides a section group we get the DWARF
 	 sections only from this setion group.  Otherwise we search
 	 for the first section with the required name.  Further
 	 sections with the name are ignored.  The DWARF specification
 	 does not really say this is allowed.  */
       if (scngrp == NULL)
-	return global_read (result, elf, ehdr);
+	return global_read (result, elf, shstrndx);
       else
-	return scngrp_read (result, elf, ehdr, scngrp);
+	return scngrp_read (result, elf, shstrndx, scngrp);
     }
   else if (cmd == DWARF_C_WRITE)
     {
diff --git a/tests/ChangeLog b/tests/ChangeLog
index 7668a66..33fee35 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,5 +1,11 @@
 2018-09-13  Mark Wielaard  <mark@klomp.org>
 
+	* run-typeiter-many.sh: New test.
+	* Makefile.am (TESTS): Add run-typeiter-many.sh.
+	(EXTRA_DIST): Likewise.
+
+2018-09-13  Mark Wielaard  <mark@klomp.org>
+
 	* run-copymany-sections.sh: New test.
 	* Makefile.am (TESTS): Add run-copymany-sections.sh.
 	(EXTRA_DIST): Likewise.
diff --git a/tests/Makefile.am b/tests/Makefile.am
index fc7d7bc..d8ebd03 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -155,7 +155,8 @@ TESTS = run-arextract.sh run-arsymtest.sh run-ar.sh newfile test-nlist \
 	run-all-dwarf-ranges.sh run-unit-info.sh \
 	run-reloc-bpf.sh \
 	run-next-cfi.sh run-next-cfi-self.sh \
-	run-copyadd-sections.sh run-copymany-sections.sh
+	run-copyadd-sections.sh run-copymany-sections.sh \
+	run-typeiter-many.sh
 
 if !BIARCH
 export ELFUTILS_DISABLE_BIARCH = 1
@@ -406,7 +407,8 @@ EXTRA_DIST = run-arextract.sh run-arsymtest.sh run-ar.sh \
 	     run-unit-info.sh run-next-cfi.sh run-next-cfi-self.sh \
 	     testfile-riscv64.bz2 testfile-riscv64-s.bz2 \
 	     testfile-riscv64-core.bz2 \
-	     run-copyadd-sections.sh run-copymany-sections.sh
+	     run-copyadd-sections.sh run-copymany-sections.sh \
+	     run-typeiter-many.sh
 
 if USE_VALGRIND
 valgrind_cmd='valgrind -q --leak-check=full --error-exitcode=1'
diff --git a/tests/run-typeiter-many.sh b/tests/run-typeiter-many.sh
new file mode 100755
index 0000000..39168f2
--- /dev/null
+++ b/tests/run-typeiter-many.sh
@@ -0,0 +1,31 @@
+#! /bin/sh
+# Copyright (C) 2018 Red Hat, Inc.
+# This file is part of elfutils.
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# elfutils is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+. $srcdir/test-subr.sh
+
+
+# Like run-typeiter.sh but we first add many sections to make sure
+# dwarf_begin actually recognizes the debug section names.
+testfiles testfile-debug-types
+
+testrun ${abs_builddir}/addsections 65535 testfile-debug-types
+testrun_compare ${abs_builddir}/typeiter2 testfile-debug-types <<\EOF
+ok A [68]
+ok B [38]
+EOF
+
+exit 0
-- 
1.8.3.1

[PATCH 05/10] libelf: Fix shnum and section zero handling.

[Mark Wielaard]

For ELF files with more than SHN_LOWRESERVE sections we always need
section zero to store the section number (it doesn't just fit in the
Ehdr e_shnum field). Make sure to create it if it doesn't exist yet
in elf_getscn. Also fix handling on shnum in updatefile for the mmap
case (we already got this correct for the non-mmap case).

This adds a new test run-copymany-sections.sh which is like
run-copyadd-sections.sh but tries to add two times 65535 sections.
It makes sure libelf can copy the whole file and elfcmp checks they
are the same. It doesn't use mmap for addsections since that doesn't
work yet. ELF_C_RDWR_MMAP needs mremap which will fail since it needs
too much space and the original mmap cannot move.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 libelf/ChangeLog               |  6 +++
 libelf/elf32_updatefile.c      |  2 +-
 libelf/elf_getscn.c            | 33 ++++++++++++++
 tests/ChangeLog                |  6 +++
 tests/Makefile.am              |  4 +-
 tests/run-copymany-sections.sh | 99 ++++++++++++++++++++++++++++++++++++++++++
 6 files changed, 147 insertions(+), 3 deletions(-)
 create mode 100755 tests/run-copymany-sections.sh

diff --git a/libelf/ChangeLog b/libelf/ChangeLog
index 3542122..be37ab6 100644
--- a/libelf/ChangeLog
+++ b/libelf/ChangeLog
@@ -1,3 +1,9 @@
+2018-09-13  Mark Wielaard  <mark@klomp.org>
+
+	* elf32_updatefile.c (updatemmap): Use shnum, not ehdr->e_shnum.
+	* elf_getscn.c (elf_getscn): Create section zero if it is requested,
+	but doesn't exist yet.
+
 2018-09-12  Mark Wielaard  <mark@klomp.org>
 
 	* elf32_updatefile.c (updatemmap): Use memmove, not memcpy.
diff --git a/libelf/elf32_updatefile.c b/libelf/elf32_updatefile.c
index 545ce08..f2e9a28 100644
--- a/libelf/elf32_updatefile.c
+++ b/libelf/elf32_updatefile.c
@@ -236,7 +236,7 @@ __elfw2(LIBELFBITS,updatemmap) (Elf *elf, int change_bo, size_t shnum)
 	}
       char *const shdr_start = ((char *) elf->map_address + elf->start_offset
 				+ ehdr->e_shoff);
-      char *const shdr_end = shdr_start + ehdr->e_shnum * ehdr->e_shentsize;
+      char *const shdr_end = shdr_start + shnum * ehdr->e_shentsize;
 
 #if EV_NUM != 2
       xfct_t shdr_fctp = __elf_xfctstom[__libelf_version - 1][EV_CURRENT - 1][ELFW(ELFCLASS, LIBELFBITS) - 1][ELF_T_SHDR];
diff --git a/libelf/elf_getscn.c b/libelf/elf_getscn.c
index 9f7213b..e1fbaaa 100644
--- a/libelf/elf_getscn.c
+++ b/libelf/elf_getscn.c
@@ -59,6 +59,38 @@ elf_getscn (Elf *elf, size_t idx)
 		       || (offsetof (struct Elf, state.elf32.scns)
 			   == offsetof (struct Elf, state.elf64.scns))
 		       ? &elf->state.elf32.scns : &elf->state.elf64.scns);
+
+  /* Section zero is special.  It always exists even if there is no
+     "first" section.  And it is needed to store "overflow" values
+     from the Elf header.  */
+  if (idx == 0 && runp->cnt == 0 && runp->max > 0)
+    {
+      Elf_Scn *scn0 = &runp->data[0];
+      if (elf->class == ELFCLASS32)
+	{
+	  scn0->shdr.e32 = (Elf32_Shdr *) calloc (1, sizeof (Elf32_Shdr));
+	  if (scn0->shdr.e32 == NULL)
+	    {
+	      __libelf_seterrno (ELF_E_NOMEM);
+	      goto out;
+	    }
+	}
+      else
+	{
+	  scn0->shdr.e64 = (Elf64_Shdr *) calloc (1, sizeof (Elf64_Shdr));
+	  if (scn0->shdr.e64 == NULL)
+	    {
+	      __libelf_seterrno (ELF_E_NOMEM);
+	      goto out;
+	    }
+	}
+      scn0->elf = elf;
+      scn0->shdr_flags = ELF_F_DIRTY | ELF_F_MALLOCED;
+      scn0->list = elf->state.elf.scns_last;
+      scn0->data_read = 1;
+      runp->cnt = 1;
+    }
+
   while (1)
     {
       if (idx < runp->max)
@@ -80,6 +112,7 @@ elf_getscn (Elf *elf, size_t idx)
 	}
     }
 
+ out:
   rwlock_unlock (elf->lock);
 
   return result;
diff --git a/tests/ChangeLog b/tests/ChangeLog
index 5709857..7668a66 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,3 +1,9 @@
+2018-09-13  Mark Wielaard  <mark@klomp.org>
+
+	* run-copymany-sections.sh: New test.
+	* Makefile.am (TESTS): Add run-copymany-sections.sh.
+	(EXTRA_DIST): Likewise.
+
 2018-09-12  Mark Wielaard  <mark@klomp.org>
 
 	* Makefile.am (check_PROGRAMS): Add elfcopy and addsections.
diff --git a/tests/Makefile.am b/tests/Makefile.am
index e0edef0..fc7d7bc 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -155,7 +155,7 @@ TESTS = run-arextract.sh run-arsymtest.sh run-ar.sh newfile test-nlist \
 	run-all-dwarf-ranges.sh run-unit-info.sh \
 	run-reloc-bpf.sh \
 	run-next-cfi.sh run-next-cfi-self.sh \
-	run-copyadd-sections.sh
+	run-copyadd-sections.sh run-copymany-sections.sh
 
 if !BIARCH
 export ELFUTILS_DISABLE_BIARCH = 1
@@ -406,7 +406,7 @@ EXTRA_DIST = run-arextract.sh run-arsymtest.sh run-ar.sh \
 	     run-unit-info.sh run-next-cfi.sh run-next-cfi-self.sh \
 	     testfile-riscv64.bz2 testfile-riscv64-s.bz2 \
 	     testfile-riscv64-core.bz2 \
-	     run-copyadd-sections.sh
+	     run-copyadd-sections.sh run-copymany-sections.sh
 
 if USE_VALGRIND
 valgrind_cmd='valgrind -q --leak-check=full --error-exitcode=1'
diff --git a/tests/run-copymany-sections.sh b/tests/run-copymany-sections.sh
new file mode 100755
index 0000000..84c052c
--- /dev/null
+++ b/tests/run-copymany-sections.sh
@@ -0,0 +1,99 @@
+#! /bin/sh
+# Copyright (C) 2018 Red Hat, Inc.
+# This file is part of elfutils.
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# elfutils is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# Same as run-copyadd-sections.sh, but for many > 0xffff sections.
+# Doesn't use mmap for addsections since that doesn't work.
+# ELF_C_RDWR_MMAP needs mremap which will fail since it needs too 
+# much space and the original mmap cannot move.
+
+. $srcdir/test-subr.sh
+
+test_copy_and_add ()
+{
+  in_file="$1"
+  out_file="${in_file}.copy"
+  out_file_mmap="${out_file}.mmap"
+
+  tempfiles ${out_file} ${out_file_mmap} readelf.out
+
+  # Can we copy the file?
+  testrun ${abs_builddir}/elfcopy ${in_file} ${out_file}
+  testrun ${abs_top_builddir}/src/elfcmp ${in_file} ${out_file}
+
+  # Can we add a section (in-place)?
+  testrun ${abs_builddir}/addsections 65535 ${out_file}
+  testrun ${abs_top_builddir}/src/readelf -S ${out_file} > readelf.out
+  nr=$(grep '.extra' readelf.out | wc -l)
+  # We try twice...
+  if test ${nr} != 65535 -a ${nr} != 131070; then
+    # Show what went wrong
+    testrun ${abs_top_builddir}/src/readelf -S ${out_file}
+    exit 1
+  fi
+
+  # Can we copy the file using ELF_C_WRITE_MMAP?
+  testrun ${abs_builddir}/elfcopy --mmap ${in_file} ${out_file_mmap}
+  testrun ${abs_top_builddir}/src/elfcmp ${in_file} ${out_file_mmap}
+
+  # Don't try to add using mmap (see above)
+}
+
+# A collection of random testfiles to test 32/64bit, little/big endian
+# and non-ET_REL (with phdrs)/ET_REL (without phdrs).
+# Try to add 0xffff sections twice.
+
+# 32bit, big endian, rel
+testfiles testfile29
+test_copy_and_add testfile29
+test_copy_and_add testfile29.copy
+
+# 64bit, big endian, rel
+testfiles testfile23
+test_copy_and_add testfile23
+test_copy_and_add testfile23.copy
+
+# 32bit, little endian, rel
+testfiles testfile9
+test_copy_and_add testfile9
+test_copy_and_add testfile9.copy
+
+# 64bit, little endian, rel
+testfiles testfile38
+test_copy_and_add testfile38
+test_copy_and_add testfile38.copy
+
+# 32bit, big endian, non-rel
+testfiles testfile26
+test_copy_and_add testfile26
+test_copy_and_add testfile26.copy
+
+# 64bit, big endian, non-rel
+testfiles testfile27
+test_copy_and_add testfile27
+test_copy_and_add testfile27.copy
+
+# 32bit, little endian, non-rel
+testfiles testfile
+test_copy_and_add testfile
+test_copy_and_add testfile.copy
+
+# 64bit, little endian, non-rel
+testfiles testfile10
+test_copy_and_add testfile10
+test_copy_and_add testfile10.copy
+
+exit 0
-- 
1.8.3.1

[PATCH 03/10] libebl: Use elf_getshdrstrndx in ebl_section_strip_p.

[Mark Wielaard]

The ebl_section_strip_p function used the Ehdr e_shstrndx field
to get at the name of the (debug) sections. This is not correct
if there are more than SHN_LORESERVE sections. Use elf_getshdrstrndx
to get at the shstrtab section. And drop the Ehdr argument that isn't
necessary anymore.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 libebl/ChangeLog          | 6 ++++++
 libebl/eblsectionstripp.c | 7 +++++--
 libebl/libebl.h           | 2 +-
 src/ChangeLog             | 5 +++++
 src/elfcmp.c              | 4 ++--
 src/strip.c               | 4 ++--
 6 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/libebl/ChangeLog b/libebl/ChangeLog
index 574aae6..d36a268 100644
--- a/libebl/ChangeLog
+++ b/libebl/ChangeLog
@@ -1,5 +1,11 @@
 2018-09-12  Mark Wielaard  <mark@klomp.org>
 
+	* eblsectionstripp.c (ebl_section_strip_p): Drop ehdr argument.
+	Use elf_getshdrstrndx.
+	* libebl.h (ebl_section_strip_p): Drop ehdr argument.
+
+2018-09-12  Mark Wielaard  <mark@klomp.org>
+
 	* ebl-hooks.h (check_special_symbol): Drop ehdr argument.
 	* ebl_check_special_symbol.c (ebl_check_special_symbol): Likewise.
 	* eblopenbackend.c (default_check_special_symbol): Likewise.
diff --git a/libebl/eblsectionstripp.c b/libebl/eblsectionstripp.c
index c6cda63..a5624ff 100644
--- a/libebl/eblsectionstripp.c
+++ b/libebl/eblsectionstripp.c
@@ -35,7 +35,7 @@
 
 
 bool
-ebl_section_strip_p (Ebl *ebl, const GElf_Ehdr *ehdr, const GElf_Shdr *shdr,
+ebl_section_strip_p (Ebl *ebl, const GElf_Shdr *shdr,
 		     const char *name, bool remove_comment,
 		     bool only_remove_debug)
 {
@@ -53,7 +53,10 @@ ebl_section_strip_p (Ebl *ebl, const GElf_Ehdr *ehdr, const GElf_Shdr *shdr,
 	  GElf_Shdr *shdr_l = gelf_getshdr (scn_l, &shdr_mem_l);
 	  if (shdr_l != NULL)
 	    {
-	      const char *s_l = elf_strptr (ebl->elf, ehdr->e_shstrndx,
+	      size_t shstrndx;
+	      if (elf_getshdrstrndx (ebl->elf, &shstrndx) != 0)
+		return false;
+	      const char *s_l = elf_strptr (ebl->elf, shstrndx,
 					    shdr_l->sh_name);
 	      if (s_l != NULL && ebl_debugscn_p (ebl, s_l))
 		return true;
diff --git a/libebl/libebl.h b/libebl/libebl.h
index 0e1f41b..5abc02d 100644
--- a/libebl/libebl.h
+++ b/libebl/libebl.h
@@ -205,7 +205,7 @@ extern bool ebl_none_reloc_p (Ebl *ebl, int reloc);
 extern bool ebl_relative_reloc_p (Ebl *ebl, int reloc);
 
 /* Check whether section should be stripped.  */
-extern bool ebl_section_strip_p (Ebl *ebl, const GElf_Ehdr *ehdr,
+extern bool ebl_section_strip_p (Ebl *ebl,
 				 const GElf_Shdr *shdr, const char *name,
 				 bool remove_comment, bool only_remove_debug);
 
diff --git a/src/ChangeLog b/src/ChangeLog
index a118519..7d046ec 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,5 +1,10 @@
 2018-09-12  Mark Wielaard  <mark@klomp.org>
 
+	* elfcmp.c (main): Call ebl_section_strip_p without ehdr.
+	* strip.c (handle_elf): Likewise.
+
+2018-09-12  Mark Wielaard  <mark@klomp.org>
+
 	* elflint.c (check_symtab): Call ebl_check_special_symbol without
 	ehdr.
 
diff --git a/src/elfcmp.c b/src/elfcmp.c
index b40df8b..b68df68 100644
--- a/src/elfcmp.c
+++ b/src/elfcmp.c
@@ -254,7 +254,7 @@ main (int argc, char *argv[])
 	    sname1 = elf_strptr (elf1, ehdr1->e_shstrndx, shdr1->sh_name);
 	}
       while (scn1 != NULL
-	     && ebl_section_strip_p (ebl1, ehdr1, shdr1, sname1, true, false));
+	     && ebl_section_strip_p (ebl1, shdr1, sname1, true, false));
 
       GElf_Shdr shdr2_mem;
       GElf_Shdr *shdr2;
@@ -267,7 +267,7 @@ main (int argc, char *argv[])
 	    sname2 = elf_strptr (elf2, ehdr2->e_shstrndx, shdr2->sh_name);
 	}
       while (scn2 != NULL
-	     && ebl_section_strip_p (ebl2, ehdr2, shdr2, sname2, true, false));
+	     && ebl_section_strip_p (ebl2, shdr2, sname2, true, false));
 
       if (scn1 == NULL || scn2 == NULL)
 	break;
diff --git a/src/strip.c b/src/strip.c
index 1367de7..dc71236 100644
--- a/src/strip.c
+++ b/src/strip.c
@@ -817,7 +817,7 @@ handle_elf (int fd, Elf *elf, const char *prefix, const char *fname,
     /* Check whether the section can be removed.  Since we will create
        a new .shstrtab assume it will be removed too.  */
     if (remove_shdrs ? !(shdr_info[cnt].shdr.sh_flags & SHF_ALLOC)
-	: (ebl_section_strip_p (ebl, ehdr, &shdr_info[cnt].shdr,
+	: (ebl_section_strip_p (ebl, &shdr_info[cnt].shdr,
 				shdr_info[cnt].name, remove_comment,
 				remove_debug)
 	   || cnt == ehdr->e_shstrndx
@@ -978,7 +978,7 @@ handle_elf (int fd, Elf *elf, const char *prefix, const char *fname,
 			   original table in the debug file.  Unless
 			   it is a redundant data marker to a debug
 			   (data only) section.  */
-			if (! (ebl_section_strip_p (ebl, ehdr,
+			if (! (ebl_section_strip_p (ebl,
 						    &shdr_info[scnidx].shdr,
 						    shdr_info[scnidx].name,
 						    remove_comment,
-- 
1.8.3.1