|
From: | Egeyar Bagcioglu |
Subject: | Re: readelf reporting of e_shstrndx is slightly wrong |
Date: | Tue, 21 Aug 2018 18:34:22 +0200 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 |
Hi, On 08/21/2018 05:31 PM, Nick Clifton wrote:
if (filedata->section_headers != NULL && header->e_shstrndx == (SHN_XINDEX & 0xffff)) printf (" (%u)", filedata->section_headers[0].sh_link); else if (header->e_shstrndx != SHN_UNDEF && header->e_shstrndx >= header->e_shnum) printf (_(" <corrupt: out of range>"));[...]Note - the use if "& 0xffff" in the above code is confusing, and looks surplus to me, but I do not think that it makes any difference to the behaviour.
I haven't checked the location of this quoted code; however, the use of "& 0xffff" is probably due to a clever hack made internally:
Elf[32|64]_External_Ehdr in include/elf/external.h declares e_shstrndx as 2 bytes, while Elf_Internal_Ehdr in include/elf/internal.h declares it as 4 bytes because we would like to be able to keep the overflowing values within the same variable without extra checks.
We would like to be able to store values that are reserved or higher than 0xffff as valid indices internally in the 4-byte e_shstrndx. Therefore, some constants including SHN_XINDEX are re-defined in elf/internal.h as 4 byte values. These redefinitions hold the new bounds on such indices. Because of this internal simplification, though, we need to use "& 0xffff" to get the 2-byte value that's used when reading values in or outputting them.
Regards, Egeyar
[Prev in Thread] | Current Thread | [Next in Thread] |