Support arm64 type 1026 relocs ##bin

2025-03-02 19:26:43 +00:00 · 2024-03-18 12:39:23 +01:00 · 2024-03-18 12:39:23 +01:00 · 148d9a301f
commit 148d9a301f
parent 453638891d
3 changed files with 81 additions and 8 deletions
--- a/libr/bin/format/elf/elf.c
+++ b/libr/bin/format/elf/elf.c
@ -134,12 +134,10 @@ static bool __is_valid_ident(ut8 *e_ident) {
 }

 static bool init_ehdr(ELFOBJ *eo) {
-	ut8 *e_ident;
 	ut8 ehdr[sizeof (Elf_(Ehdr))] = {0};
-	int i, len;
-
-	e_ident = (ut8*)&eo->ehdr.e_ident;
+	int i;

+	ut8 *e_ident = (ut8*)&eo->ehdr.e_ident;
 	if (r_buf_read_at (eo->b, 0, e_ident, EI_NIDENT) != EI_NIDENT) {
 		R_LOG_DEBUG ("read (magic)");
 		return false;
@ -151,7 +149,7 @@ static bool init_ehdr(ELFOBJ *eo) {

 	eo->endian = (e_ident[EI_DATA] == ELFDATA2MSB)? 1: 0;

-	len = r_buf_read_at (eo->b, 0, ehdr, sizeof (ehdr));
+	int len = r_buf_read_at (eo->b, 0, ehdr, sizeof (ehdr));
 	if (len < 32) { // tinyelf != sizeof (Elf_(Ehdr))) {
 		R_LOG_DEBUG ("read (ehdr)");
 		return false;
@ -244,7 +242,6 @@ static bool read_phdr(ELFOBJ *eo) {
 				break;
 			}
 		}
-
 		if (!load_header_found) {
 			const ut64 load_addr = Elf_(get_baddr) (eo);
 			eo->ehdr.e_phoff = Elf_(v2p) (eo, load_addr + eo->ehdr.e_phoff);
@ -5179,6 +5176,18 @@ typedef struct {
 	ut64 plt_va;
 } GotPltBounds;

+static bool is_important(RBinElfReloc *reloc) {
+	switch (reloc->type) {
+	case 21:
+	case 22:
+	case 1026:
+		return true;
+	}
+
+	R_LOG_DEBUG ("Reloc type %d not used for imports", reloc->type);
+	return false;
+}
+
 static bool reloc_fill_local_address(ELFOBJ *eo) {
 	RBinElfReloc *reloc;
 	GotPltBounds ri = {0};
@ -5225,8 +5234,7 @@ static bool reloc_fill_local_address(ELFOBJ *eo) {
 		r_buf_read_at (eo->b, rvaddr, (ut8*)&n32, 4);
 		pltptr = n32;
 #endif
-		bool ismagic = (reloc->type == 21 || reloc->type == 22);
-		// if (pltptr && pltptr != -1 && ismagic) {
+		bool ismagic = is_important (reloc);
 		if (ismagic) {
 			// text goes after the plt. so its possible that some symbols are pointed locally, thats all lsym is about
 			if (pltptr > baddr) {
@ -5246,6 +5254,9 @@ static bool reloc_fill_local_address(ELFOBJ *eo) {
 #endif
 				// TODO: if (reloc->type == 22) { // on arm!  // extra check of bounds
 				ut64 naddr = baddr + pltptr + (index * 12) + 0x20;
+				if (reloc->type == 1026) {
+					naddr = baddr + pltptr + (index * 16) + 64 - 16;
+				}
 				if (naddr != UT64_MAX) {
 					// this thing registers an 'rsym.${importname}' as a flag when loading the relocs from core/cbin.c
 					reloc->laddr = naddr;
--- a/test/db/cmd/cmd_ie
+++ b/test/db/cmd/cmd_ie
@ -112,6 +112,10 @@ EOF
 EXPECT_ERR=<<EOF
 DEBUG: RCoreCmd: =!
 DEBUG: Dynamic tag 16 not handled
+DEBUG: Reloc type 23 not used for imports
+DEBUG: Reloc type 23 not used for imports
+DEBUG: Reloc type 23 not used for imports
+DEBUG: Reloc type 23 not used for imports
 DEBUG: bin object have no information
 DEBUG: add dt.dyn.entry tag=3 value=0x0002fde8
 DEBUG: add dt.dyn.entry tag=2 value=0x00000188
--- a/test/db/formats/elf/reloc-arm64
+++ b/test/db/formats/elf/reloc-arm64
@ -0,0 +1,58 @@
+NAME=arm64 relocs for android
+FILE=bins/elf/libtool-checker.so
+CMDS=<<EOF
+s..ad4
+af
+pds
+?e imports
+ii
+?e relocs
+ir
+EOF
+EXPECT=<<EOF
+0x00000ae0 arg1
+0x00000ae4 arg2
+0x00000ae8 arg3
+0x00000aec arg1
+0x00000af8 bl rsym._ZN7_JNIEnv14GetArrayLengthEP7_jarray
+0x00000b24 bl rsym._ZN7_JNIEnv21GetObjectArrayElementEP13_jobjectArrayi
+0x00000b3c bl rsym._ZN7_JNIEnv17GetStringUTFCharsEP8_jstringPh
+0x00000b48 bl rsym._Z6existsPKc
+0x00000b64 bl rsym._ZN7_JNIEnv21ReleaseStringUTFCharsEP8_jstringPKc
+;-- _JNIEnv::GetArrayLength(_jarray*):
+0x00000b98 _JNIEnv::GetArrayLength(_jarray*)
+;-- _JNIEnv::GetObjectArrayElement(_jobjectArray*, int):
+0x00000bd0 _JNIEnv::GetObjectArrayElement(_jobjectArray*, int)
+imports
+[Imports]
+nth vaddr      bind   type lib name
+-----------------------------------
+3   0x000008f0 GLOBAL FUNC     __cxa_finalize
+4   0x00000920 GLOBAL FUNC     fclose
+5   0x00000940 GLOBAL FUNC     __android_log_print
+6   0x00000970 GLOBAL FUNC     fopen
+7   0x00000980 GLOBAL FUNC     __cxa_atexit
+
+relocs
+[Relocations]
+
+vaddr      paddr      type   name
+---------------------------------
+0x00002d78 0x00001d78 ADD_64  0x000009a0
+0x00002d80 0x00001d80 ADD_64  0x00000990
+0x00002d88 0x00001d88 ADD_64  0x00002d88
+0x00002fa8 0x00001fa8 SET_64 __cxa_finalize
+0x00002fb0 0x00001fb0 SET_64 exists(char const*)
+0x00002fb8 0x00001fb8 SET_64 _JNIEnv::GetObjectArrayElement(_jobjectArray*, int)
+0x00002fc0 0x00001fc0 SET_64 fclose
+0x00002fc8 0x00001fc8 SET_64 _JNIEnv::GetStringUTFChars(_jstring*, unsigned char*)
+0x00002fd0 0x00001fd0 SET_64 __android_log_print
+0x00002fd8 0x00001fd8 SET_64 _JNIEnv::GetArrayLength(_jarray*)
+0x00002fe0 0x00001fe0 SET_64 _JNIEnv::ReleaseStringUTFChars(_jstring*, char const*)
+0x00002fe8 0x00001fe8 SET_64 fopen
+0x00002ff0 0x00001ff0 SET_64 __cxa_atexit
+
+
+13 relocations
+EOF
+RUN