https://sourceware.org/bugzilla/show_bug.cgi?id=33683
Bug ID: 33683
Summary: readelf should warn when PT_INTERP value is not
NUL-terminated
Product: binutils
Version: unspecified
Status: UNCONFIRMED
Severity: enhancement
Priority: P2
Component: binutils
Assignee: unassigned at sourceware dot org
Reporter: alex at nytpu dot com
Target Milestone: ---
When readelf encounters a PT_INTERP program segment, it'll conveniently display
its value, like "[Requesting program interpreter:
/lib64/ld-linux-x86-64.so.2]". If this value contains control characters it'll
even nicely convert them to printable form to make it clear there's
non-printing characters embedded (the `printable_string()` function in
readelf.c).
However, it helpfully (or just incidentally? Since printable_string() doesn't
handle embedded NULs) will elide when the PT_INTERP value is NUL-terminated,
which is probably the correct thing to do since that's how all functional
dynamically linked ELFs will be formatted. But, if the PT_INTERP value is
*not* NUL-terminated, it just silently adds a NUL to the end without any
indication that the value is missing it.[1]
This makes it very hard to debug if an ELF is missing a NUL because readelf
will succesfully read and print the value identically to a functional
dynamically linked executable; but then Linux (and presumably other OS' ELF
loaders) will reject the executable with ENOEXEC.[2] It seems to me that it
would be preferable if there was a warning when the value isn't already
NUL-terminated when reading.
I can submit a patch since it's a pretty trivial change, but figured I'd file a
bug report first since it'd be a change in output behavior. Plus I'm not sure
of the policy regarding translations when new strings are added.
[1]:
https://sourceware.org/git/?p=binutils-gdb.git;a=blob;f=binutils/readelf.c;h=425b7b78653a9b8789789a9de66df52f2daab4af;hb=HEAD#l7687
[2]: https://elixir.bootlin.com/linux/v6.17.8/source/fs/binfmt_elf.c#L887-L890
--
You are receiving this mail because:
You are on the CC list for the bug.
