On Fri, Jul 19, 2019 at 04:21:53PM +0200, Mark wrote:
> On Fri, 2019-07-19 at 16:43 +0300, Dmitry V. Levin wrote:
> > On Fri, Jul 19, 2019 at 02:47:09PM +0200, Mark Wielaard wrote:
> > [...]
> > > +static bool
> > > +is_shared (void)
> > > +{
> > > + if (!is_loadable ())
> > > + return false;
> > > +
> > > + /* The ELF type is very clear: this is an executable. */
> > > + if (elf_type == ET_EXEC)
> > > + return false;
> > > +
> > > + /* If the object is marked as PIE, it is definitely an
> > > executable,
> > > + and not a loadlable shared object. */
> > > + if (has_pie_flag)
> > > + return false;
> > > +
> > > + /* Treat a DT_SONAME tag as a strong indicator that this is a
> > > shared
> > > + object. */
> > > + if (has_soname)
> > > + return true;
> >
> > I'm not sure DT_SONAME is a reliable indicator.
> >
> > I've seen many cases of DT_SONAME being erroneously applied to
> > non-libraries, e.g. lib.so was used as soname in openjdk executables.
>
> I didn't know. Is this really common?I don't think it is very common, but the mistake is very easy to make (-Wl,-soname,lib.so) and it doesn't really break anything. Apparently, some projects apply the same linker flags that add DT_SONAME to all generated files. > I did find one java binary on my system that indeed has this problem. > $ eu-readelf -d /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.212.b04- > 0.el7_6.x86_64/jre/bin/policytool > > Dynamic segment contains 39 entries: > Addr: 0x0000000000600d88 Offset: 0x000d88 Link to section: [ 7] > '.dynstr' > Type Value > NEEDED Shared library: [libpthread.so.0] > NEEDED Shared library: [libz.so.1] > NEEDED Shared library: [libX11.so.6] > NEEDED Shared library: [libjli.so] > NEEDED Shared library: [libdl.so.2] > NEEDED Shared library: [libc.so.6] > SONAME Library soname: [lib.so] > RPATH Library rpath: > [$ORIGIN/../lib/amd64/jli:$ORIGIN/../lib/amd64] > [...] > > But even so eu-elfclassify still doesn't treat it as a shared library, > because: > $ eu-elfclassify -v --shared policytool; echo $? > info: policytool: ELF kind: ELF_K_ELF (0x3) > info: policytool: ELF type: ET_EXEC (0x2) > info: policytool: PT_LOAD found > info: policytool: allocated PROGBITS section found > info: policytool: program interpreter found > info: policytool: dynamic segment found > info: policytool: soname found > info: policytool: DT_DEBUG found > 1 > > So other characteristics like it being ET_EXEC mark it as an > executable. And I assume if it was PIE (ET_DYN) the PIE DT_FLAGS would > have caught it. Yes, the checks above has_soname are much more definitive. > So, I don't think the code is wrong. We might want to tweak the comment > a bit though, to make it less definitive? What I'm saying is that has_soname is just a hint which is probably even less reliable than has_program_interpreter. -- ldv
signature.asc
Description: PGP signature
