On Sat, Jul 20, 2019 at 12:23:08AM +0300, Dmitry V. Levin wrote: > On Fri, Jul 19, 2019 at 11:00:49PM +0200, Florian Weimer wrote: > > * Dmitry V. Levin: > > > > >> So, I don't think the code is wrong. We might want to tweak the comment > > >> a bit though, to make it less definitive? > > > > > > What I'm saying is that has_soname is just a hint which is probably even > > > less reliable than has_program_interpreter. > > > > If I recall correctly, I added the soname check to classify > > /lib64/libc.so.6 as a library, not an executable. So it didn't come > > completely out of nowhere. > > Well, /lib64/libc.so.6 is not just a library, it's also a valid executable. > > If the ELF type is ET_DYN and the object is not marked as DF_1_PIE, > could we come up with a more reliable heuristics than DT_SONAME and PT_INTERP?
Why do you feel it is unreliable? Do you have any examples of files misidentified? I tested a bit and --shared seems to correctly indentify all shared libraries. I did add --program as a counterpart to --executable if you really want to identify such "libraries" as programs. But in general it looks like --shared and --executable come up with the correct classification. The only two examples I could find were the glibc and Qt binaries which have "dual use" library/executables. And I believe --shared corrrectly identifies them as primarily shared libraries. Cheers, Mark
