From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <at@altlinux.ru>
Date: Fri, 15 Sep 2006 02:04:16 +0400
From: Alexey Tourbin <at@altlinux.ru>
To: ALT Devel discussion list <devel@lists.altlinux.org>
Message-ID: <20060914220416.GL17693@localhost.localdomain>
Mail-Followup-To: ALT Devel discussion list <devel@lists.altlinux.org>
References: <450805D6.2070902@altlinux.com>
	<20060913134054.GA8247@basalt.office.altlinux.org>
	<4508149D.2050008@altlinux.com>
	<20060913144456.GA9878@basalt.office.altlinux.org>
	<45081FA2.5020905@altlinux.com>
	<20060913162049.GD10944@basalt.office.altlinux.org>
	<4508ED63.7090501@altlinux.com>
	<20060914122512.GO2188@basalt.office.altlinux.org>
	<20060914190824.GG25214@osdn.org.ua>
	<20060914191144.GA17069@basalt.office.altlinux.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="0yP1TEATOxPughaP"
Content-Disposition: inline
In-Reply-To: <20060914191144.GA17069@basalt.office.altlinux.org>
Subject: Re: [devel] verify-elf
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.9rc1
Precedence: list
Reply-To: ALT Devel discussion list <devel@lists.altlinux.org>
List-Id: ALT Devel discussion list <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Sep 2006 22:04:28 -0000
Archived-At: <http://lore.altlinux.org/devel/20060914220416.GL17693@localhost.localdomain/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>


--0yP1TEATOxPughaP
Content-Type: multipart/mixed; boundary="hbBJ5WP8dkNDDowN"
Content-Disposition: inline


--hbBJ5WP8dkNDDowN
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Sep 14, 2006 at 11:11:44PM +0400, Dmitry V. Levin wrote:
> On Thu, Sep 14, 2006 at 10:08:25PM +0300, Michael Shigorin wrote:
> > On Thu, Sep 14, 2006 at 04:25:12PM +0400, Dmitry V. Levin wrote:
> > > =E1 =D1 =C4=CF=C2=C1=D7=CC=C0 =D0=C1=D2=C1=CD=C5=D4=D2 --inhibit-rpat=
h =D7 =CB=CF=CD=C1=CE=C4=D5 =D7=D9=DA=CF=D7=C1 ld.so.
> >=20
> > =E1 =DC=D4=CF=D4 =C1=CE=D4=C9=CB=CF=CD=C1=D2 =D3=C9=CC=D8=CE=CF =CB=D5=
=D3=C1=C5=D4=D3=D1, =D0=CF =D0=D2=C5=C4=D7=C1=D2=C9=D4=C5=CC=D8=CE=D9=CD =
=CF=C3=C5=CE=CB=C1=CD? :)
>=20
> =E5=D3=CC=C9 =D0=D2=C1=D7=C9=CC=D8=CE=CF =D3=CF=D3=D4=C1=D7=C9=D4=D8 --li=
brary-path, =D4=CF =CE=C5 =CB=D5=D3=C1=C5=D4=D3=D1.
> =ED=CE=C5, =CF=DE=C5=D7=C9=C4=CE=CF, =CE=C5=C4=CF=D3=D4=C1=D4=CF=DE=CE=CF=
 =D0=D2=CF=D3=D4=CF --inhibit-rpath =C4=CF=C2=C1=D7=C9=D4=D8,
> =D0=D2=C9=C4=A3=D4=D3=D1 =C1=C4=C1=D0=D4=C9=D2=CF=D7=C1=D4=D8 =C1=CC=C7=
=CF=D2=C9=D4=CD =D7=D9=DE=C9=D3=CC=C5=CE=C9=D1 --library-path.

=F1 =C5=DD=A3 =C7=CF=C4 =CE=C1=DA=C1=C4 =C7=CF=D7=CF=D2=C9=CC =DE=D4=CF --i=
nhibit-rpath =D0=D2=C9=C4=C5=D4=D3=D1 =C4=C5=CC=C1=D4=D8 =C9 =C4=C1=D6=C5
=C1=CC=C7=CF=D2=C9=D4=CD =D0=D2=C5=C4=CC=C1=C7=C1=CC!

--hbBJ5WP8dkNDDowN
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=verify_elfsym
Content-Transfer-Encoding: quoted-printable

#!/bin/sh -ef

=2E /usr/lib/rpm/functions
[ -z "$RPM_BUILD_ROOT" ] || ValidateBuildRoot

RTLD=3D/lib/ld-linux.so.2
RTLD_libpath=3D/lib:/usr/lib:/usr/X11R6/lib

elf1_libpath()
{
	local elf=3D"$1" libpath=3D"$RTLD_libpath"
	[ -z "$LD_LIBRARY_PATH" ] ||
		libpath=3D"$LD_LIBRARY_PATH:$libpath"
	[ -z "$RPM_FINDPROV_LIB_PATH" ] ||
		libpath=3D"$RPM_FINDPROV_LIB_PATH:$libpath"
	local info=3D rpath=3D
	info=3D"$(objdump -p "$elf")" || return
	rpath=3D"$(echo "$info" |awk '($1=3D=3D"RPATH"){printf "%s:", $2}')"
	[ -z "$rpath" ] ||
		libpath=3D"$rpath$libpath"
	if [ -n "$RPM_BUILD_ROOT" ]; then
		local BR_libpath=3D path=3D IFS=3D:
		for path in $libpath; do
			BR_libpath=3D"$BR_libpath:$RPM_BUILD_ROOT$path"
		done
		libpath=3D"${BR_libpath#:}:$libpath"
	fi
	echo "$libpath"
}

elf1_ldd()
{
	local elf=3D"$1" libpath=3D
	libpath=3D"$(elf1_libpath "$elf")" || return
	LD_TRACE_LOADED_OBJECTS=3D1 LD_WARN=3D1 LD_BIND_NOW=3D1 LD_VERBOSE=3D \
		"$RTLD" --library-path "$libpath" --inhibit-rpath "$elf" "$elf"
}

elf1_undefined_symbols()
{
	local elf=3D"$1" out=3D
	if ! out=3D"$(elf1_ldd "$elf" 2>&1)"; then
		echo "$PROG: $elf: ldd failed:" >&2
		echo "$out" >&2
		return 2
	fi
	if [ -n "$out" -a -z "${out##* not found*}" ]; then
		echo "$PROG: $elf: unresolved dependencies:" >&2
		echo "$out" |grep -F ' not found' >&2
		return 1
	fi
	if [ -n "$out" -a -z "${out##*undefined symbol:*}" ]; then
		echo "$out" |awk '/^undefined symbol:/ {
			gsub("^[(]|[)]$", "", $NF)
			print $3 "\t" $NF }'
	fi
}

elf1_verify_strict()
{
	local elf=3D"$1" err=3D
	err=3D"$(elf1_undefined_symbols "$elf")" || return 2
	[ -n "$err" ] || return 0
	local sym=3D obj=3D
	while IFS=3D$'\t' read -r sym obj; do
		[ "$obj" =3D "$elf" ] &&
			echo "$PROG: $elf: undefined symbol: $sym" >&2 ||
			echo "$PROG: $elf: undefined symbol: $sym ($obj)" >&2
	done <<<"$err"
	return 1
}

elf1_verify_relaxed()
{
	local elf=3D"$1" symtab=3D"$2" err=3D
	err=3D"$(elf1_undefined_symbols "$elf")" || return 2
	[ -n "$err" ] || return 0
	local rc=3D0 sym=3D obj=3D
	while IFS=3D$'\t' read -r sym obj; do
		if [ "$obj" !=3D "$elf" ]; then
			echo "$PROG: $elf: undefined symbol: $sym ($obj)" >&2
			rc=3D1
		elif ! bloom -e "$sym" "$symtab"; then
			echo "$PROG: $elf: undefined symbol: $sym" >&2
			rc=3D1
		fi
	done <<<"$err"
	return $rc
}=09

: ${VERIFY_ELF_SYM:=3Dnormal}
case "$VERIFY_ELF_SYM" in
	strict|normal|relaxed) : ;;
	no|none|skip) exit 0 ;;
	*) Fatal "Unrecognized $PROG method: $VERIFY_ELF_SYM" ;;
esac

rc=3D0 symtab=3D"$1"
shift

for elf; do
	if ! type=3D"$(file -bL "$elf")"; then
		echo "$PROG: $elf: $type" >&2
		rc=3D1
		continue
	fi
	=09
	[ -n "$type" ] || continue
	[ -z "${type##*ELF*dynamic*}" -o -z "${type##*ELF*shared*}" ] || continue

	if [ "$VERIFY_ELF_SYM" =3D strict ]; then
		elf1_verify_strict "$elf" || rc=3D1
	elif [ "$VERIFY_ELF_SYM" =3D relaxed ]; then
		elf1_verify_relaxed "$elf" "$symtab" || rc=3D1
	elif [ -z "${type##*ELF*executable*}" ]; then
		elf1_verify_strict "$elf" || rc=3D1
	elif [ -z "${type##*ELF*shared*}" -a -z "${elf##*/lib/lib*.so*}" ]; then
		elf1_verify_strict "$elf" || rc=3D1
	else
		elf1_verify_relaxed "$elf" "$symtab" || rc=3D1
	fi=09
done
exit $rc

--hbBJ5WP8dkNDDowN--

--0yP1TEATOxPughaP
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFCdHgfBKgtDjnu0YRAs6sAJ9fEp5GRZppG3F0xB9lNJL/hIDe9ACg3L9k
S+6bNhRYn6um+bvbbDxBIyY=
=xfTi
-----END PGP SIGNATURE-----

--0yP1TEATOxPughaP--