From 6e541a432fd282db1301c3ca4b590d607a145dd1 Mon Sep 17 00:00:00 2001 From: John Reiser Date: Sat, 27 May 2017 19:54:12 -0700 Subject: [PATCH] amd64-linux: DF_1_PIE marks a main program; stub juggles AT_PHDR for same https://github.com/upx/upx/issues/105 modified: p_elf_enum.h modified: p_lx_elf.cpp modified: stub/src/amd64-linux.elf-main.c modified: ../.github/travis_testsuite_1.sh modified: stub/amd64-linux.elf-fold.h modified: stub/tmp/amd64-linux.elf-fold.map --- .github/travis_testsuite_1.sh | 14 +++---- src/p_elf_enum.h | 5 +++ src/p_lx_elf.cpp | 6 ++- src/stub/amd64-linux.elf-fold.h | 60 ++++++++++++++------------- src/stub/src/amd64-linux.elf-main.c | 4 ++ src/stub/tmp/amd64-linux.elf-fold.map | 17 ++++---- 6 files changed, 61 insertions(+), 45 deletions(-) diff --git a/.github/travis_testsuite_1.sh b/.github/travis_testsuite_1.sh index e629bbbb..2e962a0a 100644 --- a/.github/travis_testsuite_1.sh +++ b/.github/travis_testsuite_1.sh @@ -149,7 +149,7 @@ c3f44b4d00a87384c03a6f9e7aec809c1addfe3e271244d38a474f296603088c *mipsel-linux.e b8c35fa2956da17ca505956e9f5017bb5f3a746322647e24ccb8ff28059cafa4 *powerpc-linux.elf/upx-3.91 " expected_sha256sums__t110_compress_ucl_nrv2b_3_no_filter="\ -6942ac04e600534dbe0ff6dc2ac6500c90b43e81f3bce9519d3fb5c673aa8b12 *amd64-linux.elf/upx-3.91 +ed0b9bbaed6a4ce6d30703b22d67e86c0b99f21e2b0a9e5bca49ec80c5d6cc1c *amd64-linux.elf/upx-3.91 c1a6ef9d0b8a26f1d6e3307af6f119bc95411a54421c7da3bd6ade9c4eead187 *arm-wince.pe/upx-3.91.exe fe0a8ab1511f7688a6a17e26c2e0e6bae6501858054a1b7ff9c0a4b227b241fb *armeb-linux.elf/upx-3.91 7d5f0fd6f18e4cd16655ef58805f228bcaddd5b035ce998faed446e290aea3d9 *i386-dos32.djgpp2.coff/upx-3.91.exe @@ -160,7 +160,7 @@ c4c8b912a48bcaaef72fd94cd0c307659a03be2ec359bf01a42a2a39307dd964 *m68k-atari.tos a36d48e011679701719bcedb38a2b7eff952462c4267ba74e1c94b3dc598cd8d *powerpc-linux.elf/upx-3.91 " expected_sha256sums__t120_compress_ucl_nrv2d_3_no_filter="\ -29b7231b54c615135c38da8177af2fc46fedc7c45a0db52b2a9d5adb0357158b *amd64-linux.elf/upx-3.91 +c7ca0bb52be14a2ef4d0678c87b0403c57bcfd88bb0d7526a6033f82ae48a872 *amd64-linux.elf/upx-3.91 2bb2477bdf4643954b4bb707b1017459238b03f66883303cd20e9e8740764dd7 *arm-wince.pe/upx-3.91.exe d4aaa93b000f543cae1e55a7215733ac165044a77d1f23b3e2ab721c6fb88c73 *armeb-linux.elf/upx-3.91 c52473f5dbdac560c05d5d173e5342b5e696e604517359baef581672eb25a9e6 *i386-dos32.djgpp2.coff/upx-3.91.exe @@ -171,7 +171,7 @@ ef94d8b0e02a650c302bec9f2d50462f2accc2fbb8003cc4977bc550d2e5b9f2 *m68k-atari.tos 55af078ff5705f5045bb00bf95e8de7852c055b5c79cb0ac54278cbe2c23daab *powerpc-linux.elf/upx-3.91 " expected_sha256sums__t130_compress_ucl_nrv2e_3_no_filter="\ -f568767384b8400c48bb100c773f18ca9e7ad94903d1b5d365d6a546f4a7a0d1 *amd64-linux.elf/upx-3.91 +f4cfe6171e6fba57ce4ef973c8ef2e8845365011c58389c141f350f622dcef6a *amd64-linux.elf/upx-3.91 0915344e0ee8e7c006e6cce71c024f518e097a88820c7ab3ca183ab1c614ce82 *arm-wince.pe/upx-3.91.exe fe74cdd66123f91fa08b6deb404acd9a210acdf83b77787c6273b663aa692984 *armeb-linux.elf/upx-3.91 5c5ff78652e76834f3f9ab110c42e3a34ef54c748bce212b0e942049f43f5d4d *i386-dos32.djgpp2.coff/upx-3.91.exe @@ -182,7 +182,7 @@ dfc6abff2d3417b9708b1232d5791a9232c6623dcedb9dcb59428b67bbf864e9 *m68k-atari.tos 0c53e1966bea6241e9bc73b2ec2447786761a7bc3c01e83f54f2cd865d46740e *powerpc-linux.elf/upx-3.91 " expected_sha256sums__t140_compress_lzma_2_no_filter="\ -d6a6423a4e1f9f2679cd707bfcb04973bc06ddfd2ca89a07c69525e5655bf934 *amd64-linux.elf/upx-3.91 +597327640cf35b35f68dfe508a26d487d5c13905488fe59ba472ce5a61d5a636 *amd64-linux.elf/upx-3.91 3af2a2346a252dfacefb6209725907b2947dc1ccf5e99af139608354f852507c *arm-wince.pe/upx-3.91.exe 2bb08aee9fafcbf50f36a3bbd723770982a4240fcf9da28b6a6ae6717179880d *armeb-linux.elf/upx-3.91 964fb400b0b4a2b1926ce7076610db8c3a8e41807fe030209af1615d43b6a020 *i386-dos32.djgpp2.coff/upx-3.91.exe @@ -193,7 +193,7 @@ d6a6423a4e1f9f2679cd707bfcb04973bc06ddfd2ca89a07c69525e5655bf934 *amd64-linux.el 1954922943d62632054e1cd2f4aa06a7cc2b650d6ca7773e980517970a05bc8a *powerpc-linux.elf/upx-3.91 " expected_sha256sums__t150_compress_ucl_2_all_filters="\ -824e1ecdd822dbe41fc413a25eac0a4edd2b2f0b7b158f3cc8f51882f12b22c4 *amd64-linux.elf/upx-3.91 +43216e0d7f739231ec979425433caa8cc6aa5cdc2a8bc5c5a0de90d660dbefe8 *amd64-linux.elf/upx-3.91 dc7323e753ce62e6a1c22112f139953dbaa1e5268530479f8ad48e0c54062295 *arm-wince.pe/upx-3.91.exe df7c73c516b9a7ced0d0fdccbed203f69f8b5b30dc71ea75cec5519969d8af57 *armeb-linux.elf/upx-3.91 8614d93ba30def6866b3be92ae5bdd5f294266e0fc4a26c078682917f127656d *i386-dos32.djgpp2.coff/upx-3.91.exe @@ -204,7 +204,7 @@ e9b8549f89762a015c388ae6dab51531c9bf18a49ba497b52eff6aa4238f14e9 *mipsel-linux.e f8e40dbc146e78dc93d4adc0588be6f80731689e42edc041a87a460a116ad0ce *powerpc-linux.elf/upx-3.91 " expected_sha256sums__t160_compress_all_methods_1_no_filter="\ -678df9732640d9980a0bffb766c9ac46d0d466a74983b49c43908273bf462592 *amd64-linux.elf/upx-3.91 +a055c9b328a20e9c55343b5f9b7ce66c348ab6efcfc535668b6b7abe01feb84e *amd64-linux.elf/upx-3.91 1c9c618741739404f40d198d2fc77010539589379bf260502af9f10f1ec0d05b *arm-wince.pe/upx-3.91.exe 839c33b909f1ac37ae327d7fc506080e5e12cc90ee71c2a56557125d2e82bd54 *armeb-linux.elf/upx-3.91 863bbf7f3cf41296987b085a4db8acba372e3d65d8d9c656f9a7276f2e7aa4d3 *i386-dos32.djgpp2.coff/upx-3.91.exe @@ -215,7 +215,7 @@ expected_sha256sums__t160_compress_all_methods_1_no_filter="\ 273fc6fc76a639b4314cb4fd3739e487220d8e193c79297fc795e5e275c723fe *powerpc-linux.elf/upx-3.91 " expected_sha256sums__t170_compress_all_methods_no_lzma_5_no_filter="\ -bd0e43c0052927086cd0d1247fe438a3548fec983d4e5b0e1e9f3f44475ad3a6 *amd64-linux.elf/upx-3.91 +083d72838aabcb24deed72388dcdef2844af854c6ae790dd4373f6a391af6265 *amd64-linux.elf/upx-3.91 66653a91c355a1ad1ab7b07c6c20b2d2899d0f42078683d0f4d540df476b1afb *arm-wince.pe/upx-3.91.exe 3506bc7fdb1cceaee443b944d0236253bae8c9f5e63397a29026ce8e4e258089 *armeb-linux.elf/upx-3.91 490a196fbba4a8f21bfb9ac2a3b92a6dc7e287f255a3ab987f7d29d5a75d8db4 *i386-dos32.djgpp2.coff/upx-3.91.exe diff --git a/src/p_elf_enum.h b/src/p_elf_enum.h index f86675ae..0d43de97 100644 --- a/src/p_elf_enum.h +++ b/src/p_elf_enum.h @@ -162,9 +162,14 @@ DT_CHECKSUM = 0x6ffffdf8, /* Only for prelink? */ DT_GNU_HASH = 0x6ffffef5, /* GNU-style hash table */ DT_VERSYM = 0x6ffffff0, /* version[] for each symbol */ + DT_FLAGS_1 = 0x6ffffffb, /* DF_1_* */ DT_VERDEF = 0x6ffffffc, /* version definitions[] */ DT_VERNEEDED= 0x6ffffffe /* version[] needed */ }; + enum { // DT_FLAGS_1 + DF_1_NOW = 0x00000001, /* Set RTLD_NOW for this object. */ + DF_1_PIE = 0x08000000 // Position-Independent Executable (main program) + }; #endif diff --git a/src/p_lx_elf.cpp b/src/p_lx_elf.cpp index cd5dce1a..58e746b2 100644 --- a/src/p_lx_elf.cpp +++ b/src/p_lx_elf.cpp @@ -1949,7 +1949,7 @@ PackLinuxElf64amd::canPack() // Otherwise (no __libc_start_main as global undefined): skip it. // Also allow __uClibc_main and __uClibc_start_main . - if (Elf32_Ehdr::ET_DYN==get_te16(&ehdr->e_type)) { + if (Elf64_Ehdr::ET_DYN==get_te16(&ehdr->e_type)) { // The DT_SYMTAB has no designated length. Read the whole file. alloc_file_image(file_image, file_size); fi->seek(0, SEEK_SET); @@ -1983,6 +1983,10 @@ PackLinuxElf64amd::canPack() rela= (Elf64_Rela const *)elf_find_dynamic(Elf64_Dyn::DT_RELA); Elf64_Rela const * jmprela= (Elf64_Rela const *)elf_find_dynamic(Elf64_Dyn::DT_JMPREL); + + if (Elf64_Dyn::DF_1_PIE & elf_unsigned_dynamic(Elf64_Dyn::DT_FLAGS_1)) { + goto proceed; // marked as main program + } for ( int sz = elf_unsigned_dynamic(Elf64_Dyn::DT_PLTRELSZ); 0 < sz; (sz -= sizeof(Elf64_Rela)), ++jmprela diff --git a/src/stub/amd64-linux.elf-fold.h b/src/stub/amd64-linux.elf-fold.h index 10d9784f..8b21bbab 100644 --- a/src/stub/amd64-linux.elf-fold.h +++ b/src/stub/amd64-linux.elf-fold.h @@ -1,5 +1,5 @@ /* amd64-linux.elf-fold.h - created from amd64-linux.elf-fold.bin, 1872 (0x750) bytes + created from amd64-linux.elf-fold.bin, 1901 (0x76d) bytes This file is part of the UPX executable compressor. @@ -31,20 +31,20 @@ */ -#define STUB_AMD64_LINUX_ELF_FOLD_SIZE 1872 -#define STUB_AMD64_LINUX_ELF_FOLD_ADLER32 0x40f8c9fd -#define STUB_AMD64_LINUX_ELF_FOLD_CRC32 0xa53313c8 +#define STUB_AMD64_LINUX_ELF_FOLD_SIZE 1901 +#define STUB_AMD64_LINUX_ELF_FOLD_ADLER32 0x9209d80d +#define STUB_AMD64_LINUX_ELF_FOLD_CRC32 0x11d99f52 -unsigned char stub_amd64_linux_elf_fold[1872] = { +unsigned char stub_amd64_linux_elf_fold[1901] = { /* 0x0000 */ 127, 69, 76, 70, 2, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x0010 */ 2, 0, 62, 0, 1, 0, 0, 0,188, 0, 16, 0, 0, 0, 0, 0, /* 0x0020 */ 64, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x0030 */ 0, 0, 0, 0, 64, 0, 56, 0, 2, 0, 0, 0, 0, 0, 0, 0, /* 0x0040 */ 1, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x0050 */ 0, 0, 16, 0, 0, 0, 0, 0, 0, 0, 16, 0, 0, 0, 0, 0, -/* 0x0060 */ 80, 7, 0, 0, 0, 0, 0, 0, 80, 7, 0, 0, 0, 0, 0, 0, +/* 0x0060 */ 109, 7, 0, 0, 0, 0, 0, 0,112, 7, 0, 0, 0, 0, 0, 0, /* 0x0070 */ 0, 0, 16, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, -/* 0x0080 */ 80, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +/* 0x0080 */ 109, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x0090 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x00a0 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 16, 0, 0, 0, 0, 0, /* 0x00b0 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,232, 89, 0, 0, @@ -131,26 +131,28 @@ unsigned char stub_amd64_linux_elf_fold[1872] = { /* 0x05c0 */ 0, 0, 0,116, 16, 72,139, 68, 36, 24, 72,139,148, 36,160, 0, /* 0x05d0 */ 0, 0, 72,137, 2, 73,139, 87, 24, 72, 1, 84, 36, 24, 72,139, /* 0x05e0 */ 68, 36, 24, 72,131,196,104, 91, 93, 65, 92, 65, 93, 65, 94, 65, -/* 0x05f0 */ 95,195, 65, 87, 69, 49,255, 65, 86, 73,137,206, 49,201, 65, 85, -/* 0x0600 */ 76,141,106, 64, 65, 84, 77,137,204, 85, 72,137,213, 83, 76,137, -/* 0x0610 */ 195, 72,131,236, 56,139, 7, 72,137, 52, 36, 72,137,116, 36, 16, -/* 0x0620 */ 72,141,116, 36, 32, 72,137, 84, 36, 40, 72,137,124, 36, 8, 76, -/* 0x0630 */ 137,194, 72,137,124, 36, 24, 72,137,231, 72,137, 68, 36, 32,232, -/* 0x0640 */ 212,251,255,255, 73,139, 85, 16,190, 3, 0, 0, 0, 76,137,247, -/* 0x0650 */ 72,131,194, 64,232,204,252,255,255, 72, 15,183, 85, 56,190, 5, -/* 0x0660 */ 0, 0, 0, 76,137,247,232,186,252,255,255, 65, 83, 77,137,225, -/* 0x0670 */ 49,210, 73,137,216, 76,137,241, 72,137,239, 72,141, 68, 36,120, -/* 0x0680 */ 72,141,116, 36, 24, 80,232,204,252,255,255,190, 9, 0, 0, 0, -/* 0x0690 */ 72,137,194, 76,137,247, 73,137,196,232,135,252,255,255,102,131, -/* 0x06a0 */ 125, 56, 0, 65, 89, 65, 90, 15,132,145, 0, 0, 0, 65,131,125, -/* 0x06b0 */ 0, 3,117,118, 72,139,124, 36,112, 73, 3,125, 16, 49,210, 49, -/* 0x06c0 */ 246,232, 11,251,255,255,133,192,137,195,120, 23,186, 0, 4, 0, -/* 0x06d0 */ 0, 72,137,238,137,199,232,242,250,255,255, 72, 61, 0, 4, 0, -/* 0x06e0 */ 0,116, 10,191,127, 0, 0, 0,232,236,250,255,255, 65, 80, 69, -/* 0x06f0 */ 49,201, 69, 49,192, 49,201,137,218, 72,141, 68, 36,120, 49,246, -/* 0x0700 */ 72,137,239, 80,232, 78,252,255,255, 72,139,148, 36,128, 0, 0, -/* 0x0710 */ 0,190, 7, 0, 0, 0, 76,137,247, 73,137,196,232, 4,252,255, -/* 0x0720 */ 255,137,223,232,173,250,255,255, 94, 95, 15,183, 69, 56, 65,255, -/* 0x0730 */ 199, 73,131,197, 56, 65, 57,199, 15,140,111,255,255,255, 72,131, -/* 0x0740 */ 196, 56, 76,137,224, 91, 93, 65, 92, 65, 93, 65, 94, 65, 95,195 +/* 0x05f0 */ 95,195, 65, 87, 65, 86, 73,137,206, 49,201, 65, 85, 76,141,106, +/* 0x0600 */ 64, 65, 84, 77,137,204, 85, 72,137,213, 83, 76,137,195, 72,131, +/* 0x0610 */ 236, 56,139, 7, 72,137, 52, 36, 72,137,116, 36, 16, 72,141,116, +/* 0x0620 */ 36, 32, 72,137, 84, 36, 40, 72,137,124, 36, 8, 76,137,194, 72, +/* 0x0630 */ 137,124, 36, 24, 72,137,231, 72,137, 68, 36, 32,232,215,251,255, +/* 0x0640 */ 255, 73,139, 85, 16,190, 3, 0, 0, 0, 76,137,247, 72,131,194, +/* 0x0650 */ 64,232,207,252,255,255, 72, 15,183, 85, 56,190, 5, 0, 0, 0, +/* 0x0660 */ 76,137,247,232,189,252,255,255, 65, 83, 77,137,225, 49,210, 73, +/* 0x0670 */ 137,216, 76,137,241, 72,137,239, 72,141, 68, 36,120, 72,141,116, +/* 0x0680 */ 36, 24, 80,232,207,252,255,255, 73,131,125, 16, 0, 73,137,196, +/* 0x0690 */ 65, 89, 65, 90,117, 22, 72,139, 84, 36,112,190, 3, 0, 0, 0, +/* 0x06a0 */ 76,137,247, 72,131,194, 64,232,121,252,255,255, 76,137,226,190, +/* 0x06b0 */ 9, 0, 0, 0, 76,137,247,232,105,252,255,255, 69, 49,255,102, +/* 0x06c0 */ 131,125, 56, 0, 15,132,145, 0, 0, 0, 65,131,125, 0, 3,117, +/* 0x06d0 */ 118, 72,139,124, 36,112, 73, 3,125, 16, 49,210, 49,246,232,238, +/* 0x06e0 */ 250,255,255,133,192,137,195,120, 23,186, 0, 4, 0, 0, 72,137, +/* 0x06f0 */ 238,137,199,232,213,250,255,255, 72, 61, 0, 4, 0, 0,116, 10, +/* 0x0700 */ 191,127, 0, 0, 0,232,207,250,255,255, 65, 80, 69, 49,201, 69, +/* 0x0710 */ 49,192, 49,201,137,218, 72,141, 68, 36,120, 49,246, 72,137,239, +/* 0x0720 */ 80,232, 49,252,255,255, 72,139,148, 36,128, 0, 0, 0,190, 7, +/* 0x0730 */ 0, 0, 0, 76,137,247, 73,137,196,232,231,251,255,255,137,223, +/* 0x0740 */ 232,144,250,255,255, 94, 95, 15,183, 69, 56, 65,255,199, 73,131, +/* 0x0750 */ 197, 56, 65, 57,199, 15,140,111,255,255,255, 72,131,196, 56, 76, +/* 0x0760 */ 137,224, 91, 93, 65, 92, 65, 93, 65, 94, 65, 95,195 }; diff --git a/src/stub/src/amd64-linux.elf-main.c b/src/stub/src/amd64-linux.elf-main.c index 6efeba93..5c037e0d 100644 --- a/src/stub/src/amd64-linux.elf-main.c +++ b/src/stub/src/amd64-linux.elf-main.c @@ -344,6 +344,10 @@ upx_main( // returns entry address //auxv_up(av, AT_PAGESZ, PAGE_SIZE); /* ld-linux.so.2 does not need this */ entry = do_xmap(ehdr, &xi1, 0, av, f_decompress, f_unf, &reloc); // "rewind" + if (!phdr->p_vaddr) { // -fPIE at 0 + // Needed if no PT_PHDR (libmusl); else repeat of do_xmap() + auxv_up(av, AT_PHDR, reloc + (unsigned long)(1+(Elf64_Ehdr *)phdr->p_vaddr)); + } auxv_up(av, AT_ENTRY, entry); { // Map PT_INTERP program interpreter diff --git a/src/stub/tmp/amd64-linux.elf-fold.map b/src/stub/tmp/amd64-linux.elf-fold.map index 483e3962..fdabf6fb 100644 --- a/src/stub/tmp/amd64-linux.elf-fold.map +++ b/src/stub/tmp/amd64-linux.elf-fold.map @@ -8,7 +8,7 @@ Linker script and memory map 0x00000000001000bc . = ((0x100000 + SIZEOF_HEADERS) + 0xc) -.text 0x00000000001000bc 0x694 +.text 0x00000000001000bc 0x6b4 *(.text) .text 0x00000000001000bc 0x121 tmp/amd64-linux.elf-fold.o 0x00000000001001aa munmap @@ -20,19 +20,20 @@ Linker script and memory map 0x00000000001001ae mprotect 0x00000000001001d5 close *fill* 0x00000000001001dd 0x3 00 - .text 0x00000000001001e0 0x570 tmp/amd64-linux.elf-main.o + .text 0x00000000001001e0 0x58d tmp/amd64-linux.elf-main.o 0x00000000001005f2 upx_main *(.data) - .data 0x0000000000100750 0x0 tmp/amd64-linux.elf-fold.o - .data 0x0000000000100750 0x0 tmp/amd64-linux.elf-main.o + *fill* 0x000000000010076d 0x3 00 + .data 0x0000000000100770 0x0 tmp/amd64-linux.elf-fold.o + .data 0x0000000000100770 0x0 tmp/amd64-linux.elf-main.o .data -.bss 0x0000000000100750 0x0 - .bss 0x0000000000100750 0x0 tmp/amd64-linux.elf-fold.o - .bss 0x0000000000100750 0x0 tmp/amd64-linux.elf-main.o +.bss 0x0000000000100770 0x0 + .bss 0x0000000000100770 0x0 tmp/amd64-linux.elf-fold.o + .bss 0x0000000000100770 0x0 tmp/amd64-linux.elf-main.o -.rela.dyn 0x0000000000100750 0x0 +.rela.dyn 0x0000000000100770 0x0 .rela.text 0x0000000000000000 0x0 tmp/amd64-linux.elf-fold.o LOAD tmp/amd64-linux.elf-fold.o LOAD tmp/amd64-linux.elf-main.o