1 /* http://www.muppetlabs.com/~breadbox/software/elfkickers.html */
3 /* sstrip: Copyright (C) 1999-2001 by Brian Raiter, under the GNU
4 * General Public License. No warranty. See COPYING for details.
6 * Aug 23, 2004 Hacked by Manuel Novoa III <mjn3@codepoet.org> to
7 * handle targets of different endianness and/or elf class, making
8 * it more useful in a cross-devel environment.
11 /* ============== original README ===================
13 * sstrip is a small utility that removes the contents at the end of an
14 * ELF file that are not part of the program's memory image.
16 * Most ELF executables are built with both a program header table and a
17 * section header table. However, only the former is required in order
18 * for the OS to load, link and execute a program. sstrip attempts to
19 * extract the ELF header, the program header table, and its contents,
20 * leaving everything else in the bit bucket. It can only remove parts of
21 * the file that occur at the end, after the parts to be saved. However,
22 * this almost always includes the section header table, and occasionally
23 * a few random sections that are not used when running a program.
25 * It should be noted that the GNU bfd library is (understandably)
26 * dependent on the section header table as an index to the file's
27 * contents. Thus, an executable file that has no section header table
28 * cannot be used with gdb, objdump, or any other program based upon the
29 * bfd library, at all. In fact, the program will not even recognize the
30 * file as a valid executable. (This limitation is noted in the source
31 * code comments for bfd, and is marked "FIXME", so this may change at
32 * some future date. However, I would imagine that it is a pretty
33 * low-priority item, as executables without a section header table are
34 * rare in the extreme.) This probably also explains why strip doesn't
35 * offer the option to do this.
37 * Shared library files may also have their section header table removed.
38 * Such a library will still function; however, it will no longer be
39 * possible for a compiler to link a new program against it.
41 * As an added bonus, sstrip also tries to removes trailing zero bytes
42 * from the end of the file. (This normally cannot be done with an
43 * executable that has a section header table.)
45 * sstrip is a very simplistic program. It depends upon the common
46 * practice of putting the parts of the file that contribute to the
47 * memory image at the front, and the remaining material at the end. This
48 * permits it to discard the latter material without affecting file
49 * offsets and memory addresses in what remains. Of course, the ELF
50 * standard permits files to be organized in almost any order, so if a
51 * pathological linker decided to put its section headers at the top,
52 * sstrip would be useless on such executables.
65 * This seems to work on FreeBSD 5.3, should
66 * work on all newer versions as well. I have
67 * no idea if it will work on versions < 5.3
69 * Joe Estock (guru) <jestock at nutextonline.com>
71 #include <sys/endian.h>
72 #define bswap_64 __bswap64
73 #define bswap_32 __bswap32
74 #define bswap_16 __bswap16
75 #elif defined(__APPLE__)
76 #include <machine/endian.h>
77 #include <machine/byte_order.h>
78 #define __BYTE_ORDER BYTE_ORDER
79 #define __BIG_ENDIAN BIG_ENDIAN
80 #define bswap_16(x) NXSwapShort(x)
81 #define bswap_32(x) NXSwapInt(x)
82 #define bswap_64(x) NXSwapLongLong(x)
94 /* The name of the program.
96 static char const *progname
;
98 /* The name of the current file.
100 static char const *filename
;
103 /* A simple error-handling function. FALSE is always returned for the
104 * convenience of the caller.
106 static int err(char const *errmsg
)
108 fprintf(stderr
, "%s: %s: %s\n", progname
, filename
, errmsg
);
112 /* A flag to signal the need for endian reversal.
114 static int do_reverse_endian
;
116 /* Get a value from the elf header, compensating for endianness.
121 if (!do_reverse_endian) { \
123 } else if (sizeof(X) == 1) { \
125 } else if (sizeof(X) == 2) { \
126 __res = bswap_16((X)); \
127 } else if (sizeof(X) == 4) { \
128 __res = bswap_32((X)); \
129 } else if (sizeof(X) == 8) { \
130 __res = bswap_64((X)); \
132 fprintf(stderr, "%s: %s: EGET failed for size %d\n", \
133 progname, filename, sizeof(X)); \
134 exit(EXIT_FAILURE); \
139 /* Set a value 'Y' in the elf header to 'X', compensating for endianness.
142 do if (!do_reverse_endian) { \
144 } else if (sizeof(Y) == 1) { \
146 } else if (sizeof(Y) == 2) { \
147 Y = bswap_16((uint16_t)(X)); \
148 } else if (sizeof(Y) == 4) { \
149 Y = bswap_32((uint32_t)(X)); \
150 } else if (sizeof(Y) == 8) { \
151 Y = bswap_64((uint64_t)(X)); \
153 fprintf(stderr, "%s: %s: ESET failed for size %d\n", \
154 progname, filename, sizeof(Y)); \
155 exit(EXIT_FAILURE); \
159 /* A macro for I/O errors: The given error message is used only when
162 #define ferr(msg) (err(errno ? strerror(errno) : (msg)))
166 #define HEADER_FUNCTIONS(CLASS) \
168 /* readelfheader() reads the ELF header into our global variable, and \
169 * checks to make sure that this is in fact a file that we should be \
172 static int readelfheader ## CLASS (int fd, Elf ## CLASS ## _Ehdr *ehdr) \
174 if (read(fd, ((char *)ehdr)+EI_NIDENT, sizeof(*ehdr) - EI_NIDENT) \
175 != sizeof(*ehdr) - EI_NIDENT) \
176 return ferr("missing or incomplete ELF header."); \
178 /* Verify the sizes of the ELF header and the program segment \
179 * header table entries. \
181 if (EGET(ehdr->e_ehsize) != sizeof(Elf ## CLASS ## _Ehdr)) \
182 return err("unrecognized ELF header size."); \
183 if (EGET(ehdr->e_phentsize) != sizeof(Elf ## CLASS ## _Phdr)) \
184 return err("unrecognized program segment header size."); \
186 /* Finally, check the file type. \
188 if (EGET(ehdr->e_type) != ET_EXEC && EGET(ehdr->e_type) != ET_DYN) \
189 return err("not an executable or shared-object library."); \
194 /* readphdrtable() loads the program segment header table into memory. \
196 static int readphdrtable ## CLASS (int fd, Elf ## CLASS ## _Ehdr const *ehdr, \
197 Elf ## CLASS ## _Phdr **phdrs) \
201 if (!EGET(ehdr->e_phoff) || !EGET(ehdr->e_phnum) \
202 ) return err("ELF file has no program header table."); \
204 size = EGET(ehdr->e_phnum) * sizeof **phdrs; \
205 if (!(*phdrs = malloc(size))) \
206 return err("Out of memory!"); \
209 if (read(fd, *phdrs, size) != (ssize_t)size) \
210 return ferr("missing or incomplete program segment header table."); \
215 /* getmemorysize() determines the offset of the last byte of the file \
216 * that is referenced by an entry in the program segment header table. \
217 * (Anything in the file after that point is not used when the program \
218 * is executing, and thus can be safely discarded.) \
220 static int getmemorysize ## CLASS (Elf ## CLASS ## _Ehdr const *ehdr, \
221 Elf ## CLASS ## _Phdr const *phdrs, \
222 unsigned long *newsize) \
224 Elf ## CLASS ## _Phdr const *phdr; \
225 unsigned long size, n; \
228 /* Start by setting the size to include the ELF header and the \
229 * complete program segment header table. \
231 size = EGET(ehdr->e_phoff) + EGET(ehdr->e_phnum) * sizeof *phdrs; \
232 if (size < sizeof *ehdr) \
233 size = sizeof *ehdr; \
235 /* Then keep extending the size to include whatever data the \
236 * program segment header table references. \
238 for (i = 0, phdr = phdrs ; i < EGET(ehdr->e_phnum) ; ++i, ++phdr) { \
239 if (EGET(phdr->p_type) != PT_NULL) { \
240 n = EGET(phdr->p_offset) + EGET(phdr->p_filesz); \
250 /* modifyheaders() removes references to the section header table if \
251 * it was stripped, and reduces program header table entries that \
252 * included truncated bytes at the end of the file. \
254 static int modifyheaders ## CLASS (Elf ## CLASS ## _Ehdr *ehdr, \
255 Elf ## CLASS ## _Phdr *phdrs, \
256 unsigned long newsize) \
258 Elf ## CLASS ## _Phdr *phdr; \
261 /* If the section header table is gone, then remove all references \
262 * to it in the ELF header. \
264 if (EGET(ehdr->e_shoff) >= newsize) { \
265 ESET(ehdr->e_shoff,0); \
266 ESET(ehdr->e_shnum,0); \
267 ESET(ehdr->e_shentsize,0); \
268 ESET(ehdr->e_shstrndx,0); \
271 /* The program adjusts the file size of any segment that was \
272 * truncated. The case of a segment being completely stripped out \
273 * is handled separately. \
275 for (i = 0, phdr = phdrs ; i < EGET(ehdr->e_phnum) ; ++i, ++phdr) { \
276 if (EGET(phdr->p_offset) >= newsize) { \
277 ESET(phdr->p_offset,newsize); \
278 ESET(phdr->p_filesz,0); \
279 } else if (EGET(phdr->p_offset) + EGET(phdr->p_filesz) > newsize) { \
280 newsize -= EGET(phdr->p_offset); \
281 ESET(phdr->p_filesz, newsize); \
288 /* commitchanges() writes the new headers back to the original file \
289 * and sets the file to its new size. \
291 static int commitchanges ## CLASS (int fd, Elf ## CLASS ## _Ehdr const *ehdr, \
292 Elf ## CLASS ## _Phdr *phdrs, \
293 unsigned long newsize) \
297 /* Save the changes to the ELF header, if any. \
299 if (lseek(fd, 0, SEEK_SET)) \
300 return ferr("could not rewind file"); \
302 if (write(fd, ehdr, sizeof *ehdr) != sizeof *ehdr) \
303 return err("could not modify file"); \
305 /* Save the changes to the program segment header table, if any. \
307 if (lseek(fd, EGET(ehdr->e_phoff), SEEK_SET) == (off_t)-1) { \
308 err("could not seek in file."); \
311 n = EGET(ehdr->e_phnum) * sizeof *phdrs; \
312 if (write(fd, phdrs, n) != (ssize_t)n) { \
313 err("could not write to file"); \
317 /* Eleventh-hour sanity check: don't truncate before the end of \
318 * the program segment header table. \
320 if (newsize < EGET(ehdr->e_phoff) + n) \
321 newsize = EGET(ehdr->e_phoff) + n; \
323 /* Chop off the end of the file. \
325 if (ftruncate(fd, newsize)) { \
326 err("could not resize file"); \
333 return err("ELF file may have been corrupted!"); \
337 /* First elements of Elf32_Ehdr and Elf64_Ehdr are common.
339 static int readelfheaderident(int fd
, Elf32_Ehdr
*ehdr
)
342 if (read(fd
, ehdr
, EI_NIDENT
) != EI_NIDENT
)
343 return ferr("missing or incomplete ELF header.");
345 /* Check the ELF signature.
347 if (!(ehdr
->e_ident
[EI_MAG0
] == ELFMAG0
&&
348 ehdr
->e_ident
[EI_MAG1
] == ELFMAG1
&&
349 ehdr
->e_ident
[EI_MAG2
] == ELFMAG2
&&
350 ehdr
->e_ident
[EI_MAG3
] == ELFMAG3
))
352 err("missing ELF signature.");
356 /* Compare the file's class and endianness with the program's.
358 #if __BYTE_ORDER == __LITTLE_ENDIAN
359 if (ehdr
->e_ident
[EI_DATA
] == ELFDATA2LSB
) {
360 do_reverse_endian
= 0;
361 } else if (ehdr
->e_ident
[EI_DATA
] == ELFDATA2MSB
) {
362 /* fprintf(stderr, "ELF file has different endianness.\n"); */
363 do_reverse_endian
= 1;
365 #elif __BYTE_ORDER == __BIG_ENDIAN
366 if (ehdr
->e_ident
[EI_DATA
] == ELFDATA2LSB
) {
367 /* fprintf(stderr, "ELF file has different endianness.\n"); */
368 do_reverse_endian
= 1;
369 } else if (ehdr
->e_ident
[EI_DATA
] == ELFDATA2MSB
) {
370 do_reverse_endian
= 0;
373 #error unkown endianness
376 err("Unsupported endianness");
380 /* Check the target architecture.
382 /* if (EGET(ehdr->e_machine) != ELF_ARCH) { */
383 /* /\* return err("ELF file created for different architecture."); *\/ */
384 /* fprintf(stderr, "ELF file created for different architecture.\n"); */
386 return ehdr
->e_ident
[EI_CLASS
];
394 /* truncatezeros() examines the bytes at the end of the file's
395 * size-to-be, and reduces the size to exclude any trailing zero
398 static int truncatezeros(int fd
, unsigned long *newsize
)
400 unsigned char contents
[1024];
401 unsigned long size
, n
;
408 if (lseek(fd
, size
- n
, SEEK_SET
) == (off_t
)-1)
409 return ferr("cannot seek in file.");
410 if (read(fd
, contents
, n
) != (ssize_t
)n
)
411 return ferr("cannot read file contents");
412 while (n
&& !contents
[--n
])
414 } while (size
&& !n
);
419 return err("ELF file is completely blank!");
425 /* main() loops over the cmdline arguments, leaving all the real work
426 * to the other functions.
428 int main(int argc
, char *argv
[])
439 unsigned long newsize
;
443 if (argc
< 2 || argv
[1][0] == '-') {
444 printf("Usage: sstrip FILE...\n"
445 "sstrip discards all nonessential bytes from an executable.\n\n"
446 "Version 2.0-X Copyright (C) 2000,2001 Brian Raiter.\n"
447 "Cross-devel hacks Copyright (C) 2004 Manuel Novoa III.\n"
448 "This program is free software, licensed under the GNU\n"
449 "General Public License. There is absolutely no warranty.\n");
455 for (arg
= argv
+ 1 ; *arg
!= NULL
; ++arg
) {
458 fd
= open(*arg
, O_RDWR
);
465 switch (readelfheaderident(fd
, &e
.ehdr32
)) {
467 if (!(readelfheader32(fd
, &e
.ehdr32
) &&
468 readphdrtable32(fd
, &e
.ehdr32
, &p
.phdrs32
) &&
469 getmemorysize32(&e
.ehdr32
, p
.phdrs32
, &newsize
) &&
470 truncatezeros(fd
, &newsize
) &&
471 modifyheaders32(&e
.ehdr32
, p
.phdrs32
, newsize
) &&
472 commitchanges32(fd
, &e
.ehdr32
, p
.phdrs32
, newsize
)))
476 if (!(readelfheader64(fd
, &e
.ehdr64
) &&
477 readphdrtable64(fd
, &e
.ehdr64
, &p
.phdrs64
) &&
478 getmemorysize64(&e
.ehdr64
, p
.phdrs64
, &newsize
) &&
479 truncatezeros(fd
, &newsize
) &&
480 modifyheaders64(&e
.ehdr64
, p
.phdrs64
, newsize
) &&
481 commitchanges64(fd
, &e
.ehdr64
, p
.phdrs64
, newsize
)))
491 return failures
? EXIT_FAILURE
: EXIT_SUCCESS
;
This page took 0.09543 seconds and 5 git commands to generate.