1 /* http://www.muppetlabs.com/~breadbox/software/elfkickers.html */
3 /* sstrip: Copyright (C) 1999-2001 by Brian Raiter, under the GNU
4 * General Public License. No warranty. See COPYING for details.
6 * Aug 23, 2004 Hacked by Manuel Novoa III <mjn3@codepoet.org> to
7 * handle targets of different endianness and/or elf class, making
8 * it more useful in a cross-devel environment.
11 /* ============== original README ===================
13 * sstrip is a small utility that removes the contents at the end of an
14 * ELF file that are not part of the program's memory image.
16 * Most ELF executables are built with both a program header table and a
17 * section header table. However, only the former is required in order
18 * for the OS to load, link and execute a program. sstrip attempts to
19 * extract the ELF header, the program header table, and its contents,
20 * leaving everything else in the bit bucket. It can only remove parts of
21 * the file that occur at the end, after the parts to be saved. However,
22 * this almost always includes the section header table, and occasionally
23 * a few random sections that are not used when running a program.
25 * It should be noted that the GNU bfd library is (understandably)
26 * dependent on the section header table as an index to the file's
27 * contents. Thus, an executable file that has no section header table
28 * cannot be used with gdb, objdump, or any other program based upon the
29 * bfd library, at all. In fact, the program will not even recognize the
30 * file as a valid executable. (This limitation is noted in the source
31 * code comments for bfd, and is marked "FIXME", so this may change at
32 * some future date. However, I would imagine that it is a pretty
33 * low-priority item, as executables without a section header table are
34 * rare in the extreme.) This probably also explains why strip doesn't
35 * offer the option to do this.
37 * Shared library files may also have their section header table removed.
38 * Such a library will still function; however, it will no longer be
39 * possible for a compiler to link a new program against it.
41 * As an added bonus, sstrip also tries to removes trailing zero bytes
42 * from the end of the file. (This normally cannot be done with an
43 * executable that has a section header table.)
45 * sstrip is a very simplistic program. It depends upon the common
46 * practice of putting the parts of the file that contribute to the
47 * memory image at the front, and the remaining material at the end. This
48 * permits it to discard the latter material without affecting file
49 * offsets and memory addresses in what remains. Of course, the ELF
50 * standard permits files to be organized in almost any order, so if a
51 * pathological linker decided to put its section headers at the top,
52 * sstrip would be useless on such executables.
64 * This seems to work on FreeBSD 5.3, should
65 * work on all newer versions as well. I have
66 * no idea if it will work on versions < 5.3
68 * Joe Estock (guru) <jestock at nutextonline.com>
70 #include <sys/endian.h>
71 #define bswap_64 __bswap64
72 #define bswap_32 __bswap32
73 #define bswap_16 __bswap16
77 #endif /* defined(__FreeBSD__) */
85 /* The name of the program.
87 static char const *progname
;
89 /* The name of the current file.
91 static char const *filename
;
94 /* A simple error-handling function. FALSE is always returned for the
95 * convenience of the caller.
97 static int err(char const *errmsg
)
99 fprintf(stderr
, "%s: %s: %s\n", progname
, filename
, errmsg
);
103 /* A flag to signal the need for endian reversal.
105 static int do_reverse_endian
;
107 /* Get a value from the elf header, compensating for endianness.
112 if (!do_reverse_endian) { \
114 } else if (sizeof(X) == 1) { \
116 } else if (sizeof(X) == 2) { \
117 __res = bswap_16((X)); \
118 } else if (sizeof(X) == 4) { \
119 __res = bswap_32((X)); \
120 } else if (sizeof(X) == 8) { \
121 __res = bswap_64((X)); \
123 fprintf(stderr, "%s: %s: EGET failed for size %d\n", \
124 progname, filename, sizeof(X)); \
125 exit(EXIT_FAILURE); \
130 /* Set a value 'Y' in the elf header to 'X', compensating for endianness.
133 do if (!do_reverse_endian) { \
135 } else if (sizeof(Y) == 1) { \
137 } else if (sizeof(Y) == 2) { \
138 Y = bswap_16((uint16_t)(X)); \
139 } else if (sizeof(Y) == 4) { \
140 Y = bswap_32((uint32_t)(X)); \
141 } else if (sizeof(Y) == 8) { \
142 Y = bswap_64((uint64_t)(X)); \
144 fprintf(stderr, "%s: %s: ESET failed for size %d\n", \
145 progname, filename, sizeof(Y)); \
146 exit(EXIT_FAILURE); \
150 /* A macro for I/O errors: The given error message is used only when
153 #define ferr(msg) (err(errno ? strerror(errno) : (msg)))
157 #define HEADER_FUNCTIONS(CLASS) \
159 /* readelfheader() reads the ELF header into our global variable, and \
160 * checks to make sure that this is in fact a file that we should be \
163 static int readelfheader ## CLASS (int fd, Elf ## CLASS ## _Ehdr *ehdr) \
165 if (read(fd, ((char *)ehdr)+EI_NIDENT, sizeof(*ehdr) - EI_NIDENT) \
166 != sizeof(*ehdr) - EI_NIDENT) \
167 return ferr("missing or incomplete ELF header."); \
169 /* Verify the sizes of the ELF header and the program segment \
170 * header table entries. \
172 if (EGET(ehdr->e_ehsize) != sizeof(Elf ## CLASS ## _Ehdr)) \
173 return err("unrecognized ELF header size."); \
174 if (EGET(ehdr->e_phentsize) != sizeof(Elf ## CLASS ## _Phdr)) \
175 return err("unrecognized program segment header size."); \
177 /* Finally, check the file type. \
179 if (EGET(ehdr->e_type) != ET_EXEC && EGET(ehdr->e_type) != ET_DYN) \
180 return err("not an executable or shared-object library."); \
185 /* readphdrtable() loads the program segment header table into memory. \
187 static int readphdrtable ## CLASS (int fd, Elf ## CLASS ## _Ehdr const *ehdr, \
188 Elf ## CLASS ## _Phdr **phdrs) \
192 if (!EGET(ehdr->e_phoff) || !EGET(ehdr->e_phnum) \
193 ) return err("ELF file has no program header table."); \
195 size = EGET(ehdr->e_phnum) * sizeof **phdrs; \
196 if (!(*phdrs = malloc(size))) \
197 return err("Out of memory!"); \
200 if (read(fd, *phdrs, size) != (ssize_t)size) \
201 return ferr("missing or incomplete program segment header table."); \
206 /* getmemorysize() determines the offset of the last byte of the file \
207 * that is referenced by an entry in the program segment header table. \
208 * (Anything in the file after that point is not used when the program \
209 * is executing, and thus can be safely discarded.) \
211 static int getmemorysize ## CLASS (Elf ## CLASS ## _Ehdr const *ehdr, \
212 Elf ## CLASS ## _Phdr const *phdrs, \
213 unsigned long *newsize) \
215 Elf ## CLASS ## _Phdr const *phdr; \
216 unsigned long size, n; \
219 /* Start by setting the size to include the ELF header and the \
220 * complete program segment header table. \
222 size = EGET(ehdr->e_phoff) + EGET(ehdr->e_phnum) * sizeof *phdrs; \
223 if (size < sizeof *ehdr) \
224 size = sizeof *ehdr; \
226 /* Then keep extending the size to include whatever data the \
227 * program segment header table references. \
229 for (i = 0, phdr = phdrs ; i < EGET(ehdr->e_phnum) ; ++i, ++phdr) { \
230 if (EGET(phdr->p_type) != PT_NULL) { \
231 n = EGET(phdr->p_offset) + EGET(phdr->p_filesz); \
241 /* modifyheaders() removes references to the section header table if \
242 * it was stripped, and reduces program header table entries that \
243 * included truncated bytes at the end of the file. \
245 static int modifyheaders ## CLASS (Elf ## CLASS ## _Ehdr *ehdr, \
246 Elf ## CLASS ## _Phdr *phdrs, \
247 unsigned long newsize) \
249 Elf ## CLASS ## _Phdr *phdr; \
252 /* If the section header table is gone, then remove all references \
253 * to it in the ELF header. \
255 if (EGET(ehdr->e_shoff) >= newsize) { \
256 ESET(ehdr->e_shoff,0); \
257 ESET(ehdr->e_shnum,0); \
258 ESET(ehdr->e_shentsize,0); \
259 ESET(ehdr->e_shstrndx,0); \
262 /* The program adjusts the file size of any segment that was \
263 * truncated. The case of a segment being completely stripped out \
264 * is handled separately. \
266 for (i = 0, phdr = phdrs ; i < EGET(ehdr->e_phnum) ; ++i, ++phdr) { \
267 if (EGET(phdr->p_offset) >= newsize) { \
268 ESET(phdr->p_offset,newsize); \
269 ESET(phdr->p_filesz,0); \
270 } else if (EGET(phdr->p_offset) + EGET(phdr->p_filesz) > newsize) { \
271 newsize -= EGET(phdr->p_offset); \
272 ESET(phdr->p_filesz, newsize); \
279 /* commitchanges() writes the new headers back to the original file \
280 * and sets the file to its new size. \
282 static int commitchanges ## CLASS (int fd, Elf ## CLASS ## _Ehdr const *ehdr, \
283 Elf ## CLASS ## _Phdr *phdrs, \
284 unsigned long newsize) \
288 /* Save the changes to the ELF header, if any. \
290 if (lseek(fd, 0, SEEK_SET)) \
291 return ferr("could not rewind file"); \
293 if (write(fd, ehdr, sizeof *ehdr) != sizeof *ehdr) \
294 return err("could not modify file"); \
296 /* Save the changes to the program segment header table, if any. \
298 if (lseek(fd, EGET(ehdr->e_phoff), SEEK_SET) == (off_t)-1) { \
299 err("could not seek in file."); \
302 n = EGET(ehdr->e_phnum) * sizeof *phdrs; \
303 if (write(fd, phdrs, n) != (ssize_t)n) { \
304 err("could not write to file"); \
308 /* Eleventh-hour sanity check: don't truncate before the end of \
309 * the program segment header table. \
311 if (newsize < EGET(ehdr->e_phoff) + n) \
312 newsize = EGET(ehdr->e_phoff) + n; \
314 /* Chop off the end of the file. \
316 if (ftruncate(fd, newsize)) { \
317 err("could not resize file"); \
324 return err("ELF file may have been corrupted!"); \
328 /* First elements of Elf32_Ehdr and Elf64_Ehdr are common.
330 static int readelfheaderident(int fd
, Elf32_Ehdr
*ehdr
)
333 if (read(fd
, ehdr
, EI_NIDENT
) != EI_NIDENT
)
334 return ferr("missing or incomplete ELF header.");
336 /* Check the ELF signature.
338 if (!(ehdr
->e_ident
[EI_MAG0
] == ELFMAG0
&&
339 ehdr
->e_ident
[EI_MAG1
] == ELFMAG1
&&
340 ehdr
->e_ident
[EI_MAG2
] == ELFMAG2
&&
341 ehdr
->e_ident
[EI_MAG3
] == ELFMAG3
))
343 err("missing ELF signature.");
347 /* Compare the file's class and endianness with the program's.
349 #if __BYTE_ORDER == __LITTLE_ENDIAN
350 if (ehdr
->e_ident
[EI_DATA
] == ELFDATA2LSB
) {
351 do_reverse_endian
= 0;
352 } else if (ehdr
->e_ident
[EI_DATA
] == ELFDATA2MSB
) {
353 /* fprintf(stderr, "ELF file has different endianness.\n"); */
354 do_reverse_endian
= 1;
356 #elif __BYTE_ORDER == __BIG_ENDIAN
357 if (ehdr
->e_ident
[EI_DATA
] == ELFDATA2LSB
) {
358 /* fprintf(stderr, "ELF file has different endianness.\n"); */
359 do_reverse_endian
= 1;
360 } else if (ehdr
->e_ident
[EI_DATA
] == ELFDATA2MSB
) {
361 do_reverse_endian
= 0;
364 #error unkown endianness
367 err("Unsupported endianness");
371 /* Check the target architecture.
373 /* if (EGET(ehdr->e_machine) != ELF_ARCH) { */
374 /* /\* return err("ELF file created for different architecture."); *\/ */
375 /* fprintf(stderr, "ELF file created for different architecture.\n"); */
377 return ehdr
->e_ident
[EI_CLASS
];
385 /* truncatezeros() examines the bytes at the end of the file's
386 * size-to-be, and reduces the size to exclude any trailing zero
389 static int truncatezeros(int fd
, unsigned long *newsize
)
391 unsigned char contents
[1024];
392 unsigned long size
, n
;
399 if (lseek(fd
, size
- n
, SEEK_SET
) == (off_t
)-1)
400 return ferr("cannot seek in file.");
401 if (read(fd
, contents
, n
) != (ssize_t
)n
)
402 return ferr("cannot read file contents");
403 while (n
&& !contents
[--n
])
405 } while (size
&& !n
);
410 return err("ELF file is completely blank!");
416 /* main() loops over the cmdline arguments, leaving all the real work
417 * to the other functions.
419 int main(int argc
, char *argv
[])
430 unsigned long newsize
;
434 if (argc
< 2 || argv
[1][0] == '-') {
435 printf("Usage: sstrip FILE...\n"
436 "sstrip discards all nonessential bytes from an executable.\n\n"
437 "Version 2.0-X Copyright (C) 2000,2001 Brian Raiter.\n"
438 "Cross-devel hacks Copyright (C) 2004 Manuel Novoa III.\n"
439 "This program is free software, licensed under the GNU\n"
440 "General Public License. There is absolutely no warranty.\n");
446 for (arg
= argv
+ 1 ; *arg
!= NULL
; ++arg
) {
449 fd
= open(*arg
, O_RDWR
);
456 switch (readelfheaderident(fd
, &e
.ehdr32
)) {
458 if (!(readelfheader32(fd
, &e
.ehdr32
) &&
459 readphdrtable32(fd
, &e
.ehdr32
, &p
.phdrs32
) &&
460 getmemorysize32(&e
.ehdr32
, p
.phdrs32
, &newsize
) &&
461 truncatezeros(fd
, &newsize
) &&
462 modifyheaders32(&e
.ehdr32
, p
.phdrs32
, newsize
) &&
463 commitchanges32(fd
, &e
.ehdr32
, p
.phdrs32
, newsize
)))
467 if (!(readelfheader64(fd
, &e
.ehdr64
) &&
468 readphdrtable64(fd
, &e
.ehdr64
, &p
.phdrs64
) &&
469 getmemorysize64(&e
.ehdr64
, p
.phdrs64
, &newsize
) &&
470 truncatezeros(fd
, &newsize
) &&
471 modifyheaders64(&e
.ehdr64
, p
.phdrs64
, newsize
) &&
472 commitchanges64(fd
, &e
.ehdr64
, p
.phdrs64
, newsize
)))
482 return failures
? EXIT_FAILURE
: EXIT_SUCCESS
;
This page took 0.079525 seconds and 5 git commands to generate.