patchelf 0.0.0 → 1.2.0

data/lib/patchelf/patcher.rb

@@ -1,8 +1,11 @@
-require 'elftools'
-require 'fileutils'
+# encoding: ascii-8bit
+# frozen_string_literal: true
 
+require 'elftools/elf_file'
+
+require 'patchelf/exceptions'
 require 'patchelf/logger'
-require 'patchelf/mm'
+require 'patchelf/saver'
 
 module PatchELF
   # Class to handle all patching things.
@@ -10,13 +13,36 @@ module PatchELF
     # @!macro [new] note_apply
     #   @note This setting will be saved after {#save} being invoked.
 
+    attr_reader :elf # @return [ELFTools::ELFFile] ELF parser object.
+
     # Instantiate a {Patcher} object.
     # @param [String] filename
     #   Filename of input ELF.
-    def initialize(filename)
+    # @param [Boolean] logging
+    #   *deprecated*: use +on_error+ instead
+    # @param [:log, :silent, :exception] on_error
+    #   action when the desired segment/tag field isn't present
+    #     :log = logs to stderr
+    #     :exception = raise exception related to the error
+    #     :silent = ignore the errors
+    def initialize(filename, on_error: :log, logging: true)
       @in_file = filename
       @elf = ELFTools::ELFFile.new(File.open(filename))
       @set = {}
+      @rpath_sym = :runpath
+      @on_error = !logging ? :exception : on_error
+
+      on_error_syms = %i[exception log silent]
+      raise ArgumentError, "on_error must be one of #{on_error_syms}" unless on_error_syms.include?(@on_error)
+    end
+
+    # @return [String?]
+    #   Get interpreter's name.
+    # @example
+    #   PatchELF::Patcher.new('/bin/ls').interpreter
+    #   #=> "/lib64/ld-linux-x86-64.so.2"
+    def interpreter
+      @set[:interpreter] || interpreter_
     end
 
     # Set interpreter's name.
@@ -26,11 +52,73 @@ module PatchELF
     # @param [String] interp
     # @macro note_apply
     def interpreter=(interp)
-      return if interpreter.nil? # will also show warning if there's no interp segment.
+      return if interpreter_.nil? # will also show warning if there's no interp segment.
 
       @set[:interpreter] = interp
     end
 
+    # Get needed libraries.
+    # @return [Array<String>]
+    # @example
+    #   patcher = PatchELF::Patcher.new('/bin/ls')
+    #   patcher.needed
+    #   #=> ["libselinux.so.1", "libc.so.6"]
+    def needed
+      @set[:needed] || needed_
+    end
+
+    # Set needed libraries.
+    # @param [Array<String>] needs
+    # @macro note_apply
+    def needed=(needs)
+      @set[:needed] = needs
+    end
+
+    # Add the needed library.
+    # @param [String] need
+    # @return [void]
+    # @macro note_apply
+    def add_needed(need)
+      @set[:needed] ||= needed_
+      @set[:needed] << need
+    end
+
+    # Remove the needed library.
+    # @param [String] need
+    # @return [void]
+    # @macro note_apply
+    def remove_needed(need)
+      @set[:needed] ||= needed_
+      @set[:needed].delete(need)
+    end
+
+    # Replace needed library +src+ with +tar+.
+    #
+    # @param [String] src
+    #   Library to be replaced.
+    # @param [String] tar
+    #   Library replace with.
+    # @return [void]
+    # @macro note_apply
+    def replace_needed(src, tar)
+      @set[:needed] ||= needed_
+      @set[:needed].map! { |v| v == src ? tar : v }
+    end
+
+    # Get the soname of a shared library.
+    # @return [String?] The name.
+    # @example
+    #   patcher = PatchELF::Patcher.new('/bin/ls')
+    #   patcher.soname
+    #   # [WARN] Entry DT_SONAME not found, not a shared library?
+    #   #=> nil
+    # @example
+    #   PatchELF::Patcher.new('/lib/x86_64-linux-gnu/libc.so.6').soname
+    #   #=> "libc.so.6"
+    def soname
+      @set[:soname] || soname_
+    end
+
     # Set soname.
     #
     # If the input ELF is not a shared library with a soname,
@@ -38,115 +126,81 @@ module PatchELF
     # @param [String] name
     # @macro note_apply
     def soname=(name)
-      return if soname.nil?
+      return if soname_.nil?
 
       @set[:soname] = name
     end
 
-    # Set rpath.
+    # Get runpath.
+    # @return [String?]
+    def runpath
+      @set[@rpath_sym] || runpath_(@rpath_sym)
+    end
+
+    # Get rpath
+    # return [String?]
+    def rpath
+      @set[:rpath] || runpath_(:rpath)
+    end
+
+    # Set rpath
     #
-    # If DT_RPATH is not presented in the input ELF,
-    # a new DT_RPATH attribute will be inserted into the DYNAMIC segment.
+    # Modify / set DT_RPATH of the given ELF.
+    # similar to runpath= except DT_RPATH is modifed/created in DYNAMIC segment.
     # @param [String] rpath
     # @macro note_apply
     def rpath=(rpath)
       @set[:rpath] = rpath
     end
 
+    # Set runpath.
+    #
+    # If DT_RUNPATH is not presented in the input ELF,
+    # a new DT_RUNPATH attribute will be inserted into the DYNAMIC segment.
+    # @param [String] runpath
+    # @macro note_apply
+    def runpath=(runpath)
+      @set[@rpath_sym] = runpath
+    end
+
+    # Set all operations related to DT_RUNPATH to use DT_RPATH.
+    # @return [self]
+    def use_rpath!
+      @rpath_sym = :rpath
+      self
+    end
+
     # Save the patched ELF as +out_file+.
     # @param [String?] out_file
     #   If +out_file+ is +nil+, the original input file will be modified.
     # @return [void]
     def save(out_file = nil)
-      # TODO: Test if we can save twice, and the output files are exactly same.
       # If nothing is modified, return directly.
       return if out_file.nil? && !dirty?
 
       out_file ||= @in_file
-      # [{Integer => String}]
-      @inline_patch = {}
-      @mm = PatchELF::MM.new(@elf)
-      # Patching interpreter is the easiest.
-      patch_interpreter(@set[:interpreter])
-
-      @mm.dispatch!
-
-      FileUtils.cp(@in_file, out_file) if out_file != @in_file
-      # if @mm.extend_size != 0:
-      # 1. Remember all data after the original second LOAD
-      # 2. Apply patches before the second LOAD.
-      # 3. Apply patches located after the second LOAD.
-
-      File.open(out_file, 'r+') do |f|
-        if @mm.extended?
-          original_head = @mm.threshold
-          extra = {}
-          # Copy all data after the second load
-          @elf.stream.pos = original_head
-          extra[original_head + @mm.extend_size] = @elf.stream.read # read to end
-          # zero out the 'gap' we created
-          extra[original_head] = "\x00" * @mm.extend_size
-          extra.each do |pos, str|
-            f.pos = pos
-            f.write(str)
-          end
-        end
-        @elf.patches.each do |pos, str|
-          f.pos = @mm.extended_offset(pos)
-          f.write(str)
-        end
+      saver = PatchELF::Saver.new(@in_file, out_file, @set)
 
-        @inline_patch.each do |pos, str|
-          f.pos = pos
-          f.write(str)
-        end
-      end
-
-      # Let output file have the same permission as input.
-      FileUtils.chmod(File.stat(@in_file).mode, out_file)
+      saver.save!
     end
 
-    # Get name(s) of interpreter, needed libraries, rpath, or soname.
-    #
-    # @param [:interpreter, :needed, :rpath, :soname] name
-    # @return [String, Array<String>, nil]
-    #   Returns name(s) fetched from ELF.
-    # @example
-    #   patcher = Patcher.new('/bin/ls')
-    #   patcher.get(:interpreter)
-    #   #=> "/lib64/ld-linux-x86-64.so.2"
-    #   patcher.get(:needed)
-    #   #=> ["libselinux.so.1", "libc.so.6"]
-    #
-    #   patcher.get(:soname)
-    #   # [WARN] Entry DT_SONAME not found, not a shared library?
-    #   #=> nil
-    # @example
-    #   Patcher.new('/lib/x86_64-linux-gnu/libc.so.6').get(:soname)
-    #   #=> "libc.so.6"
-    def get(name)
-      return unless %i[interpreter needed rpath soname].include?(name)
-      return @set[name] if @set[name]
+    private
 
-      __send__(name)
-    end
+    def log_or_raise(msg, exception = PatchELF::PatchError)
+      raise exception, msg if @on_error == :exception
 
-    private
+      PatchELF::Logger.warn(msg) if @on_error == :log
+    end
 
-    # @return [String?]
-    #   Get interpreter's name.
-    # @example
-    #   Patcher.new('/bin/ls').interpreter
-    #   #=> "/lib64/ld-linux-x86-64.so.2"
-    def interpreter
+    def interpreter_
       segment = @elf.segment_by_type(:interp)
-      return PatchELF::Logger.warn('No interpreter found.') if segment.nil?
+      return log_or_raise 'No interpreter found.', PatchELF::MissingSegmentError if segment.nil?
 
       segment.interp_name
     end
 
     # @return [Array<String>]
-    def needed
+    def needed_
       segment = dynamic_or_log
       return if segment.nil?
 
@@ -154,85 +208,36 @@ module PatchELF
     end
 
     # @return [String?]
-    def rpath
-      # TODO: consider both rpath and runpath
-      tag_name_or_log(:rpath, 'Entry DT_RPATH not found.')
+    def runpath_(rpath_sym = :runpath)
+      tag_name_or_log(rpath_sym, "Entry DT_#{rpath_sym.to_s.upcase} not found.")
     end
 
     # @return [String?]
-    def soname
+    def soname_
       tag_name_or_log(:soname, 'Entry DT_SONAME not found, not a shared library?')
     end
 
-    def patch_interpreter(new_interp)
-      return if new_interp.nil?
-
-      new_interp += "\x00"
-      old_interp = interpreter + "\x00"
-      return if old_interp == new_interp
-
-      # These headers must be found here but not in the proc.
-      seg_header = @elf.segment_by_type(:interp).header
-      sec_header = section_header('.interp')
-
-      patch = proc do |off, vaddr|
-        # Register an inline patching
-        inline_patch(off, new_interp)
-
-        # The patching feature of ELFTools
-        seg_header.p_offset = off
-        seg_header.p_vaddr = seg_header.p_paddr = vaddr
-        seg_header.p_filesz = seg_header.p_memsz = new_interp.size
-
-        if sec_header
-          sec_header.sh_offset = off
-          sec_header.sh_size = new_interp.size
-        end
-      end
-
-      if new_interp.size <= old_interp.size
-        # easy case
-        patch.call(seg_header.p_offset.to_i, seg_header.p_vaddr.to_i)
-      else
-        # hard case, we have to request a new LOAD area
-        @mm.malloc(new_interp.size, &patch)
-      end
-    end
-
     # @return [Boolean]
     def dirty?
       @set.any?
     end
 
-    # @return [ELFTools::Sections::Section?]
-    def section_header(name)
-      sec = @elf.section_by_name(name)
-      return if sec.nil?
-
-      sec.header
-    end
-
     def tag_name_or_log(type, log_msg)
       segment = dynamic_or_log
       return if segment.nil?
 
       tag = segment.tag_by_type(type)
-      return PatchELF::Logger.warn(log_msg) if tag.nil?
+      return log_or_raise log_msg, PatchELF::MissingTagError if tag.nil?
 
       tag.name
     end
 
     def dynamic_or_log
       @elf.segment_by_type(:dynamic).tap do |s|
-        PatchELF::Logger.warn('DYNAMIC segment not found, might be a statically-linked ELF?') if s.nil?
+        if s.nil?
+          log_or_raise 'DYNAMIC segment not found, might be a statically-linked ELF?', PatchELF::MissingSegmentError
+        end
       end
     end
-
-    # This can only be used for patching interpreter's name
-    # or set strings in a malloc-ed area.
-    # i.e. NEVER intend to change the string defined in strtab
-    def inline_patch(off, str)
-      @inline_patch[@mm.extended_offset(off)] = str
-    end
   end
 end

data/lib/patchelf/saver.rb

@@ -0,0 +1,285 @@
+# frozen_string_literal: true
+
+require 'elftools/constants'
+require 'elftools/elf_file'
+require 'elftools/structs'
+require 'elftools/util'
+require 'fileutils'
+
+require 'patchelf/mm'
+
+module PatchELF
+  # Internal use only.
+  #
+  # For {Patcher} to do patching things and save to file.
+  # @private
+  class Saver
+    attr_reader :in_file # @return [String] Input filename.
+    attr_reader :out_file # @return [String] Output filename.
+
+    # Instantiate a {Saver} object.
+    # @param [String] in_file
+    # @param [String] out_file
+    # @param [{Symbol => String, Array}] set
+    def initialize(in_file, out_file, set)
+      @in_file = in_file
+      @out_file = out_file
+      @set = set
+      # [{Integer => String}]
+      @inline_patch = {}
+      @elf = ELFTools::ELFFile.new(File.open(in_file))
+      @mm = PatchELF::MM.new(@elf)
+      @strtab_extend_requests = []
+      @append_dyn = []
+    end
+
+    # @return [void]
+    def save!
+      # In this method we assume all attributes that should exist do exist.
+      # e.g. DT_INTERP, DT_DYNAMIC. These should have been checked in the patcher.
+      patch_interpreter
+      patch_dynamic
+
+      @mm.dispatch!
+
+      FileUtils.cp(in_file, out_file) if out_file != in_file
+      patch_out(@out_file)
+      # Let output file have the same permission as input.
+      FileUtils.chmod(File.stat(in_file).mode, out_file)
+    end
+
+    private
+
+    def patch_interpreter
+      return if @set[:interpreter].nil?
+
+      new_interp = @set[:interpreter] + "\x00"
+      old_interp = @elf.segment_by_type(:interp).interp_name + "\x00"
+      return if old_interp == new_interp
+
+      # These headers must be found here but not in the proc.
+      seg_header = @elf.segment_by_type(:interp).header
+      sec_header = section_header('.interp')
+
+      patch = proc do |off, vaddr|
+        # Register an inline patching
+        inline_patch(off, new_interp)
+
+        # The patching feature of ELFTools
+        seg_header.p_offset = off
+        seg_header.p_vaddr = seg_header.p_paddr = vaddr
+        seg_header.p_filesz = seg_header.p_memsz = new_interp.size
+
+        if sec_header
+          sec_header.sh_offset = off
+          sec_header.sh_size = new_interp.size
+        end
+      end
+
+      if new_interp.size <= old_interp.size
+        # easy case
+        patch.call(seg_header.p_offset.to_i, seg_header.p_vaddr.to_i)
+      else
+        # hard case, we have to request a new LOAD area
+        @mm.malloc(new_interp.size, &patch)
+      end
+    end
+
+    def patch_dynamic
+      # We never do inline patching on strtab's string.
+      # 1. Search if there's useful string exists
+      #   - only need header patching
+      # 2. Append a new string to the strtab.
+      #   - register strtab extension
+      dynamic.tags # HACK, force @tags to be defined
+      patch_soname if @set[:soname]
+      patch_runpath if @set[:runpath]
+      patch_runpath(:rpath) if @set[:rpath]
+      patch_needed if @set[:needed]
+      malloc_strtab!
+      expand_dynamic!
+    end
+
+    def patch_soname
+      # The tag must exist.
+      so_tag = dynamic.tag_by_type(:soname)
+      reg_str_table(@set[:soname]) do |idx|
+        so_tag.header.d_val = idx
+      end
+    end
+
+    def patch_runpath(sym = :runpath)
+      tag = dynamic.tag_by_type(sym)
+      tag = tag.nil? ? lazy_dyn(sym) : tag.header
+      reg_str_table(@set[sym]) do |idx|
+        tag.d_val = idx
+      end
+    end
+
+    # To mark a not-using tag
+    IGNORE = ELFTools::Constants::DT_LOOS
+    def patch_needed
+      original_needs = dynamic.tags_by_type(:needed)
+      @set[:needed].uniq!
+      # 3 sets:
+      # 1. in original and in needs - remain unchanged
+      # 2. in original but not in needs - remove
+      # 3. not in original and in needs - append
+      original_needs.each do |n|
+        next if @set[:needed].include?(n.name)
+
+        n.header.d_tag = IGNORE # temporarily mark
+      end
+
+      extra = @set[:needed] - original_needs.map(&:name)
+      original_needs.each do |n|
+        break if extra.empty?
+        next if n.header.d_tag != IGNORE
+
+        n.header.d_tag = ELFTools::Constants::DT_NEEDED
+        reg_str_table(extra.shift) { |idx| n.header.d_val = idx }
+      end
+      return if extra.empty?
+
+      # no spaces, need append
+      extra.each do |name|
+        tag = lazy_dyn(:needed)
+        reg_str_table(name) { |idx| tag.d_val = idx }
+      end
+    end
+
+    # Create a temp tag header.
+    # @return [ELFTools::Structs::ELF_Dyn]
+    def lazy_dyn(sym)
+      ELFTools::Structs::ELF_Dyn.new(endian: @elf.endian).tap do |dyn|
+        @append_dyn << dyn
+        dyn.elf_class = @elf.elf_class
+        dyn.d_tag = ELFTools::Util.to_constant(ELFTools::Constants::DT, sym)
+      end
+    end
+
+    def expand_dynamic!
+      return if @append_dyn.empty?
+
+      dyn_sec = section_header('.dynamic')
+      total = dynamic.tags.map(&:header)
+      # the last must be a null-tag
+      total = total[0..-2] + @append_dyn + [total.last]
+      bytes = total.first.num_bytes * total.size
+      @mm.malloc(bytes) do |off, vaddr|
+        inline_patch(off, total.map(&:to_binary_s).join)
+        dynamic.header.p_offset = off
+        dynamic.header.p_vaddr = dynamic.header.p_paddr = vaddr
+        dynamic.header.p_filesz = dynamic.header.p_memsz = bytes
+        if dyn_sec
+          dyn_sec.sh_offset = off
+          dyn_sec.sh_addr = vaddr
+          dyn_sec.sh_size = bytes
+        end
+      end
+    end
+
+    def malloc_strtab!
+      return if @strtab_extend_requests.empty?
+
+      strtab = dynamic.tag_by_type(:strtab)
+      # Process registered requests
+      need_size = strtab_string.size + @strtab_extend_requests.reduce(0) { |sum, (str, _)| sum + str.size + 1 }
+      dynstr = section_header('.dynstr')
+      @mm.malloc(need_size) do |off, vaddr|
+        new_str = strtab_string + @strtab_extend_requests.map(&:first).join("\x00") + "\x00"
+        inline_patch(off, new_str)
+        cur = strtab_string.size
+        @strtab_extend_requests.each do |str, block|
+          block.call(cur)
+          cur += str.size + 1
+        end
+        # Now patching strtab header
+        strtab.header.d_val = vaddr
+        # We also need to patch dynstr to let readelf have correct output.
+        if dynstr
+          dynstr.sh_size = new_str.size
+          dynstr.sh_offset = off
+          dynstr.sh_addr = vaddr
+        end
+      end
+    end
+
+    # @param [String] str
+    # @yieldparam [Integer] idx
+    # @yieldreturn [void]
+    def reg_str_table(str, &block)
+      idx = strtab_string.index(str + "\x00")
+      # Request string is already exist
+      return yield idx if idx
+
+      # Record the request
+      @strtab_extend_requests << [str, block]
+    end
+
+    def strtab_string
+      return @strtab_string if defined?(@strtab_string)
+
+      # TODO: handle no strtab exists..
+      offset = @elf.offset_from_vma(dynamic.tag_by_type(:strtab).value)
+      # This is a little tricky since no length information is stored in the tag.
+      # We first get the file offset of the string then 'guess' where the end is.
+      @elf.stream.pos = offset
+      @strtab_string = +''
+      loop do
+        c = @elf.stream.read(1)
+        break unless c =~ /\x00|[[:print:]]/
+
+        @strtab_string << c
+      end
+      @strtab_string
+    end
+
+    # This can only be used for patching interpreter's name
+    # or set strings in a malloc-ed area.
+    # i.e. NEVER intend to change the string defined in strtab
+    def inline_patch(off, str)
+      @inline_patch[off] = str
+    end
+
+    # Modify the out_file according to registered patches.
+    def patch_out(out_file)
+      File.open(out_file, 'r+') do |f|
+        if @mm.extended?
+          original_head = @mm.threshold
+          extra = {}
+          # Copy all data after the second load
+          @elf.stream.pos = original_head
+          extra[original_head + @mm.extend_size] = @elf.stream.read # read to end
+          # zero out the 'gap' we created
+          extra[original_head] = "\x00" * @mm.extend_size
+          extra.each do |pos, str|
+            f.pos = pos
+            f.write(str)
+          end
+        end
+        @elf.patches.each do |pos, str|
+          f.pos = @mm.extended_offset(pos)
+          f.write(str)
+        end
+
+        @inline_patch.each do |pos, str|
+          f.pos = pos
+          f.write(str)
+        end
+      end
+    end
+
+    # @return [ELFTools::Sections::Section?]
+    def section_header(name)
+      sec = @elf.section_by_name(name)
+      return if sec.nil?
+
+      sec.header
+    end
+
+    def dynamic
+      @dynamic ||= @elf.segment_by_type(:dynamic)
+    end
+  end
+end