From mi@aldan.algebra.com  Mon Jan 21 21:09:54 2013
Return-Path: <mi@aldan.algebra.com>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1])
	by hub.freebsd.org (Postfix) with ESMTP id 791872A8
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 21 Jan 2013 21:09:54 +0000 (UTC)
	(envelope-from mi@aldan.algebra.com)
Received: from smtp02.lnh.mail.rcn.net (smtp02.lnh.mail.rcn.net [207.172.157.102])
	by mx1.freebsd.org (Postfix) with ESMTP id 1E921DC4
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 21 Jan 2013 21:09:53 +0000 (UTC)
Received: from mr16.lnh.mail.rcn.net ([207.172.157.36])
  by smtp02.lnh.mail.rcn.net with ESMTP; 21 Jan 2013 16:09:48 -0500
Received: from smtp01.lnh.mail.rcn.net (smtp01.lnh.mail.rcn.net [207.172.4.11])
	by mr16.lnh.mail.rcn.net (MOS 4.3.4-GA)
	with ESMTP id CEW29024;
	Mon, 21 Jan 2013 16:09:46 -0500
Received: from pool-173-70-92-11.nwrknj.fios.verizon.net (HELO narawntapu.narawntapu) ([173.70.92.11])
  by smtp01.lnh.mail.rcn.net with ESMTP; 21 Jan 2013 16:09:47 -0500
Received: from narawntapu.narawntapu (localhost [127.0.0.1])
	by narawntapu.narawntapu (8.14.6/8.14.5) with ESMTP id r0LL9cj3022069
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 21 Jan 2013 16:09:40 -0500 (EST)
	(envelope-from mi@narawntapu.narawntapu)
Received: (from mi@localhost)
	by narawntapu.narawntapu (8.14.6/8.14.5/Submit) id r0LL9cRI022068;
	Mon, 21 Jan 2013 16:09:38 -0500 (EST)
	(envelope-from mi)
Message-Id: <201301212109.r0LL9cRI022068@narawntapu.narawntapu>
Date: Mon, 21 Jan 2013 16:09:38 -0500 (EST)
From: "Mikhail T." <mi@aldan.algebra.com>
Reply-To: "Mikhail T." <mi@aldan.algebra.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: elf_getdata may return NULL without setting error-message
X-Send-Pr-Version: 3.114
X-GNATS-Notify:

>Number:         175491
>Category:       bin
>Synopsis:       [libelf] [patch] elf_getdata may return NULL without setting error-message
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    markj
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jan 21 21:20:00 UTC 2013
>Closed-Date:    Sun Mar 03 19:05:44 UTC 2013
>Last-Modified:  Sun Mar 03 19:05:44 UTC 2013
>Originator:     Mikhail T.
>Release:        FreeBSD 9.1-PRERELEASE amd64
>Organization:
Virtual Estates, Inc.	http://sybpipe.com/
>Environment:
System: 9.1-PRERELEASE r244476: Wed Dec 19 23:40:59 EST 2012

>Description:
	The manual page for elf_getdata(3) assures, that a valid pointer
	will be returned unless there is an error. In case of an error,
	elf_errno(3) will return the error-code.

	Unfortunately, that is not always the case -- for a section 0 
	elf_getdata will return NULL without also setting the
	error-code:

		scn = elf_getscn(elf, 0);
		data = elf_getdata(scn, NULL);

	The traditional implementation, also known as libelf.so.0, sets
	the error to ERROR_NULLSCN, with a textual description of
		"Request error: can't manipulate null section"

>How-To-Repeat:
	I'm including a test-program that opens the argument (or its own
	executable) and reproduces the problem, when compiled and linked
	against FreeBSD's libelf:

	./libelftest
	elfversion returned 1
	libelftest: ./libelftest: elf_getscn: (null)
	...

	When compiled and linked against libelf.so.0 installed by the
	devel/libelf port, the result follows the expectation:

	./libelftest
	elfversion returned 1
	libelftest: ./libelftest: elf_getscn: Request error: can't manipulate null section

>Fix:
>Release-Note:
>Audit-Trail:

From: "Mikhail T." <mi+thun@aldan.algebra.com>
To: bug-followup@FreeBSD.org, mi@aldan.algebra.com
Cc:  
Subject: Re: bin/175491: elf_getdata may return NULL without setting error-message
Date: Mon, 21 Jan 2013 17:23:27 -0500

 This is a multi-part message in MIME format.
 --------------090000090100000008010002
 Content-Type: text/plain; charset=ISO-8859-1; format=flowed
 Content-Transfer-Encoding: 7bit
 
 The test-program...
 
 --------------090000090100000008010002
 Content-Type: text/plain; charset=KOI8-U;
  name="libelftest.c"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment;
  filename="libelftest.c"
 
 #include <err.h>
 #include <fcntl.h>
 #include <libelf.h>
 #include <stdio.h>
 #include <sysexits.h>
 #include <unistd.h>
 
 int
 main(int argc, char *argv[])
 {
 	int	 	 fd;
 	Elf		*elf;
 	Elf_Scn		*scn;
 	Elf_Data	*data;
 	unsigned int	 elfversion;
 
 	elfversion = elf_version(EV_CURRENT);
 	printf("elfversion returned %u\n", elfversion);
 
 	fd = open(argv[argc-1], O_RDONLY);
 	if (fd == -1)
 		err(EX_NOINPUT, "%s", argv[argc-1]);
 
 	elf = elf_begin(fd, ELF_C_READ, NULL);
 	if (elf == NULL)
 		errx(EX_DATAERR, "%s: %s: %s", argv[argc-1], "elf_begin",
 		    elf_errmsg(elf_errno()));
 
 	/*
 	 * Section 0:
 	 */
 	scn = elf_getscn(elf, 0);
 	if (scn == NULL)
 		errx(EX_DATAERR, "%s: %s: %s", argv[argc-1], "elf_getscn",
 		    elf_errmsg(elf_errno()));
 	data = elf_getdata(scn, NULL);
 	if (data == NULL)
 		warnx("%s: %s: %s", argv[argc-1], "elf_getscn",
 		    elf_errmsg(elf_errno()));
 
 	/*
 	 * Enumerate through valid sections
 	 */
 	for (scn = elf_nextscn(elf, NULL); scn; scn = elf_nextscn(elf, scn)) {
 		data = elf_getdata(scn, NULL);
 		if (data == NULL) {
 			int		 errnum;
 			const char	*msg;
 
 			errnum = elf_errno();
 			msg = errnum ? elf_errmsg(errnum) : "errnum was zero";
 			if (errnum && msg)
 				printf("Section %zd has no data: %s\n",
 				    elf_ndxscn(scn), msg);
 			else
 				warnx("Section %zd: elf_getdata() return NULL "
 				    "without explanation", elf_ndxscn(scn));
 		} else {
 			printf("Section %zd has data %p\n",
 			    elf_ndxscn(scn), data);
 		}
 	}
 	return EX_OK;
 }
 
 --------------090000090100000008010002--

From: Mark Johnston <markj@freebsd.org>
To: bug-followup@FreeBSD.org, mi@aldan.algebra.com
Cc:  
Subject: Re: bin/175491: [libelf] elf_getdata may return NULL without setting
 error-message
Date: Sun, 17 Feb 2013 00:31:03 -0500

 --jousvV0MzM2p6OtC
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 
 Looks like this was fixed in upstream libelf with r1765 and r1766. The
 same bug exists in elf_rawdata(), and this han't been fixed upstream
 either. I'll try to get this fixed both upstream and in FreeBSD's
 libelf; in the meantime, the attached patch should fix the problem.
 
 -Mark
 
 --jousvV0MzM2p6OtC
 Content-Type: text/x-diff; charset=us-ascii
 Content-Disposition: attachment; filename="libelf_nullscn.diff"
 
 diff --git a/lib/libelf/elf_data.c b/lib/libelf/elf_data.c
 index c34c4ad..d3bd390 100644
 --- a/lib/libelf/elf_data.c
 +++ b/lib/libelf/elf_data.c
 @@ -78,8 +78,10 @@ elf_getdata(Elf_Scn *s, Elf_Data *d)
  		sh_align  = s->s_shdr.s_shdr64.sh_addralign;
  	}
  
 -	if (sh_type == SHT_NULL)
 +	if (sh_type == SHT_NULL) {
 +		LIBELF_SET_ERROR(SECTION, 0);
  		return (NULL);
 +	}
  
  	if ((elftype = _libelf_xlate_shtype(sh_type)) < ELF_T_FIRST ||
  	    elftype > ELF_T_LAST || (sh_type != SHT_NOBITS &&
 @@ -219,8 +221,10 @@ elf_rawdata(Elf_Scn *s, Elf_Data *d)
  		sh_align  = s->s_shdr.s_shdr64.sh_addralign;
  	}
  
 -	if (sh_type == SHT_NULL)
 +	if (sh_type == SHT_NULL) {
 +		LIBELF_SET_ERROR(SECTION, 0);
  		return (NULL);
 +	}
  
  	if ((d = _libelf_allocate_data(s)) == NULL)
  		return (NULL);
 
 --jousvV0MzM2p6OtC--
State-Changed-From-To: open->analyzed 
State-Changed-By: markj 
State-Changed-When: Mon Feb 18 05:04:08 UTC 2013 
State-Changed-Why:  
I'll take it. 


Responsible-Changed-From-To: freebsd-bugs->markj 
Responsible-Changed-By: markj 
Responsible-Changed-When: Mon Feb 18 05:04:08 UTC 2013 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=175491 
State-Changed-From-To: analyzed->patched 
State-Changed-By: markj 
State-Changed-When: Tue Feb 19 03:25:20 UTC 2013 
State-Changed-Why:  
Fixed in r246978. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=175491 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/175491: commit references a PR
Date: Tue, 19 Feb 2013 03:23:26 +0000 (UTC)

 Author: markj
 Date: Tue Feb 19 03:23:13 2013
 New Revision: 246978
 URL: http://svnweb.freebsd.org/changeset/base/246978
 
 Log:
   - Make sure to set an error code when trying to obtain a data descriptor for
     a section of type SHT_NULL.
   - Update the man page to reflect the fact that elf_getdata() and
     elf_rawdata() may return with an error of ELF_E_SECTION.
   
   PR:		bin/175491
   Approved by:	emaste (co-mentor)
   MFC after:	1 week
 
 Modified:
   head/lib/libelf/elf_data.c
   head/lib/libelf/elf_getdata.3
 
 Modified: head/lib/libelf/elf_data.c
 ==============================================================================
 --- head/lib/libelf/elf_data.c	Tue Feb 19 02:51:31 2013	(r246977)
 +++ head/lib/libelf/elf_data.c	Tue Feb 19 03:23:13 2013	(r246978)
 @@ -78,8 +78,10 @@ elf_getdata(Elf_Scn *s, Elf_Data *d)
  		sh_align  = s->s_shdr.s_shdr64.sh_addralign;
  	}
  
 -	if (sh_type == SHT_NULL)
 +	if (sh_type == SHT_NULL) {
 +		LIBELF_SET_ERROR(SECTION, 0);
  		return (NULL);
 +	}
  
  	if ((elftype = _libelf_xlate_shtype(sh_type)) < ELF_T_FIRST ||
  	    elftype > ELF_T_LAST || (sh_type != SHT_NOBITS &&
 @@ -219,8 +221,10 @@ elf_rawdata(Elf_Scn *s, Elf_Data *d)
  		sh_align  = s->s_shdr.s_shdr64.sh_addralign;
  	}
  
 -	if (sh_type == SHT_NULL)
 +	if (sh_type == SHT_NULL) {
 +		LIBELF_SET_ERROR(SECTION, 0);
  		return (NULL);
 +	}
  
  	if ((d = _libelf_allocate_data(s)) == NULL)
  		return (NULL);
 
 Modified: head/lib/libelf/elf_getdata.3
 ==============================================================================
 --- head/lib/libelf/elf_getdata.3	Tue Feb 19 02:51:31 2013	(r246977)
 +++ head/lib/libelf/elf_getdata.3	Tue Feb 19 03:23:13 2013	(r246978)
 @@ -23,7 +23,7 @@
  .\"
  .\" $FreeBSD$
  .\"
 -.Dd January 26, 2011
 +.Dd February 18, 2013
  .Dt ELF_GETDATA 3
  .Os
  .Sh NAME
 @@ -186,6 +186,23 @@ was not associated with section descript
  .Ar scn .
  .It Bq Er ELF_E_RESOURCE
  An out of memory condition was detected.
 +.It Bq Er ELF_E_SECTION
 +Section
 +.Ar scn
 +had type
 +.Dv SHT_NULL .
 +.It Bq Er ELF_E_SECTION
 +The type of the section
 +.Ar scn
 +was not recognized by the library.
 +.It Bq Er ELF_E_SECTION
 +The size of the section
 +.Ar scn
 +is not a multiple of the file size for its section type.
 +.It Bq Er ELF_E_SECTION
 +The file offset for section
 +.Ar scn
 +is incorrect.
  .El
  .Sh SEE ALSO
  .Xr elf 3 ,
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: patched->closed 
State-Changed-By: markj 
State-Changed-When: Sun Mar 3 19:05:43 UTC 2013 
State-Changed-Why:  
Merged to stable/8 in r247723 and stable/9 in r247724. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=175491 
>Unformatted:
