1 use alloc::fmt; 2 use alloc::vec::Vec; 3 use core::convert::TryInto; 4 use core::str; 5 6 use super::{CoffCommon, SectionTable}; 7 use crate::endian::{LittleEndian as LE, U32Bytes}; 8 use crate::pe; 9 use crate::pod::{bytes_of_slice, Pod}; 10 use crate::read::util::StringTable; 11 use crate::read::{ 12 self, Bytes, ObjectSymbol, ObjectSymbolTable, ReadError, ReadRef, Result, SectionIndex, 13 SymbolFlags, SymbolIndex, SymbolKind, SymbolMap, SymbolMapEntry, SymbolScope, SymbolSection, 14 }; 15 16 /// A table of symbol entries in a COFF or PE file. 17 /// 18 /// Also includes the string table used for the symbol names. 19 #[derive(Debug)] 20 pub struct SymbolTable<'data, R = &'data [u8]> 21 where 22 R: ReadRef<'data>, 23 { 24 symbols: &'data [pe::ImageSymbolBytes], 25 strings: StringTable<'data, R>, 26 } 27 28 impl<'data, R: ReadRef<'data>> SymbolTable<'data, R> { 29 /// Read the symbol table. parse(header: &pe::ImageFileHeader, data: R) -> Result<Self>30 pub fn parse(header: &pe::ImageFileHeader, data: R) -> Result<Self> { 31 // The symbol table may not be present. 32 let mut offset = header.pointer_to_symbol_table.get(LE).into(); 33 let (symbols, strings) = if offset != 0 { 34 let symbols = data 35 .read_slice(&mut offset, header.number_of_symbols.get(LE) as usize) 36 .read_error("Invalid COFF symbol table offset or size")?; 37 38 // Note: don't update data when reading length; the length includes itself. 39 let length = data 40 .read_at::<U32Bytes<_>>(offset) 41 .read_error("Missing COFF string table")? 42 .get(LE); 43 let str_end = offset 44 .checked_add(length as u64) 45 .read_error("Invalid COFF string table length")?; 46 let strings = StringTable::new(data, offset, str_end); 47 48 (symbols, strings) 49 } else { 50 (&[][..], StringTable::default()) 51 }; 52 53 Ok(SymbolTable { symbols, strings }) 54 } 55 56 /// Return the string table used for the symbol names. 57 #[inline] strings(&self) -> StringTable<'data, R>58 pub fn strings(&self) -> StringTable<'data, R> { 59 self.strings 60 } 61 62 /// Return true if the symbol table is empty. 63 #[inline] is_empty(&self) -> bool64 pub fn is_empty(&self) -> bool { 65 self.symbols.is_empty() 66 } 67 68 /// The number of symbol table entries. 69 /// 70 /// This includes auxiliary symbol table entries. 71 #[inline] len(&self) -> usize72 pub fn len(&self) -> usize { 73 self.symbols.len() 74 } 75 76 /// Iterate over the symbols. 77 #[inline] iter<'table>(&'table self) -> SymbolIterator<'data, 'table, R>78 pub fn iter<'table>(&'table self) -> SymbolIterator<'data, 'table, R> { 79 SymbolIterator { 80 symbols: self, 81 index: 0, 82 } 83 } 84 85 /// Return the symbol table entry at the given index. 86 #[inline] symbol(&self, index: usize) -> Result<&'data pe::ImageSymbol>87 pub fn symbol(&self, index: usize) -> Result<&'data pe::ImageSymbol> { 88 self.get::<pe::ImageSymbol>(index, 0) 89 } 90 91 /// Return the auxiliary function symbol for the symbol table entry at the given index. 92 /// 93 /// Note that the index is of the symbol, not the first auxiliary record. 94 #[inline] aux_function(&self, index: usize) -> Result<&'data pe::ImageAuxSymbolFunction>95 pub fn aux_function(&self, index: usize) -> Result<&'data pe::ImageAuxSymbolFunction> { 96 self.get::<pe::ImageAuxSymbolFunction>(index, 1) 97 } 98 99 /// Return the auxiliary section symbol for the symbol table entry at the given index. 100 /// 101 /// Note that the index is of the symbol, not the first auxiliary record. 102 #[inline] aux_section(&self, index: usize) -> Result<&'data pe::ImageAuxSymbolSection>103 pub fn aux_section(&self, index: usize) -> Result<&'data pe::ImageAuxSymbolSection> { 104 self.get::<pe::ImageAuxSymbolSection>(index, 1) 105 } 106 107 /// Return the auxiliary file name for the symbol table entry at the given index. 108 /// 109 /// Note that the index is of the symbol, not the first auxiliary record. aux_file_name(&self, index: usize, aux_count: u8) -> Result<&'data [u8]>110 pub fn aux_file_name(&self, index: usize, aux_count: u8) -> Result<&'data [u8]> { 111 let entries = index 112 .checked_add(1) 113 .and_then(|x| Some(x..x.checked_add(aux_count.into())?)) 114 .and_then(|x| self.symbols.get(x)) 115 .read_error("Invalid COFF symbol index")?; 116 let bytes = bytes_of_slice(entries); 117 // The name is padded with nulls. 118 Ok(match memchr::memchr(b'\0', bytes) { 119 Some(end) => &bytes[..end], 120 None => bytes, 121 }) 122 } 123 124 /// Return the symbol table entry or auxiliary record at the given index and offset. get<T: Pod>(&self, index: usize, offset: usize) -> Result<&'data T>125 pub fn get<T: Pod>(&self, index: usize, offset: usize) -> Result<&'data T> { 126 let bytes = index 127 .checked_add(offset) 128 .and_then(|x| self.symbols.get(x)) 129 .read_error("Invalid COFF symbol index")?; 130 Bytes(&bytes.0[..]) 131 .read() 132 .read_error("Invalid COFF symbol data") 133 } 134 135 /// Construct a map from addresses to a user-defined map entry. map<Entry: SymbolMapEntry, F: Fn(&'data pe::ImageSymbol) -> Option<Entry>>( &self, f: F, ) -> SymbolMap<Entry>136 pub fn map<Entry: SymbolMapEntry, F: Fn(&'data pe::ImageSymbol) -> Option<Entry>>( 137 &self, 138 f: F, 139 ) -> SymbolMap<Entry> { 140 let mut symbols = Vec::with_capacity(self.symbols.len()); 141 for (_, symbol) in self.iter() { 142 if !symbol.is_definition() { 143 continue; 144 } 145 if let Some(entry) = f(symbol) { 146 symbols.push(entry); 147 } 148 } 149 SymbolMap::new(symbols) 150 } 151 } 152 153 /// An iterator for symbol entries in a COFF or PE file. 154 /// 155 /// Yields the index and symbol structure for each symbol. 156 #[derive(Debug)] 157 pub struct SymbolIterator<'data, 'table, R = &'data [u8]> 158 where 159 R: ReadRef<'data>, 160 { 161 symbols: &'table SymbolTable<'data, R>, 162 index: usize, 163 } 164 165 impl<'data, 'table, R: ReadRef<'data>> Iterator for SymbolIterator<'data, 'table, R> { 166 type Item = (usize, &'data pe::ImageSymbol); 167 next(&mut self) -> Option<Self::Item>168 fn next(&mut self) -> Option<Self::Item> { 169 let index = self.index; 170 let symbol = self.symbols.symbol(index).ok()?; 171 self.index += 1 + symbol.number_of_aux_symbols as usize; 172 Some((index, symbol)) 173 } 174 } 175 176 impl pe::ImageSymbol { 177 /// Parse a COFF symbol name. 178 /// 179 /// `strings` must be the string table used for symbol names. name<'data, R: ReadRef<'data>>( &'data self, strings: StringTable<'data, R>, ) -> Result<&'data [u8]>180 pub fn name<'data, R: ReadRef<'data>>( 181 &'data self, 182 strings: StringTable<'data, R>, 183 ) -> Result<&'data [u8]> { 184 if self.name[0] == 0 { 185 // If the name starts with 0 then the last 4 bytes are a string table offset. 186 let offset = u32::from_le_bytes(self.name[4..8].try_into().unwrap()); 187 strings 188 .get(offset) 189 .read_error("Invalid COFF symbol name offset") 190 } else { 191 // The name is inline and padded with nulls. 192 Ok(match memchr::memchr(b'\0', &self.name) { 193 Some(end) => &self.name[..end], 194 None => &self.name[..], 195 }) 196 } 197 } 198 199 /// Return the symbol address. 200 /// 201 /// This takes into account the image base and the section address. address(&self, image_base: u64, sections: &SectionTable) -> Result<u64>202 pub fn address(&self, image_base: u64, sections: &SectionTable) -> Result<u64> { 203 let section_number = self.section_number.get(LE) as usize; 204 let section = sections.section(section_number)?; 205 let virtual_address = u64::from(section.virtual_address.get(LE)); 206 let value = u64::from(self.value.get(LE)); 207 Ok(image_base + virtual_address + value) 208 } 209 210 /// Return true if the symbol is a definition of a function or data object. is_definition(&self) -> bool211 pub fn is_definition(&self) -> bool { 212 let section_number = self.section_number.get(LE); 213 if section_number == pe::IMAGE_SYM_UNDEFINED { 214 return false; 215 } 216 match self.storage_class { 217 pe::IMAGE_SYM_CLASS_STATIC => { 218 // Exclude section symbols. 219 !(self.value.get(LE) == 0 && self.number_of_aux_symbols > 0) 220 } 221 pe::IMAGE_SYM_CLASS_EXTERNAL | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL => true, 222 _ => false, 223 } 224 } 225 226 /// Return true if the symbol has an auxiliary file name. has_aux_file_name(&self) -> bool227 pub fn has_aux_file_name(&self) -> bool { 228 self.number_of_aux_symbols > 0 && self.storage_class == pe::IMAGE_SYM_CLASS_FILE 229 } 230 231 /// Return true if the symbol has an auxiliary function symbol. has_aux_function(&self) -> bool232 pub fn has_aux_function(&self) -> bool { 233 self.number_of_aux_symbols > 0 && self.derived_type() == pe::IMAGE_SYM_DTYPE_FUNCTION 234 } 235 236 /// Return true if the symbol has an auxiliary section symbol. has_aux_section(&self) -> bool237 pub fn has_aux_section(&self) -> bool { 238 self.number_of_aux_symbols > 0 239 && self.storage_class == pe::IMAGE_SYM_CLASS_STATIC 240 && self.value.get(LE) == 0 241 } 242 } 243 244 /// A symbol table of a `CoffFile`. 245 #[derive(Debug, Clone, Copy)] 246 pub struct CoffSymbolTable<'data, 'file, R = &'data [u8]> 247 where 248 R: ReadRef<'data>, 249 { 250 pub(crate) file: &'file CoffCommon<'data, R>, 251 } 252 253 impl<'data, 'file, R: ReadRef<'data>> read::private::Sealed for CoffSymbolTable<'data, 'file, R> {} 254 255 impl<'data, 'file, R: ReadRef<'data>> ObjectSymbolTable<'data> 256 for CoffSymbolTable<'data, 'file, R> 257 { 258 type Symbol = CoffSymbol<'data, 'file, R>; 259 type SymbolIterator = CoffSymbolIterator<'data, 'file, R>; 260 symbols(&self) -> Self::SymbolIterator261 fn symbols(&self) -> Self::SymbolIterator { 262 CoffSymbolIterator { 263 file: self.file, 264 index: 0, 265 } 266 } 267 symbol_by_index(&self, index: SymbolIndex) -> Result<Self::Symbol>268 fn symbol_by_index(&self, index: SymbolIndex) -> Result<Self::Symbol> { 269 let symbol = self.file.symbols.symbol(index.0)?; 270 Ok(CoffSymbol { 271 file: self.file, 272 index, 273 symbol, 274 }) 275 } 276 } 277 278 /// An iterator over the symbols of a `CoffFile`. 279 pub struct CoffSymbolIterator<'data, 'file, R = &'data [u8]> 280 where 281 R: ReadRef<'data>, 282 { 283 pub(crate) file: &'file CoffCommon<'data, R>, 284 pub(crate) index: usize, 285 } 286 287 impl<'data, 'file, R: ReadRef<'data>> fmt::Debug for CoffSymbolIterator<'data, 'file, R> { fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result288 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { 289 f.debug_struct("CoffSymbolIterator").finish() 290 } 291 } 292 293 impl<'data, 'file, R: ReadRef<'data>> Iterator for CoffSymbolIterator<'data, 'file, R> { 294 type Item = CoffSymbol<'data, 'file, R>; 295 next(&mut self) -> Option<Self::Item>296 fn next(&mut self) -> Option<Self::Item> { 297 let index = self.index; 298 let symbol = self.file.symbols.symbol(index).ok()?; 299 self.index += 1 + symbol.number_of_aux_symbols as usize; 300 Some(CoffSymbol { 301 file: self.file, 302 index: SymbolIndex(index), 303 symbol, 304 }) 305 } 306 } 307 308 /// A symbol of a `CoffFile`. 309 #[derive(Debug, Clone, Copy)] 310 pub struct CoffSymbol<'data, 'file, R = &'data [u8]> 311 where 312 R: ReadRef<'data>, 313 { 314 pub(crate) file: &'file CoffCommon<'data, R>, 315 pub(crate) index: SymbolIndex, 316 pub(crate) symbol: &'data pe::ImageSymbol, 317 } 318 319 impl<'data, 'file, R: ReadRef<'data>> read::private::Sealed for CoffSymbol<'data, 'file, R> {} 320 321 impl<'data, 'file, R: ReadRef<'data>> ObjectSymbol<'data> for CoffSymbol<'data, 'file, R> { 322 #[inline] index(&self) -> SymbolIndex323 fn index(&self) -> SymbolIndex { 324 self.index 325 } 326 name_bytes(&self) -> read::Result<&'data [u8]>327 fn name_bytes(&self) -> read::Result<&'data [u8]> { 328 if self.symbol.has_aux_file_name() { 329 self.file 330 .symbols 331 .aux_file_name(self.index.0, self.symbol.number_of_aux_symbols) 332 } else { 333 self.symbol.name(self.file.symbols.strings()) 334 } 335 } 336 name(&self) -> read::Result<&'data str>337 fn name(&self) -> read::Result<&'data str> { 338 let name = self.name_bytes()?; 339 str::from_utf8(name) 340 .ok() 341 .read_error("Non UTF-8 COFF symbol name") 342 } 343 address(&self) -> u64344 fn address(&self) -> u64 { 345 // Only return an address for storage classes that we know use an address. 346 match self.symbol.storage_class { 347 pe::IMAGE_SYM_CLASS_STATIC 348 | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL 349 | pe::IMAGE_SYM_CLASS_LABEL => {} 350 pe::IMAGE_SYM_CLASS_EXTERNAL => { 351 if self.symbol.section_number.get(LE) == pe::IMAGE_SYM_UNDEFINED { 352 // Undefined or common data, neither of which have an address. 353 return 0; 354 } 355 } 356 _ => return 0, 357 } 358 self.symbol 359 .address(self.file.image_base, &self.file.sections) 360 .unwrap_or(0) 361 } 362 size(&self) -> u64363 fn size(&self) -> u64 { 364 match self.symbol.storage_class { 365 pe::IMAGE_SYM_CLASS_STATIC => { 366 // Section symbols may duplicate the size from the section table. 367 if self.symbol.has_aux_section() { 368 if let Ok(aux) = self.file.symbols.aux_section(self.index.0) { 369 u64::from(aux.length.get(LE)) 370 } else { 371 0 372 } 373 } else { 374 0 375 } 376 } 377 pe::IMAGE_SYM_CLASS_EXTERNAL => { 378 if self.symbol.section_number.get(LE) == pe::IMAGE_SYM_UNDEFINED { 379 // For undefined symbols, symbol.value is 0 and the size is 0. 380 // For common data, symbol.value is the size. 381 u64::from(self.symbol.value.get(LE)) 382 } else if self.symbol.has_aux_function() { 383 // Function symbols may have a size. 384 if let Ok(aux) = self.file.symbols.aux_function(self.index.0) { 385 u64::from(aux.total_size.get(LE)) 386 } else { 387 0 388 } 389 } else { 390 0 391 } 392 } 393 // Most symbols don't have sizes. 394 _ => 0, 395 } 396 } 397 kind(&self) -> SymbolKind398 fn kind(&self) -> SymbolKind { 399 let derived_kind = if self.symbol.derived_type() == pe::IMAGE_SYM_DTYPE_FUNCTION { 400 SymbolKind::Text 401 } else { 402 SymbolKind::Data 403 }; 404 match self.symbol.storage_class { 405 pe::IMAGE_SYM_CLASS_STATIC => { 406 if self.symbol.value.get(LE) == 0 && self.symbol.number_of_aux_symbols > 0 { 407 SymbolKind::Section 408 } else { 409 derived_kind 410 } 411 } 412 pe::IMAGE_SYM_CLASS_EXTERNAL | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL => derived_kind, 413 pe::IMAGE_SYM_CLASS_SECTION => SymbolKind::Section, 414 pe::IMAGE_SYM_CLASS_FILE => SymbolKind::File, 415 pe::IMAGE_SYM_CLASS_LABEL => SymbolKind::Label, 416 _ => SymbolKind::Unknown, 417 } 418 } 419 section(&self) -> SymbolSection420 fn section(&self) -> SymbolSection { 421 match self.symbol.section_number.get(LE) { 422 pe::IMAGE_SYM_UNDEFINED => { 423 if self.symbol.storage_class == pe::IMAGE_SYM_CLASS_EXTERNAL 424 && self.symbol.value.get(LE) == 0 425 { 426 SymbolSection::Undefined 427 } else { 428 SymbolSection::Common 429 } 430 } 431 pe::IMAGE_SYM_ABSOLUTE => SymbolSection::Absolute, 432 pe::IMAGE_SYM_DEBUG => { 433 if self.symbol.storage_class == pe::IMAGE_SYM_CLASS_FILE { 434 SymbolSection::None 435 } else { 436 SymbolSection::Unknown 437 } 438 } 439 index if index > 0 => SymbolSection::Section(SectionIndex(index.into())), 440 _ => SymbolSection::Unknown, 441 } 442 } 443 444 #[inline] is_undefined(&self) -> bool445 fn is_undefined(&self) -> bool { 446 self.symbol.storage_class == pe::IMAGE_SYM_CLASS_EXTERNAL 447 && self.symbol.section_number.get(LE) == pe::IMAGE_SYM_UNDEFINED 448 && self.symbol.value.get(LE) == 0 449 } 450 451 #[inline] is_definition(&self) -> bool452 fn is_definition(&self) -> bool { 453 self.symbol.is_definition() 454 } 455 456 #[inline] is_common(&self) -> bool457 fn is_common(&self) -> bool { 458 self.symbol.storage_class == pe::IMAGE_SYM_CLASS_EXTERNAL 459 && self.symbol.section_number.get(LE) == pe::IMAGE_SYM_UNDEFINED 460 && self.symbol.value.get(LE) != 0 461 } 462 463 #[inline] is_weak(&self) -> bool464 fn is_weak(&self) -> bool { 465 self.symbol.storage_class == pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL 466 } 467 468 #[inline] scope(&self) -> SymbolScope469 fn scope(&self) -> SymbolScope { 470 match self.symbol.storage_class { 471 pe::IMAGE_SYM_CLASS_EXTERNAL | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL => { 472 // TODO: determine if symbol is exported 473 SymbolScope::Linkage 474 } 475 _ => SymbolScope::Compilation, 476 } 477 } 478 479 #[inline] is_global(&self) -> bool480 fn is_global(&self) -> bool { 481 match self.symbol.storage_class { 482 pe::IMAGE_SYM_CLASS_EXTERNAL | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL => true, 483 _ => false, 484 } 485 } 486 487 #[inline] is_local(&self) -> bool488 fn is_local(&self) -> bool { 489 !self.is_global() 490 } 491 flags(&self) -> SymbolFlags<SectionIndex>492 fn flags(&self) -> SymbolFlags<SectionIndex> { 493 if self.symbol.has_aux_section() { 494 if let Ok(aux) = self.file.symbols.aux_section(self.index.0) { 495 // TODO: use high_number for bigobj 496 let number = aux.number.get(LE) as usize; 497 return SymbolFlags::CoffSection { 498 selection: aux.selection, 499 associative_section: if number == 0 { 500 None 501 } else { 502 Some(SectionIndex(number)) 503 }, 504 }; 505 } 506 } 507 SymbolFlags::None 508 } 509 } 510