1 use alloc::fmt; 2 use alloc::vec::Vec; 3 use core::convert::TryInto; 4 use core::str; 5 6 use super::{CoffCommon, SectionTable}; 7 use crate::endian::{LittleEndian as LE, U32Bytes}; 8 use crate::pe; 9 use crate::pod::{bytes_of_slice, Bytes, Pod}; 10 use crate::read::util::StringTable; 11 use crate::read::{ 12 self, ObjectSymbol, ObjectSymbolTable, ReadError, ReadRef, Result, SectionIndex, SymbolFlags, 13 SymbolIndex, SymbolKind, SymbolMap, SymbolMapEntry, SymbolScope, SymbolSection, 14 }; 15 16 /// A table of symbol entries in a COFF or PE file. 17 /// 18 /// Also includes the string table used for the symbol names. 19 #[derive(Debug)] 20 pub struct SymbolTable<'data> { 21 symbols: &'data [pe::ImageSymbolBytes], 22 strings: StringTable<'data>, 23 } 24 25 impl<'data> SymbolTable<'data> { 26 /// Read the symbol table. parse<R: ReadRef<'data>>(header: &pe::ImageFileHeader, data: R) -> Result<Self>27 pub fn parse<R: ReadRef<'data>>(header: &pe::ImageFileHeader, data: R) -> Result<Self> { 28 // The symbol table may not be present. 29 let mut offset = header.pointer_to_symbol_table.get(LE).into(); 30 let (symbols, strings) = if offset != 0 { 31 let symbols = data 32 .read_slice(&mut offset, header.number_of_symbols.get(LE) as usize) 33 .read_error("Invalid COFF symbol table offset or size")?; 34 35 // Note: don't update data when reading length; the length includes itself. 36 let length = data 37 .read_at::<U32Bytes<_>>(offset) 38 .read_error("Missing COFF string table")? 39 .get(LE); 40 let strings = data 41 .read_bytes(&mut offset, length.into()) 42 .read_error("Invalid COFF string table length")?; 43 44 (symbols, strings) 45 } else { 46 (&[][..], &[][..]) 47 }; 48 49 Ok(SymbolTable { 50 symbols, 51 strings: StringTable::new(strings), 52 }) 53 } 54 55 /// Return the string table used for the symbol names. 56 #[inline] strings(&self) -> StringTable<'data>57 pub fn strings(&self) -> StringTable<'data> { 58 self.strings 59 } 60 61 /// Return true if the symbol table is empty. 62 #[inline] is_empty(&self) -> bool63 pub fn is_empty(&self) -> bool { 64 self.symbols.is_empty() 65 } 66 67 /// The number of symbol table entries. 68 /// 69 /// This includes auxiliary symbol table entries. 70 #[inline] len(&self) -> usize71 pub fn len(&self) -> usize { 72 self.symbols.len() 73 } 74 75 /// Iterate over the symbols. 76 #[inline] iter<'table>(&'table self) -> SymbolIterator<'data, 'table>77 pub fn iter<'table>(&'table self) -> SymbolIterator<'data, 'table> { 78 SymbolIterator { 79 symbols: self, 80 index: 0, 81 } 82 } 83 84 /// Return the symbol table entry at the given index. 85 #[inline] symbol(&self, index: usize) -> Result<&'data pe::ImageSymbol>86 pub fn symbol(&self, index: usize) -> Result<&'data pe::ImageSymbol> { 87 self.get::<pe::ImageSymbol>(index, 0) 88 } 89 90 /// Return the auxiliary function symbol for the symbol table entry at the given index. 91 /// 92 /// Note that the index is of the symbol, not the first auxiliary record. 93 #[inline] aux_function(&self, index: usize) -> Result<&'data pe::ImageAuxSymbolFunction>94 pub fn aux_function(&self, index: usize) -> Result<&'data pe::ImageAuxSymbolFunction> { 95 self.get::<pe::ImageAuxSymbolFunction>(index, 1) 96 } 97 98 /// Return the auxiliary section symbol for the symbol table entry at the given index. 99 /// 100 /// Note that the index is of the symbol, not the first auxiliary record. 101 #[inline] aux_section(&self, index: usize) -> Result<&'data pe::ImageAuxSymbolSection>102 pub fn aux_section(&self, index: usize) -> Result<&'data pe::ImageAuxSymbolSection> { 103 self.get::<pe::ImageAuxSymbolSection>(index, 1) 104 } 105 106 /// Return the auxiliary file name for the symbol table entry at the given index. 107 /// 108 /// Note that the index is of the symbol, not the first auxiliary record. aux_file_name(&self, index: usize, aux_count: u8) -> Result<&'data [u8]>109 pub fn aux_file_name(&self, index: usize, aux_count: u8) -> Result<&'data [u8]> { 110 let entries = index 111 .checked_add(1) 112 .and_then(|x| Some(x..x.checked_add(aux_count.into())?)) 113 .and_then(|x| self.symbols.get(x)) 114 .read_error("Invalid COFF symbol index")?; 115 let bytes = bytes_of_slice(entries); 116 // The name is padded with nulls. 117 Ok(match memchr::memchr(b'\0', bytes) { 118 Some(end) => &bytes[..end], 119 None => bytes, 120 }) 121 } 122 123 /// Return the symbol table entry or auxiliary record at the given index and offset. get<T: Pod>(&self, index: usize, offset: usize) -> Result<&'data T>124 pub fn get<T: Pod>(&self, index: usize, offset: usize) -> Result<&'data T> { 125 let bytes = index 126 .checked_add(offset) 127 .and_then(|x| self.symbols.get(x)) 128 .read_error("Invalid COFF symbol index")?; 129 Bytes(&bytes.0[..]) 130 .read() 131 .read_error("Invalid COFF symbol data") 132 } 133 134 /// Construct a map from addresses to a user-defined map entry. map<Entry: SymbolMapEntry, F: Fn(&'data pe::ImageSymbol) -> Option<Entry>>( &self, f: F, ) -> SymbolMap<Entry>135 pub fn map<Entry: SymbolMapEntry, F: Fn(&'data pe::ImageSymbol) -> Option<Entry>>( 136 &self, 137 f: F, 138 ) -> SymbolMap<Entry> { 139 let mut symbols = Vec::with_capacity(self.symbols.len()); 140 for (_, symbol) in self.iter() { 141 if !symbol.is_definition() { 142 continue; 143 } 144 if let Some(entry) = f(symbol) { 145 symbols.push(entry); 146 } 147 } 148 SymbolMap::new(symbols) 149 } 150 } 151 152 /// An iterator for symbol entries in a COFF or PE file. 153 /// 154 /// Yields the index and symbol structure for each symbol. 155 #[derive(Debug)] 156 pub struct SymbolIterator<'data, 'table> { 157 symbols: &'table SymbolTable<'data>, 158 index: usize, 159 } 160 161 impl<'data, 'table> Iterator for SymbolIterator<'data, 'table> { 162 type Item = (usize, &'data pe::ImageSymbol); 163 next(&mut self) -> Option<Self::Item>164 fn next(&mut self) -> Option<Self::Item> { 165 let index = self.index; 166 let symbol = self.symbols.symbol(index).ok()?; 167 self.index += 1 + symbol.number_of_aux_symbols as usize; 168 Some((index, symbol)) 169 } 170 } 171 172 impl pe::ImageSymbol { 173 /// Parse a COFF symbol name. 174 /// 175 /// `strings` must be the string table used for symbol names. name<'data>(&'data self, strings: StringTable<'data>) -> Result<&'data [u8]>176 pub fn name<'data>(&'data self, strings: StringTable<'data>) -> Result<&'data [u8]> { 177 if self.name[0] == 0 { 178 // If the name starts with 0 then the last 4 bytes are a string table offset. 179 let offset = u32::from_le_bytes(self.name[4..8].try_into().unwrap()); 180 strings 181 .get(offset) 182 .read_error("Invalid COFF symbol name offset") 183 } else { 184 // The name is inline and padded with nulls. 185 Ok(match memchr::memchr(b'\0', &self.name) { 186 Some(end) => &self.name[..end], 187 None => &self.name[..], 188 }) 189 } 190 } 191 192 /// Return the symbol address. 193 /// 194 /// This takes into account the image base and the section address. address(&self, image_base: u64, sections: &SectionTable) -> Result<u64>195 pub fn address(&self, image_base: u64, sections: &SectionTable) -> Result<u64> { 196 let section_number = self.section_number.get(LE) as usize; 197 let section = sections.section(section_number)?; 198 let virtual_address = u64::from(section.virtual_address.get(LE)); 199 let value = u64::from(self.value.get(LE)); 200 Ok(image_base + virtual_address + value) 201 } 202 203 /// Return true if the symbol is a definition of a function or data object. is_definition(&self) -> bool204 pub fn is_definition(&self) -> bool { 205 let section_number = self.section_number.get(LE); 206 if section_number == pe::IMAGE_SYM_UNDEFINED { 207 return false; 208 } 209 match self.storage_class { 210 pe::IMAGE_SYM_CLASS_STATIC => { 211 // Exclude section symbols. 212 !(self.value.get(LE) == 0 && self.number_of_aux_symbols > 0) 213 } 214 pe::IMAGE_SYM_CLASS_EXTERNAL | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL => true, 215 _ => false, 216 } 217 } 218 219 /// Return true if the symbol has an auxiliary file name. has_aux_file_name(&self) -> bool220 pub fn has_aux_file_name(&self) -> bool { 221 self.number_of_aux_symbols > 0 && self.storage_class == pe::IMAGE_SYM_CLASS_FILE 222 } 223 224 /// Return true if the symbol has an auxiliary function symbol. has_aux_function(&self) -> bool225 pub fn has_aux_function(&self) -> bool { 226 self.number_of_aux_symbols > 0 && self.derived_type() == pe::IMAGE_SYM_DTYPE_FUNCTION 227 } 228 229 /// Return true if the symbol has an auxiliary section symbol. has_aux_section(&self) -> bool230 pub fn has_aux_section(&self) -> bool { 231 self.number_of_aux_symbols > 0 232 && self.storage_class == pe::IMAGE_SYM_CLASS_STATIC 233 && self.value.get(LE) == 0 234 } 235 } 236 237 /// A symbol table of a `CoffFile`. 238 #[derive(Debug, Clone, Copy)] 239 pub struct CoffSymbolTable<'data, 'file> { 240 pub(crate) file: &'file CoffCommon<'data>, 241 } 242 243 impl<'data, 'file> read::private::Sealed for CoffSymbolTable<'data, 'file> {} 244 245 impl<'data, 'file> ObjectSymbolTable<'data> for CoffSymbolTable<'data, 'file> { 246 type Symbol = CoffSymbol<'data, 'file>; 247 type SymbolIterator = CoffSymbolIterator<'data, 'file>; 248 symbols(&self) -> Self::SymbolIterator249 fn symbols(&self) -> Self::SymbolIterator { 250 CoffSymbolIterator { 251 file: self.file, 252 index: 0, 253 } 254 } 255 symbol_by_index(&self, index: SymbolIndex) -> Result<Self::Symbol>256 fn symbol_by_index(&self, index: SymbolIndex) -> Result<Self::Symbol> { 257 let symbol = self.file.symbols.symbol(index.0)?; 258 Ok(CoffSymbol { 259 file: self.file, 260 index, 261 symbol, 262 }) 263 } 264 } 265 266 /// An iterator over the symbols of a `CoffFile`. 267 pub struct CoffSymbolIterator<'data, 'file> { 268 pub(crate) file: &'file CoffCommon<'data>, 269 pub(crate) index: usize, 270 } 271 272 impl<'data, 'file> fmt::Debug for CoffSymbolIterator<'data, 'file> { fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result273 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { 274 f.debug_struct("CoffSymbolIterator").finish() 275 } 276 } 277 278 impl<'data, 'file> Iterator for CoffSymbolIterator<'data, 'file> { 279 type Item = CoffSymbol<'data, 'file>; 280 next(&mut self) -> Option<Self::Item>281 fn next(&mut self) -> Option<Self::Item> { 282 let index = self.index; 283 let symbol = self.file.symbols.symbol(index).ok()?; 284 self.index += 1 + symbol.number_of_aux_symbols as usize; 285 Some(CoffSymbol { 286 file: self.file, 287 index: SymbolIndex(index), 288 symbol, 289 }) 290 } 291 } 292 293 /// A symbol of a `CoffFile`. 294 #[derive(Debug, Clone, Copy)] 295 pub struct CoffSymbol<'data, 'file> { 296 pub(crate) file: &'file CoffCommon<'data>, 297 pub(crate) index: SymbolIndex, 298 pub(crate) symbol: &'data pe::ImageSymbol, 299 } 300 301 impl<'data, 'file> read::private::Sealed for CoffSymbol<'data, 'file> {} 302 303 impl<'data, 'file> ObjectSymbol<'data> for CoffSymbol<'data, 'file> { 304 #[inline] index(&self) -> SymbolIndex305 fn index(&self) -> SymbolIndex { 306 self.index 307 } 308 name(&self) -> read::Result<&'data str>309 fn name(&self) -> read::Result<&'data str> { 310 let name = if self.symbol.has_aux_file_name() { 311 self.file 312 .symbols 313 .aux_file_name(self.index.0, self.symbol.number_of_aux_symbols)? 314 } else { 315 self.symbol.name(self.file.symbols.strings())? 316 }; 317 str::from_utf8(name) 318 .ok() 319 .read_error("Non UTF-8 COFF symbol name") 320 } 321 address(&self) -> u64322 fn address(&self) -> u64 { 323 // Only return an address for storage classes that we know use an address. 324 match self.symbol.storage_class { 325 pe::IMAGE_SYM_CLASS_STATIC 326 | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL 327 | pe::IMAGE_SYM_CLASS_LABEL => {} 328 pe::IMAGE_SYM_CLASS_EXTERNAL => { 329 if self.symbol.section_number.get(LE) == pe::IMAGE_SYM_UNDEFINED { 330 // Undefined or common data, neither of which have an address. 331 return 0; 332 } 333 } 334 _ => return 0, 335 } 336 self.symbol 337 .address(self.file.image_base, &self.file.sections) 338 .unwrap_or(0) 339 } 340 size(&self) -> u64341 fn size(&self) -> u64 { 342 match self.symbol.storage_class { 343 pe::IMAGE_SYM_CLASS_STATIC => { 344 // Section symbols may duplicate the size from the section table. 345 if self.symbol.has_aux_section() { 346 if let Ok(aux) = self.file.symbols.aux_section(self.index.0) { 347 u64::from(aux.length.get(LE)) 348 } else { 349 0 350 } 351 } else { 352 0 353 } 354 } 355 pe::IMAGE_SYM_CLASS_EXTERNAL => { 356 if self.symbol.section_number.get(LE) == pe::IMAGE_SYM_UNDEFINED { 357 // For undefined symbols, symbol.value is 0 and the size is 0. 358 // For common data, symbol.value is the size. 359 u64::from(self.symbol.value.get(LE)) 360 } else if self.symbol.has_aux_function() { 361 // Function symbols may have a size. 362 if let Ok(aux) = self.file.symbols.aux_function(self.index.0) { 363 u64::from(aux.total_size.get(LE)) 364 } else { 365 0 366 } 367 } else { 368 0 369 } 370 } 371 // Most symbols don't have sizes. 372 _ => 0, 373 } 374 } 375 kind(&self) -> SymbolKind376 fn kind(&self) -> SymbolKind { 377 let derived_kind = if self.symbol.derived_type() == pe::IMAGE_SYM_DTYPE_FUNCTION { 378 SymbolKind::Text 379 } else { 380 SymbolKind::Data 381 }; 382 match self.symbol.storage_class { 383 pe::IMAGE_SYM_CLASS_STATIC => { 384 if self.symbol.value.get(LE) == 0 && self.symbol.number_of_aux_symbols > 0 { 385 SymbolKind::Section 386 } else { 387 derived_kind 388 } 389 } 390 pe::IMAGE_SYM_CLASS_EXTERNAL | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL => derived_kind, 391 pe::IMAGE_SYM_CLASS_SECTION => SymbolKind::Section, 392 pe::IMAGE_SYM_CLASS_FILE => SymbolKind::File, 393 pe::IMAGE_SYM_CLASS_LABEL => SymbolKind::Label, 394 _ => SymbolKind::Unknown, 395 } 396 } 397 section(&self) -> SymbolSection398 fn section(&self) -> SymbolSection { 399 match self.symbol.section_number.get(LE) { 400 pe::IMAGE_SYM_UNDEFINED => { 401 if self.symbol.storage_class == pe::IMAGE_SYM_CLASS_EXTERNAL 402 && self.symbol.value.get(LE) == 0 403 { 404 SymbolSection::Undefined 405 } else { 406 SymbolSection::Common 407 } 408 } 409 pe::IMAGE_SYM_ABSOLUTE => SymbolSection::Absolute, 410 pe::IMAGE_SYM_DEBUG => { 411 if self.symbol.storage_class == pe::IMAGE_SYM_CLASS_FILE { 412 SymbolSection::None 413 } else { 414 SymbolSection::Unknown 415 } 416 } 417 index if index > 0 => SymbolSection::Section(SectionIndex(index.into())), 418 _ => SymbolSection::Unknown, 419 } 420 } 421 422 #[inline] is_undefined(&self) -> bool423 fn is_undefined(&self) -> bool { 424 self.symbol.storage_class == pe::IMAGE_SYM_CLASS_EXTERNAL 425 && self.symbol.section_number.get(LE) == pe::IMAGE_SYM_UNDEFINED 426 && self.symbol.value.get(LE) == 0 427 } 428 429 #[inline] is_definition(&self) -> bool430 fn is_definition(&self) -> bool { 431 self.symbol.is_definition() 432 } 433 434 #[inline] is_common(&self) -> bool435 fn is_common(&self) -> bool { 436 self.symbol.storage_class == pe::IMAGE_SYM_CLASS_EXTERNAL 437 && self.symbol.section_number.get(LE) == pe::IMAGE_SYM_UNDEFINED 438 && self.symbol.value.get(LE) != 0 439 } 440 441 #[inline] is_weak(&self) -> bool442 fn is_weak(&self) -> bool { 443 self.symbol.storage_class == pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL 444 } 445 446 #[inline] scope(&self) -> SymbolScope447 fn scope(&self) -> SymbolScope { 448 match self.symbol.storage_class { 449 pe::IMAGE_SYM_CLASS_EXTERNAL | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL => { 450 // TODO: determine if symbol is exported 451 SymbolScope::Linkage 452 } 453 _ => SymbolScope::Compilation, 454 } 455 } 456 457 #[inline] is_global(&self) -> bool458 fn is_global(&self) -> bool { 459 match self.symbol.storage_class { 460 pe::IMAGE_SYM_CLASS_EXTERNAL | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL => true, 461 _ => false, 462 } 463 } 464 465 #[inline] is_local(&self) -> bool466 fn is_local(&self) -> bool { 467 !self.is_global() 468 } 469 flags(&self) -> SymbolFlags<SectionIndex>470 fn flags(&self) -> SymbolFlags<SectionIndex> { 471 if self.symbol.has_aux_section() { 472 if let Ok(aux) = self.file.symbols.aux_section(self.index.0) { 473 // TODO: use high_number for bigobj 474 let number = aux.number.get(LE) as usize; 475 return SymbolFlags::CoffSection { 476 selection: aux.selection, 477 associative_section: if number == 0 { 478 None 479 } else { 480 Some(SectionIndex(number)) 481 }, 482 }; 483 } 484 } 485 SymbolFlags::None 486 } 487 } 488