1 use alloc::fmt; 2 use alloc::vec::Vec; 3 use core::convert::TryInto; 4 use core::str; 5 6 use super::{CoffCommon, SectionTable}; 7 use crate::endian::{LittleEndian as LE, U32Bytes}; 8 use crate::pe; 9 use crate::pod::{bytes_of_slice, Bytes, Pod}; 10 use crate::read::util::StringTable; 11 use crate::read::{ 12 self, ObjectSymbol, ObjectSymbolTable, ReadError, ReadRef, Result, SectionIndex, SymbolFlags, 13 SymbolIndex, SymbolKind, SymbolMap, SymbolMapEntry, SymbolScope, SymbolSection, 14 }; 15 16 /// A table of symbol entries in a COFF or PE file. 17 /// 18 /// Also includes the string table used for the symbol names. 19 #[derive(Debug)] 20 pub struct SymbolTable<'data> { 21 symbols: &'data [pe::ImageSymbolBytes], 22 strings: StringTable<'data>, 23 } 24 25 impl<'data> SymbolTable<'data> { 26 /// Read the symbol table. parse<R: ReadRef<'data>>(header: &pe::ImageFileHeader, data: R) -> Result<Self>27 pub fn parse<R: ReadRef<'data>>(header: &pe::ImageFileHeader, data: R) -> Result<Self> { 28 // The symbol table may not be present. 29 let mut offset = header.pointer_to_symbol_table.get(LE).into(); 30 let (symbols, strings) = if offset != 0 { 31 let symbols = data 32 .read_slice(&mut offset, header.number_of_symbols.get(LE) as usize) 33 .read_error("Invalid COFF symbol table offset or size")?; 34 35 // Note: don't update data when reading length; the length includes itself. 36 let length = data 37 .read_at::<U32Bytes<_>>(offset) 38 .read_error("Missing COFF string table")? 39 .get(LE); 40 let strings = data 41 .read_bytes(&mut offset, length.into()) 42 .read_error("Invalid COFF string table length")?; 43 44 (symbols, strings) 45 } else { 46 (&[][..], &[][..]) 47 }; 48 49 Ok(SymbolTable { 50 symbols, 51 strings: StringTable::new(strings), 52 }) 53 } 54 55 /// Return the string table used for the symbol names. 56 #[inline] strings(&self) -> StringTable<'data>57 pub fn strings(&self) -> StringTable<'data> { 58 self.strings 59 } 60 61 /// Return true if the symbol table is empty. 62 #[inline] is_empty(&self) -> bool63 pub fn is_empty(&self) -> bool { 64 self.symbols.is_empty() 65 } 66 67 /// The number of symbol table entries. 68 /// 69 /// This includes auxiliary symbol table entries. 70 #[inline] len(&self) -> usize71 pub fn len(&self) -> usize { 72 self.symbols.len() 73 } 74 75 /// Iterate over the symbols. 76 #[inline] iter<'table>(&'table self) -> SymbolIterator<'data, 'table>77 pub fn iter<'table>(&'table self) -> SymbolIterator<'data, 'table> { 78 SymbolIterator { 79 symbols: self, 80 index: 0, 81 } 82 } 83 84 /// Return the symbol table entry at the given index. 85 #[inline] symbol(&self, index: usize) -> Result<&'data pe::ImageSymbol>86 pub fn symbol(&self, index: usize) -> Result<&'data pe::ImageSymbol> { 87 self.get::<pe::ImageSymbol>(index, 0) 88 } 89 90 /// Return the auxiliary function symbol for the symbol table entry at the given index. 91 /// 92 /// Note that the index is of the symbol, not the first auxiliary record. 93 #[inline] aux_function(&self, index: usize) -> Result<&'data pe::ImageAuxSymbolFunction>94 pub fn aux_function(&self, index: usize) -> Result<&'data pe::ImageAuxSymbolFunction> { 95 self.get::<pe::ImageAuxSymbolFunction>(index, 1) 96 } 97 98 /// Return the auxiliary section symbol for the symbol table entry at the given index. 99 /// 100 /// Note that the index is of the symbol, not the first auxiliary record. 101 #[inline] aux_section(&self, index: usize) -> Result<&'data pe::ImageAuxSymbolSection>102 pub fn aux_section(&self, index: usize) -> Result<&'data pe::ImageAuxSymbolSection> { 103 self.get::<pe::ImageAuxSymbolSection>(index, 1) 104 } 105 106 /// Return the auxiliary file name for the symbol table entry at the given index. 107 /// 108 /// Note that the index is of the symbol, not the first auxiliary record. aux_file_name(&self, index: usize, aux_count: u8) -> Result<&'data [u8]>109 pub fn aux_file_name(&self, index: usize, aux_count: u8) -> Result<&'data [u8]> { 110 let entries = index 111 .checked_add(1) 112 .and_then(|x| Some(x..x.checked_add(aux_count.into())?)) 113 .and_then(|x| self.symbols.get(x)) 114 .read_error("Invalid COFF symbol index")?; 115 let bytes = bytes_of_slice(entries); 116 // The name is padded with nulls. 117 Ok(match bytes.iter().position(|&x| x == 0) { 118 Some(end) => &bytes[..end], 119 None => &bytes[..], 120 }) 121 } 122 123 /// Return the symbol table entry or auxiliary record at the given index and offset. get<T: Pod>(&self, index: usize, offset: usize) -> Result<&'data T>124 pub fn get<T: Pod>(&self, index: usize, offset: usize) -> Result<&'data T> { 125 let bytes = index 126 .checked_add(offset) 127 .and_then(|x| self.symbols.get(x)) 128 .read_error("Invalid COFF symbol index")?; 129 Bytes(&bytes.0[..]) 130 .read() 131 .read_error("Invalid COFF symbol data") 132 } 133 134 /// Construct a map from addresses to a user-defined map entry. map<Entry: SymbolMapEntry, F: Fn(&'data pe::ImageSymbol) -> Option<Entry>>( &self, f: F, ) -> SymbolMap<Entry>135 pub fn map<Entry: SymbolMapEntry, F: Fn(&'data pe::ImageSymbol) -> Option<Entry>>( 136 &self, 137 f: F, 138 ) -> SymbolMap<Entry> { 139 let mut symbols = Vec::with_capacity(self.symbols.len()); 140 for (_, symbol) in self.iter() { 141 if !symbol.is_definition() { 142 continue; 143 } 144 if let Some(entry) = f(symbol) { 145 symbols.push(entry); 146 } 147 } 148 SymbolMap::new(symbols) 149 } 150 } 151 152 /// An iterator for symbol entries in a COFF or PE file. 153 /// 154 /// Yields the index and symbol structure for each symbol. 155 #[derive(Debug)] 156 pub struct SymbolIterator<'data, 'table> { 157 symbols: &'table SymbolTable<'data>, 158 index: usize, 159 } 160 161 impl<'data, 'table> Iterator for SymbolIterator<'data, 'table> { 162 type Item = (usize, &'data pe::ImageSymbol); 163 next(&mut self) -> Option<Self::Item>164 fn next(&mut self) -> Option<Self::Item> { 165 let index = self.index; 166 let symbol = self.symbols.symbol(index).ok()?; 167 self.index += 1 + symbol.number_of_aux_symbols as usize; 168 Some((index, symbol)) 169 } 170 } 171 172 impl pe::ImageSymbol { 173 /// Parse a COFF symbol name. 174 /// 175 /// `strings` must be the string table used for symbol names. name<'data>(&'data self, strings: StringTable<'data>) -> Result<&'data [u8]>176 pub fn name<'data>(&'data self, strings: StringTable<'data>) -> Result<&'data [u8]> { 177 if self.name[0] == 0 { 178 // If the name starts with 0 then the last 4 bytes are a string table offset. 179 let offset = u32::from_le_bytes(self.name[4..8].try_into().unwrap()); 180 strings 181 .get(offset) 182 .read_error("Invalid COFF symbol name offset") 183 } else { 184 // The name is inline and padded with nulls. 185 Ok(match self.name.iter().position(|&x| x == 0) { 186 Some(end) => &self.name[..end], 187 None => &self.name[..], 188 }) 189 } 190 } 191 192 /// Return the symbol address. 193 /// 194 /// This takes into account the image base and the section address. address(&self, image_base: u64, sections: &SectionTable) -> Result<u64>195 pub fn address(&self, image_base: u64, sections: &SectionTable) -> Result<u64> { 196 let section_number = self.section_number.get(LE) as usize; 197 let section = sections.section(section_number)?; 198 let virtual_address = u64::from(section.virtual_address.get(LE)); 199 let value = u64::from(self.value.get(LE)); 200 Ok(image_base + virtual_address + value) 201 } 202 203 /// Return true if the symbol is a definition of a function or data object. is_definition(&self) -> bool204 pub fn is_definition(&self) -> bool { 205 let section_number = self.section_number.get(LE); 206 if section_number == pe::IMAGE_SYM_UNDEFINED { 207 return false; 208 } 209 match self.storage_class { 210 pe::IMAGE_SYM_CLASS_STATIC => { 211 if self.value.get(LE) == 0 && self.number_of_aux_symbols > 0 { 212 // This is a section symbol. 213 false 214 } else { 215 true 216 } 217 } 218 pe::IMAGE_SYM_CLASS_EXTERNAL | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL => true, 219 _ => false, 220 } 221 } 222 223 /// Return true if the symbol has an auxiliary file name. has_aux_file_name(&self) -> bool224 pub fn has_aux_file_name(&self) -> bool { 225 self.number_of_aux_symbols > 0 && self.storage_class == pe::IMAGE_SYM_CLASS_FILE 226 } 227 228 /// Return true if the symbol has an auxiliary function symbol. has_aux_function(&self) -> bool229 pub fn has_aux_function(&self) -> bool { 230 self.number_of_aux_symbols > 0 && self.derived_type() == pe::IMAGE_SYM_DTYPE_FUNCTION 231 } 232 233 /// Return true if the symbol has an auxiliary section symbol. has_aux_section(&self) -> bool234 pub fn has_aux_section(&self) -> bool { 235 self.number_of_aux_symbols > 0 236 && self.storage_class == pe::IMAGE_SYM_CLASS_STATIC 237 && self.value.get(LE) == 0 238 } 239 } 240 241 /// A symbol table of a `CoffFile`. 242 #[derive(Debug, Clone, Copy)] 243 pub struct CoffSymbolTable<'data, 'file> { 244 pub(crate) file: &'file CoffCommon<'data>, 245 } 246 247 impl<'data, 'file> read::private::Sealed for CoffSymbolTable<'data, 'file> {} 248 249 impl<'data, 'file> ObjectSymbolTable<'data> for CoffSymbolTable<'data, 'file> { 250 type Symbol = CoffSymbol<'data, 'file>; 251 type SymbolIterator = CoffSymbolIterator<'data, 'file>; 252 symbols(&self) -> Self::SymbolIterator253 fn symbols(&self) -> Self::SymbolIterator { 254 CoffSymbolIterator { 255 file: self.file, 256 index: 0, 257 } 258 } 259 symbol_by_index(&self, index: SymbolIndex) -> Result<Self::Symbol>260 fn symbol_by_index(&self, index: SymbolIndex) -> Result<Self::Symbol> { 261 let symbol = self.file.symbols.symbol(index.0)?; 262 Ok(CoffSymbol { 263 file: self.file, 264 index, 265 symbol, 266 }) 267 } 268 } 269 270 /// An iterator over the symbols of a `CoffFile`. 271 pub struct CoffSymbolIterator<'data, 'file> { 272 pub(crate) file: &'file CoffCommon<'data>, 273 pub(crate) index: usize, 274 } 275 276 impl<'data, 'file> fmt::Debug for CoffSymbolIterator<'data, 'file> { fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result277 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { 278 f.debug_struct("CoffSymbolIterator").finish() 279 } 280 } 281 282 impl<'data, 'file> Iterator for CoffSymbolIterator<'data, 'file> { 283 type Item = CoffSymbol<'data, 'file>; 284 next(&mut self) -> Option<Self::Item>285 fn next(&mut self) -> Option<Self::Item> { 286 let index = self.index; 287 let symbol = self.file.symbols.symbol(index).ok()?; 288 self.index += 1 + symbol.number_of_aux_symbols as usize; 289 Some(CoffSymbol { 290 file: self.file, 291 index: SymbolIndex(index), 292 symbol, 293 }) 294 } 295 } 296 297 /// A symbol of a `CoffFile`. 298 #[derive(Debug, Clone, Copy)] 299 pub struct CoffSymbol<'data, 'file> { 300 pub(crate) file: &'file CoffCommon<'data>, 301 pub(crate) index: SymbolIndex, 302 pub(crate) symbol: &'data pe::ImageSymbol, 303 } 304 305 impl<'data, 'file> read::private::Sealed for CoffSymbol<'data, 'file> {} 306 307 impl<'data, 'file> ObjectSymbol<'data> for CoffSymbol<'data, 'file> { 308 #[inline] index(&self) -> SymbolIndex309 fn index(&self) -> SymbolIndex { 310 self.index 311 } 312 name(&self) -> read::Result<&'data str>313 fn name(&self) -> read::Result<&'data str> { 314 let name = if self.symbol.has_aux_file_name() { 315 self.file 316 .symbols 317 .aux_file_name(self.index.0, self.symbol.number_of_aux_symbols)? 318 } else { 319 self.symbol.name(self.file.symbols.strings())? 320 }; 321 str::from_utf8(name) 322 .ok() 323 .read_error("Non UTF-8 COFF symbol name") 324 } 325 address(&self) -> u64326 fn address(&self) -> u64 { 327 // Only return an address for storage classes that we know use an address. 328 match self.symbol.storage_class { 329 pe::IMAGE_SYM_CLASS_STATIC 330 | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL 331 | pe::IMAGE_SYM_CLASS_LABEL => {} 332 pe::IMAGE_SYM_CLASS_EXTERNAL => { 333 if self.symbol.section_number.get(LE) == pe::IMAGE_SYM_UNDEFINED { 334 // Undefined or common data, neither of which have an address. 335 return 0; 336 } 337 } 338 _ => return 0, 339 } 340 self.symbol 341 .address(self.file.image_base, &self.file.sections) 342 .unwrap_or(0) 343 } 344 size(&self) -> u64345 fn size(&self) -> u64 { 346 match self.symbol.storage_class { 347 pe::IMAGE_SYM_CLASS_STATIC => { 348 // Section symbols may duplicate the size from the section table. 349 if self.symbol.has_aux_section() { 350 if let Ok(aux) = self.file.symbols.aux_section(self.index.0) { 351 u64::from(aux.length.get(LE)) 352 } else { 353 0 354 } 355 } else { 356 0 357 } 358 } 359 pe::IMAGE_SYM_CLASS_EXTERNAL => { 360 if self.symbol.section_number.get(LE) == pe::IMAGE_SYM_UNDEFINED { 361 // For undefined symbols, symbol.value is 0 and the size is 0. 362 // For common data, symbol.value is the size. 363 u64::from(self.symbol.value.get(LE)) 364 } else if self.symbol.has_aux_function() { 365 // Function symbols may have a size. 366 if let Ok(aux) = self.file.symbols.aux_function(self.index.0) { 367 u64::from(aux.total_size.get(LE)) 368 } else { 369 0 370 } 371 } else { 372 0 373 } 374 } 375 // Most symbols don't have sizes. 376 _ => 0, 377 } 378 } 379 kind(&self) -> SymbolKind380 fn kind(&self) -> SymbolKind { 381 let derived_kind = if self.symbol.derived_type() == pe::IMAGE_SYM_DTYPE_FUNCTION { 382 SymbolKind::Text 383 } else { 384 SymbolKind::Data 385 }; 386 match self.symbol.storage_class { 387 pe::IMAGE_SYM_CLASS_STATIC => { 388 if self.symbol.value.get(LE) == 0 && self.symbol.number_of_aux_symbols > 0 { 389 SymbolKind::Section 390 } else { 391 derived_kind 392 } 393 } 394 pe::IMAGE_SYM_CLASS_EXTERNAL | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL => derived_kind, 395 pe::IMAGE_SYM_CLASS_SECTION => SymbolKind::Section, 396 pe::IMAGE_SYM_CLASS_FILE => SymbolKind::File, 397 pe::IMAGE_SYM_CLASS_LABEL => SymbolKind::Label, 398 _ => SymbolKind::Unknown, 399 } 400 } 401 section(&self) -> SymbolSection402 fn section(&self) -> SymbolSection { 403 match self.symbol.section_number.get(LE) { 404 pe::IMAGE_SYM_UNDEFINED => { 405 if self.symbol.storage_class == pe::IMAGE_SYM_CLASS_EXTERNAL 406 && self.symbol.value.get(LE) == 0 407 { 408 SymbolSection::Undefined 409 } else { 410 SymbolSection::Common 411 } 412 } 413 pe::IMAGE_SYM_ABSOLUTE => SymbolSection::Absolute, 414 pe::IMAGE_SYM_DEBUG => { 415 if self.symbol.storage_class == pe::IMAGE_SYM_CLASS_FILE { 416 SymbolSection::None 417 } else { 418 SymbolSection::Unknown 419 } 420 } 421 index if index > 0 => SymbolSection::Section(SectionIndex(index.into())), 422 _ => SymbolSection::Unknown, 423 } 424 } 425 426 #[inline] is_undefined(&self) -> bool427 fn is_undefined(&self) -> bool { 428 self.symbol.storage_class == pe::IMAGE_SYM_CLASS_EXTERNAL 429 && self.symbol.section_number.get(LE) == pe::IMAGE_SYM_UNDEFINED 430 && self.symbol.value.get(LE) == 0 431 } 432 433 #[inline] is_definition(&self) -> bool434 fn is_definition(&self) -> bool { 435 self.symbol.is_definition() 436 } 437 438 #[inline] is_common(&self) -> bool439 fn is_common(&self) -> bool { 440 self.symbol.storage_class == pe::IMAGE_SYM_CLASS_EXTERNAL 441 && self.symbol.section_number.get(LE) == pe::IMAGE_SYM_UNDEFINED 442 && self.symbol.value.get(LE) != 0 443 } 444 445 #[inline] is_weak(&self) -> bool446 fn is_weak(&self) -> bool { 447 self.symbol.storage_class == pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL 448 } 449 450 #[inline] scope(&self) -> SymbolScope451 fn scope(&self) -> SymbolScope { 452 match self.symbol.storage_class { 453 pe::IMAGE_SYM_CLASS_EXTERNAL | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL => { 454 // TODO: determine if symbol is exported 455 SymbolScope::Linkage 456 } 457 _ => SymbolScope::Compilation, 458 } 459 } 460 461 #[inline] is_global(&self) -> bool462 fn is_global(&self) -> bool { 463 match self.symbol.storage_class { 464 pe::IMAGE_SYM_CLASS_EXTERNAL | pe::IMAGE_SYM_CLASS_WEAK_EXTERNAL => true, 465 _ => false, 466 } 467 } 468 469 #[inline] is_local(&self) -> bool470 fn is_local(&self) -> bool { 471 !self.is_global() 472 } 473 flags(&self) -> SymbolFlags<SectionIndex>474 fn flags(&self) -> SymbolFlags<SectionIndex> { 475 if self.symbol.has_aux_section() { 476 if let Ok(aux) = self.file.symbols.aux_section(self.index.0) { 477 // TODO: use high_number for bigobj 478 let number = aux.number.get(LE) as usize; 479 return SymbolFlags::CoffSection { 480 selection: aux.selection, 481 associative_section: if number == 0 { 482 None 483 } else { 484 Some(SectionIndex(number)) 485 }, 486 }; 487 } 488 } 489 SymbolFlags::None 490 } 491 } 492