286be5
From 363d7fcf703ad3ebf37b45693b2c9e43eb8b4176 Mon Sep 17 00:00:00 2001
286be5
From: Christos Zoulas <christos@zoulas.com>
286be5
Date: Sat, 22 Aug 2020 18:04:18 +0000
286be5
Subject: [PATCH] Improve detection of static-pie binaries, and don't call them
286be5
 "dynamically linked", but call them "static-pie" linked.
286be5
286be5
---
286be5
 src/readelf.c | 37 ++++++++++++++++++++++++++-----------
286be5
 1 file changed, 26 insertions(+), 11 deletions(-)
286be5
286be5
diff --git a/src/readelf.c b/src/readelf.c
286be5
index cf1dc91b7..d390d5f6a 100644
286be5
--- a/src/readelf.c
286be5
+++ b/src/readelf.c
286be5
@@ -27,7 +27,7 @@
286be5
 #include "file.h"
286be5
 
286be5
 #ifndef lint
286be5
-FILE_RCSID("@(#)$File: readelf.c,v 1.173 2020/06/07 22:12:54 christos Exp $")
286be5
+FILE_RCSID("@(#)$File: readelf.c,v 1.174 2020/08/22 18:04:18 christos Exp $")
286be5
 #endif
286be5
 
286be5
 #ifdef BUILTIN_ELF
286be5
@@ -1099,7 +1099,7 @@ do_auxv_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type,
286be5
 
286be5
 private size_t
286be5
 dodynamic(struct magic_set *ms, void *vbuf, size_t offset, size_t size,
286be5
-    int clazz, int swap)
286be5
+    int clazz, int swap, int *pie, size_t *need)
286be5
 {
286be5
 	Elf32_Dyn dh32;
286be5
 	Elf64_Dyn dh64;
286be5
@@ -1117,11 +1117,15 @@ dodynamic(struct magic_set *ms, void *vbuf, size_t offset, size_t size,
286be5
 
286be5
 	switch (xdh_tag) {
286be5
 	case DT_FLAGS_1:
286be5
+		*pie = 1;
286be5
 		if (xdh_val & DF_1_PIE)
286be5
 			ms->mode |= 0111;
286be5
 		else
286be5
 			ms->mode &= ~0111;
286be5
 		break;
286be5
+	case DT_NEEDED:
286be5
+		(*need)++;
286be5
+		break;
286be5
 	default:
286be5
 		break;
286be5
 	}
286be5
@@ -1608,9 +1612,10 @@ doshn(struct magic_set *ms, int clazz, int swap, int fd, off_t off, int num,
286be5
 }
286be5
 
286be5
 /*
286be5
- * Look through the program headers of an executable image, searching
286be5
- * for a PT_INTERP section; if one is found, it's dynamically linked,
286be5
- * otherwise it's statically linked.
286be5
+ * Look through the program headers of an executable image, to determine
286be5
+ * if it is statically or dynamically linked. If it has a dynamic section,
286be5
+ * it is pie, and does not have an interpreter or needed libraries, we
286be5
+ * call it static pie.
286be5
  */
286be5
 private int
286be5
 dophn_exec(struct magic_set *ms, int clazz, int swap, int fd, off_t off,
286be5
@@ -1619,12 +1624,13 @@ dophn_exec(struct magic_set *ms, int clazz, int swap, int fd, off_t off,
286be5
 {
286be5
 	Elf32_Phdr ph32;
286be5
 	Elf64_Phdr ph64;
286be5
-	const char *linking_style = "statically";
286be5
+	const char *linking_style;
286be5
 	unsigned char nbuf[BUFSIZ];
286be5
 	char ibuf[BUFSIZ];
286be5
 	char interp[BUFSIZ];
286be5
 	ssize_t bufsize;
286be5
-	size_t offset, align, len;
286be5
+	size_t offset, align, len, need = 0;
286be5
+	int pie = 0, dynamic = 0;
286be5
 
286be5
 	if (num == 0) {
286be5
 		if (file_printf(ms, ", no program header") == -1)
286be5
@@ -1654,7 +1660,6 @@ dophn_exec(struct magic_set *ms, int clazz, int swap, int fd, off_t off,
286be5
 		switch (xph_type) {
286be5
 		case PT_DYNAMIC:
286be5
 			doread = 1;
286be5
-			linking_style = "dynamically";
286be5
 			break;
286be5
 		case PT_NOTE:
286be5
 			if (sh_num)	/* Did this through section headers */
286be5
@@ -1694,6 +1699,7 @@ dophn_exec(struct magic_set *ms, int clazz, int swap, int fd, off_t off,
286be5
 		/* Things we can determine when we seek */
286be5
 		switch (xph_type) {
286be5
 		case PT_DYNAMIC:
286be5
+			dynamic = 1;
286be5
 			offset = 0;
286be5
 			// Let DF_1 determine if we are PIE or not.
286be5
 			ms->mode &= ~0111;
286be5
@@ -1701,7 +1707,8 @@ dophn_exec(struct magic_set *ms, int clazz, int swap, int fd, off_t off,
286be5
 				if (offset >= CAST(size_t, bufsize))
286be5
 					break;
286be5
 				offset = dodynamic(ms, nbuf, offset,
286be5
-				    CAST(size_t, bufsize), clazz, swap);
286be5
+				    CAST(size_t, bufsize), clazz, swap,
286be5
+				    &pie, &need);
286be5
 				if (offset == 0)
286be5
 					break;
286be5
 			}
286be5
@@ -1710,6 +1717,7 @@ dophn_exec(struct magic_set *ms, int clazz, int swap, int fd, off_t off,
286be5
 			break;
286be5
 
286be5
 		case PT_INTERP:
286be5
+			need++;
286be5
 			if (ms->flags & MAGIC_MIME)
286be5
 				continue;
286be5
 			if (bufsize && nbuf[0]) {
286be5
@@ -1744,8 +1752,15 @@ dophn_exec(struct magic_set *ms, int clazz, int swap, int fd, off_t off,
286be5
 	}
286be5
 	if (ms->flags & MAGIC_MIME)
286be5
 		return 0;
286be5
-	if (file_printf(ms, ", %s linked", linking_style)
286be5
-	    == -1)
286be5
+	if (dynamic) {
286be5
+		if (pie && need == 0)
286be5
+			linking_style = "static-pie";
286be5
+		else
286be5
+			linking_style = "dynamically";
286be5
+	} else {
286be5
+		linking_style = "statically";
286be5
+	}
286be5
+	if (file_printf(ms, ", %s linked", linking_style) == -1)
286be5
 		return -1;
286be5
 	if (interp[0])
286be5
 		if (file_printf(ms, ", interpreter %s",