I'm trying to build a .deb package with debuild -i -us -uc -b and in the end I see:
Now running lintian...
warning: the authors of lintian do not recommend running it with root privileges!
W: libluajit-5.1-2: hardening-no-relro usr/lib/powerpc64le-linux-gnu/libluajit-5.1.so.2.1.0
E: libluajit-5.1-2: shlib-with-non-pic-code usr/lib/powerpc64le-linux-gnu/libluajit-5.1.so.2.1.0
W: luajit: hardening-no-relro usr/bin/luajit-2.1.0-alpha
W: luajit: binary-without-manpage usr/bin/luajit-2.1.0-alpha
Finished running lintian.
I have a hunch that I failed to define a "PIC code setup", which must be at the beginning of each external function:
The following code might appear in a PIC code setup sequence to compute
the distance from a function entry point to the TOC base:
addis 2,12,.TOC.-func#ha
addi 2,2,.TOC.-func#l
as specified by the ABI, page 99.
However I couldn't find the symbols which were non-PIC. Or maybe some relevant file that was not compiled with -fPIC?
Info:
system architecture: ppc64le
compiling .so library with: gcc -shared -fPIC
To find which symbols made your elf non-PIC/PIE (Position Independent Code/Executable), use scanelf from pax-utils package (on ubuntu, install it with sudo apt-get install pax-utils):
$ scanelf -qT /usr/local/lib/libluajit-5.1.so.2.1.0 | head -n 3
libluajit-5.1.so.2.1.0: buf_grow [0x7694] in (optimized out: previous lj_BC_MODVN) [0x7600]
libluajit-5.1.so.2.1.0: buf_grow [0x769C] in (optimized out: previous lj_BC_MODVN) [0x7600]
libluajit-5.1.so.2.1.0: buf_grow [0x76A0] in (optimized out: previous lj_BC_MODVN) [0x7600]
$ objdump -Sa /usr/local/lib/libluajit-5.1.so.2.1.0 | grep -A5 \ 7694:
7694: 00 00 80 39 li r12,0
7698: c6 07 8c 79 rldicr r12,r12,32,31
769c: 00 00 8c 65 oris r12,r12,0
76a0: 00 00 8c 61 ori r12,r12,0
76a4: a6 03 89 7d mtctr r12
76a8: 21 04 80 4e bctrl
On my case an absolute address was meant to be load on r12, but that's not possible for a dynamic library, so the linker used 0 for that parameter (I had to use #GOT operator, but that's the particular solution to my case).
On the luajit program, it's possible to define the address on linking time and it looks like this:
1003d0d4: 00 00 80 39 li r12,0
1003d0d8: c6 07 8c 79 rldicr r12,r12,32,31
1003d0dc: 07 10 8c 65 oris r12,r12,4103
1003d0e0: 30 ca 8c 61 ori r12,r12,51760
1003d0e4: a6 03 89 7d mtctr r12
Quite different right?
a much detailed explanation can be found on this wonderful Gentoo wiki page.
The failing lintian check is this:
# Now that we're sure this is really a shared library, report on
# non-PIC problems.
if ($objdump->{$cur_file}->{TEXTREL}) {
tag 'shlib-with-non-pic-code', $cur_file;
}
So you can probably find the offending file by looking for a .o that contains a TEXTREL dynamic section (which is making its way into your final link).
To do this, you can use readelf --dyanamic, in something like the following:
find . -name '*.o' |
while read obj
do
if readelf --dynamic "$obj" | grep -q TEXTREL
then
echo "$obj contains a TEXTREL section"
fi
done
Related
This is a great solution as far as it goes:
How to use bluetoothctl like hcitool lescan to report repeated proximity beacons
I want to take it one step further though: instead of printing the beacon detections to the terminal, I want to pipe each detected beacon's MAC address to a command that publishes it to a Mosquitto broker. This would be useful for adding the beacons to HomeAssistant, for example, for presence detection of a key fob attached to a person's house keys. I managed to get this idea to work by modifying the last two lines of the script above but it only publishes the first detection ... then no more. I guess somehow the scan is being turned off or aborted by trying to run the mosquitto_pub command. (something to do with interrupting the thread or subshells????)
Here are the last lines of the script with the MAC addresses of my TWO TEST BEACONS obfuscated.
You can see the full script that I modified at the link above.
) | sed --unbuffered --quiet --expression 's/^.*Device //p' \
| grep --line-buffered -E 'FF:FF::::|FF:GG::::' \
| stdbuf -oL cut -c 1-17 \
| { read topic; mosquitto_pub -d -u username -P password -m ON -t monitor/$topic; }
Note:
| stdbuf -oL cut -c 1-17 \ trims the output down to just the MAC address - e.g. FF:GG::::
The last line publishes the ON command to an unique state topic ending in the beacon's MAC address e.g. 'monitor/FF:GG::::'.
If I remove that last line the detections are added as they occur to the terminal console in an ever growing list as time goes by. But once I add the last line it only works once, then goes dead.
How can the script be made to respond to each detection, not just the first one?
And why exactly does it only respond to the first detection then hang?
The command line tools of BlueZ are not designed for this purpose, so it makes them very difficult to pipe scan results reliably. In my experience, processes die or hang, and you end up with broken pipes.
The C APIs of BlueZ are much more stable. I wrote a simple command line program in C that you could use instead of bluetoothctl for this purpose:
https://gist.github.com/davidgyoung/0a18028b4338ff6cb201fba274502662
That program must be compiled with cc scanner.c -lbluetooth -o scanner, after which you can start the scanner with just scanner. The output of the program will be something like this:
B8:27:EB:1F:93:4D -68 02 01 06 11 06 82 75 25 D9 37 9D D7 8F 5F 4A F4 20 00 00 75 30
71:5C:23:9D:BC:7F -68 02 01 1A 02 0A 0C 0B FF 4C 00 10 06 03 1A 3B D4 B2 EB
B8:27:EB:1F:93:4D -68 02 01 06 11 06 82 75 25 D9 37 9D D7 8F 5F 4A F4 20 00 00 75 30
4A:53:7F:64:71:EC -91 03 03 9F FE 17 16 9F FE 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
69:0D:FF:7B:75:65 -73 02 01 1A 02 0A 0C 0A FF 4C 00 10 05 03 1C 27 BB 63
61:39:71:E9:1D:C9 -93 02 01 1A 02 0A 18 0A FF 4C 00 10 05 01 18 3B 24 12
B8:27:EB:1F:93:4D -68 02 01 06 11 06 82 75 25 D9 37 9D D7 8F 5F 4A F4 20 00 00 75 30
Each line above shows the MAC address of the detected bluetooth device, followed by the signal strength RSSI, then the hex bytes of the advertisement.
I use this program to pipe into other shell scripts, and have found it to be reliable over many days. Feel free to use it if helpful.
I want to get the hexdump of a given function. Until now objdump -d a.out --start-address=0x400630 and --stop-address=0x400679 is the best solution what I have found, however I do not know how to extract only the opcodes from the output.
For example from this:
4003f0: 48 83 ec 08 sub $0x8,%rsp
4003f4: e8 73 00 00 00 callq 40046c
...
I need only this:
48 83 ec 08
e8 73 00 00 00
You could use gdb on your program and x/i will print out a range of machine instructions.
May also try to pipe in cut:
objdump -d a.out --start-address=0x400630 and --stop-address=0x400679 | cut -b 14-30
you probably need to adapt your cut range for your output.
all.
I'm using a 3rd party lib to archive/decompress some files.
Input/output format is .zip.
But I've discovered that the lib could read well archives created with WinRAR, but cannot read archives created with 7-zip.
Could anyone tell me what the problem is and how it could be fixed.
hex view of starting of archive, created with winRar:
50 4b 03 04 14 00 00 00 08 00 EC 88 25 45 6e 1a ....
hex view of starting of archive, created with 7-zip:
50 4b 03 04 14 00 00 00 08 00 ED 88 25 45 6e 1a ....
the difference is in byte EC and ED.
This is the header structure of a ZIP file:
+---------------------------------------------------------------------+
| BYTE |
|0x0 0x1 0x2 0x3|0x4 0x5|0x6 0x7| 0x8 0x9 |0xA 0xB|0xC 0xD| |
+---------------+-------+-------+-----------+--------+--------+-------+
| signature |version| flags |compression|mod time|mod date| CRC32 |
+---------------+-------+-------+-----------+--------+--------+-------+
| 50 4B 03 04| 14 00| 00 00| 08 00 |EC/ED 88| 25 45| |
+---------------------------------------------------------------------+
signature is always 0x50 0x4B 0x03 0x04 (as in your case). 0x50 = 'P', 0x4B = 'K' (Phillip Katz)
version needed to extract (0x14 0x00 = 20 -> ZIP 2.0)
general purpose bit flags (no flags, your file is not crypted / default language encoding)
compression method is deflate (08)
So the only things that change is the modification time (just some minutes).
Even the first two bytes of the CRC32 are the same. If the only difference is the EC / ED value, the problem shouldn't be the archive content.
Further references: https://users.cs.jmu.edu/buchhofp/forensics/formats/pkzip.html
7-Zip archives can be created using several different compression formats which are not compatible with standard ZIP compression/decompression libraries based for example on Info-ZIP source code.
Applications like WinRAR and Total Commander supporting creation/extraction of ZIP files natively use therefore additionally a DLL for extracting files from non standard 7-Zip archives.
See question Can I use the EXE or DLL files from 7-Zip in a Commercial Application? on FAQ page of 7-Zip.
How could I disassemble system call, so that i could get the assembly instructions involved in it
Well, you could do something like this. Say I wanted to get an assembly dump of "dup":
Write this:
#include <stdio.h>
#include <sys/file.h>
int main() {
return dup(0)
}
Compile it:
gcc -o systest -g3 -O0 systest.c
Dump it:
objdump -d systest
Looking in "main" I see:
400478: 55 push %rbp
400479: 48 89 e5 mov %rsp,%rbp
40047c: bf 00 00 00 00 mov $0x0,%edi
400481: b8 00 00 00 00 mov $0x0,%eax
400486: e8 1d ff ff ff callq 4003a8 <dup#plt>
40048b: c9 leaveq
40048c: c3 retq
40048d: 90 nop
40048e: 90 nop
40048f: 90 nop
So looking at "dup#plt" I see:
00000000004003a8 <dup#plt>:
4003a8: ff 25 7a 04 20 00 jmpq *2098298(%rip) # 600828 <_GLOBAL_OFFSET_TABLE_+0x20>
4003ae: 68 01 00 00 00 pushq $0x1
4003b3: e9 d0 ff ff ff jmpq 400388 <_init+0x18>
So it's making a call into a "global offset table", which I would assume has all the syscall vectors. Like the other post said, see the kernel source (or standard library sources?) for details on that.
I don't think you want to do this. System call handling is complex (see http://www.ibm.com/developerworks/linux/library/l-system-calls/). Since you have tagged this question with "linux", you can just download the source from kernel.org (which will be far more understandable and informative than the assembly code).
For understanding linux system call, browse through the code.
Important files are:
/include/linux/syscalls.h (all the supported system calls in linux)
/arch/arm/kernel/entry-common.S (implementation of system call at register level)
/arch/arm/kernel/calls.S (system call numbers)
/arch/arm/include/asm/unistd.h (address of system call)
Note: system call table can be addressed only from system.map only.
When building static libraries with VS2005 I keep getting linker warnings that VC80.pdb cant be found with my library.lib. Apparently, as a result, the edit and continue feature of the IDE fails to work any project that incorporates library.lib
What magic is needed to tell VS2005 to produce a static lib with edit and continue debug info that does NOT reference or require vs80.pdb when linked into a project?
--Upon Further Understanding--
So, In order to get edit-and-continue to function with a pre-compiled static lib, we need to place the vs80.pdb and vs80.pdb file into SVN along with the .lib, AND rename the pdb/idb to prevent conflicts when doing this with multiple pre-compiled libs.
vc80.pdb is the file that contains the debug information for your lib. In the ide Property pages:configuration properties:c\c++:output files allows you to rename this to something more appropriate, such as the name of your lib. When the linker links your lib into the target exe it looks for this pdb (there is a pointer to it in the lib) and extracts the info from that pdb and drops it in the exe's pdb.
/Fd[name] is the option for renaming the pdb
/ZI is the option for compiling with a pdb that includes Edit and Continue information.
All linked libs and the final taget exe or dll need /ZI, to enable edit and continue.
I made a tiny testlib.lib and used "dumpbin /all" to get the following showing the pointer to the debug info (this is a tiny excerpt):
SECTION HEADER #7
.debug$T name
0 physical address
0 virtual address
48 size of raw data
838 file pointer to raw data (00000838 to 0000087F)
0 file pointer to relocation table
0 file pointer to line numbers
0 number of relocations
0 number of line numbers
42100040 flags
Initialized Data
Discardable
1 byte align
Read Only
RAW DATA #7
00000000: 04 00 00 00 42 00 15 15 D5 EA 1E C9 7C 10 3A 40 ....B...Õê.É|.:#
00000010: 93 63 CE 95 77 15 49 4A 03 00 00 00 64 3A 5C 64 .cÎ.w.IJ....d:\d
00000020: 65 76 5C 74 65 73 74 5C 74 65 73 74 6C 69 62 5C ev\test\testlib\
00000030: 74 65 73 74 6C 69 62 5C 64 65 62 75 67 5C 76 63 testlib\debug\vc
00000040: 38 30 2E 70 64 62 00 F1 80.pdb.ñ
If you can live without 'edit and continue', try using /Z7.
I use it for all the .lib files that are stored in source control. No .pdb file is created - the debug info is stored inside the .lib file.