1 /* Read the export table symbols from a portable executable and
2 convert to internal format, for GDB. Used as a last resort if no
3 debugging symbols recognized.
5 Copyright (C) 2003-2022 Free Software Foundation, Inc.
7 This file is part of GDB.
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 Contributed by Raoul M. Gough (RaoulGough@yahoo.co.uk). */
26 #include "coff-pe-read.h"
36 #include "gdbsupport/common-utils.h"
37 #include "coff/internal.h"
41 /* Internal section information */
43 /* Coff PE read debugging flag:
45 value 1 outputs problems encountered while parsing PE file,
46 value above 1 also lists all generated minimal symbols. */
47 static unsigned int debug_coff_pe_read
;
49 struct read_pe_section_data
51 CORE_ADDR vma_offset
; /* Offset to loaded address of section. */
52 unsigned long rva_start
; /* Start offset within the pe. */
53 unsigned long rva_end
; /* End offset within the pe. */
54 enum minimal_symbol_type ms_type
; /* Type to assign symbols in
56 unsigned int index
; /* BFD section number. */
57 std::string section_name
; /* Recorded section name. */
60 #define IMAGE_SCN_CNT_CODE 0x20
61 #define IMAGE_SCN_CNT_INITIALIZED_DATA 0x40
62 #define IMAGE_SCN_CNT_UNINITIALIZED_DATA 0x80
63 #define PE_SECTION_INDEX_TEXT 0
64 #define PE_SECTION_INDEX_DATA 1
65 #define PE_SECTION_INDEX_BSS 2
66 #define PE_SECTION_TABLE_SIZE 3
67 #define PE_SECTION_INDEX_INVALID -1
69 /* Get the index of the named section in our own array, which contains
70 text, data and bss in that order. Return PE_SECTION_INDEX_INVALID
71 if passed an unrecognised section name. */
74 read_pe_section_index (const char *section_name
)
76 if (strcmp (section_name
, ".text") == 0)
78 return PE_SECTION_INDEX_TEXT
;
81 else if (strcmp (section_name
, ".data") == 0)
83 return PE_SECTION_INDEX_DATA
;
86 else if (strcmp (section_name
, ".bss") == 0)
88 return PE_SECTION_INDEX_BSS
;
93 return PE_SECTION_INDEX_INVALID
;
97 /* Get the index of the named section in our own full array.
98 text, data and bss in that order. Return PE_SECTION_INDEX_INVALID
99 if passed an unrecognised section name. */
102 get_pe_section_index (const char *section_name
,
103 const std::vector
<read_pe_section_data
> §ions
)
105 for (int i
= 0; i
< sections
.size (); i
++)
106 if (sections
[i
].section_name
== section_name
)
108 return PE_SECTION_INDEX_INVALID
;
112 /* Create a minimal symbol entry for an exported symbol.
113 SYM_NAME contains the exported name or NULL if exported by ordinal,
114 FUNC_RVA contains the Relative Virtual Address of the symbol,
115 ORDINAL is the ordinal index value of the symbol,
116 SECTION_DATA contains information about the section in which the
118 DLL_NAME is the internal name of the DLL file,
119 OBJFILE is the objfile struct of DLL_NAME. */
122 add_pe_exported_sym (minimal_symbol_reader
&reader
,
123 const char *sym_name
,
124 unsigned long func_rva
,
126 const struct read_pe_section_data
*section_data
,
127 const char *dll_name
, struct objfile
*objfile
)
129 /* Add the stored offset to get the loaded address of the symbol. */
130 CORE_ADDR vma
= func_rva
+ section_data
->vma_offset
;
132 /* Generate a (hopefully unique) qualified name using the first part
133 of the dll name, e.g. KERNEL32!AddAtomA. This matches the style
134 used by windbg from the "Microsoft Debugging Tools for Windows". */
136 std::string bare_name
;
137 if (sym_name
== NULL
|| *sym_name
== '\0')
138 bare_name
= string_printf ("#%d", ordinal
);
140 bare_name
= sym_name
;
142 std::string qualified_name
143 = string_printf ("%s!%s", dll_name
, bare_name
.c_str ());
145 if ((section_data
->ms_type
== mst_unknown
) && debug_coff_pe_read
)
146 gdb_printf (gdb_stdlog
, _("Unknown section type for \"%s\""
147 " for entry \"%s\" in dll \"%s\"\n"),
148 section_data
->section_name
.c_str (), sym_name
,
151 reader
.record_with_info (qualified_name
.c_str (), vma
, section_data
->ms_type
,
152 section_data
->index
);
154 /* Enter the plain name as well, which might not be unique. */
155 reader
.record_with_info (bare_name
.c_str (), vma
, section_data
->ms_type
,
156 section_data
->index
);
157 if (debug_coff_pe_read
> 1)
158 gdb_printf (gdb_stdlog
, _("Adding exported symbol \"%s\""
159 " in dll \"%s\"\n"), sym_name
, dll_name
);
162 /* Create a minimal symbol entry for an exported forward symbol.
163 Return 1 if the forwarded function was found 0 otherwise.
164 SYM_NAME contains the exported name or NULL if exported by ordinal,
165 FORWARD_DLL_NAME is the name of the DLL in which the target symobl resides,
166 FORWARD_FUNC_NAME is the name of the target symbol in that DLL,
167 ORDINAL is the ordinal index value of the symbol,
168 DLL_NAME is the internal name of the DLL file,
169 OBJFILE is the objfile struct of DLL_NAME. */
172 add_pe_forwarded_sym (minimal_symbol_reader
&reader
,
173 const char *sym_name
, const char *forward_dll_name
,
174 const char *forward_func_name
, int ordinal
,
175 const char *dll_name
, struct objfile
*objfile
)
177 CORE_ADDR vma
, baseaddr
;
178 struct bound_minimal_symbol msymbol
;
179 enum minimal_symbol_type msymtype
;
180 int forward_dll_name_len
= strlen (forward_dll_name
);
183 std::string forward_qualified_name
= string_printf ("%s!%s",
187 msymbol
= lookup_bound_minimal_symbol (forward_qualified_name
.c_str ());
193 for (i
= 0; i
< forward_dll_name_len
; i
++)
194 forward_qualified_name
[i
] = tolower (forward_qualified_name
[i
]);
195 msymbol
= lookup_bound_minimal_symbol (forward_qualified_name
.c_str ());
200 if (debug_coff_pe_read
)
201 gdb_printf (gdb_stdlog
, _("Unable to find function \"%s\" in"
202 " dll \"%s\", forward of \"%s\" in dll \"%s\"\n"),
203 forward_func_name
, forward_dll_name
, sym_name
,
208 if (debug_coff_pe_read
> 1)
209 gdb_printf (gdb_stdlog
, _("Adding forwarded exported symbol"
210 " \"%s\" in dll \"%s\", pointing to \"%s\"\n"),
211 sym_name
, dll_name
, forward_qualified_name
.c_str ());
213 vma
= msymbol
.value_address ();
214 msymtype
= msymbol
.minsym
->type ();
215 section
= msymbol
.minsym
->section_index ();
217 /* Generate a (hopefully unique) qualified name using the first part
218 of the dll name, e.g. KERNEL32!AddAtomA. This matches the style
219 used by windbg from the "Microsoft Debugging Tools for Windows". */
221 std::string bare_name
;
222 if (sym_name
== NULL
|| *sym_name
== '\0')
223 bare_name
= string_printf ("#%d", ordinal
);
225 bare_name
= sym_name
;
227 std::string qualified_name
228 = string_printf ("%s!%s", dll_name
, bare_name
.c_str ());
230 /* Note that this code makes a minimal symbol whose value may point
231 outside of any section in this objfile. These symbols can't
232 really be relocated properly, but nevertheless we make a stab at
233 it, choosing an approach consistent with the history of this
235 baseaddr
= objfile
->text_section_offset ();
237 reader
.record_with_info (qualified_name
.c_str (), vma
- baseaddr
, msymtype
,
240 /* Enter the plain name as well, which might not be unique. */
241 reader
.record_with_info (bare_name
.c_str(), vma
- baseaddr
, msymtype
,
247 /* Truncate a dll_name at the last dot character. */
250 read_pe_truncate_name (char *dll_name
)
252 char *last_point
= strrchr (dll_name
, '.');
254 if (last_point
!= NULL
)
258 /* Low-level support functions, direct from the ld module pe-dll.c. */
260 pe_get16 (bfd
*abfd
, int where
)
264 bfd_seek (abfd
, (file_ptr
) where
, SEEK_SET
);
265 bfd_bread (b
, (bfd_size_type
) 2, abfd
);
266 return b
[0] + (b
[1] << 8);
270 pe_get32 (bfd
*abfd
, int where
)
274 bfd_seek (abfd
, (file_ptr
) where
, SEEK_SET
);
275 bfd_bread (b
, (bfd_size_type
) 4, abfd
);
276 return b
[0] + (b
[1] << 8) + (b
[2] << 16) + (b
[3] << 24);
282 unsigned char *b
= (unsigned char *) ptr
;
284 return b
[0] + (b
[1] << 8);
290 unsigned char *b
= (unsigned char *) ptr
;
292 return b
[0] + (b
[1] << 8) + (b
[2] << 16) + (b
[3] << 24);
295 /* Read the (non-debug) export symbol table from a portable
296 executable. Code originally lifted from the ld function
297 pe_implied_import_dll in pe-dll.c. */
300 read_pe_exported_syms (minimal_symbol_reader
&reader
,
301 struct objfile
*objfile
)
303 bfd
*dll
= objfile
->obfd
;
304 unsigned long nbnormal
, nbforward
;
305 unsigned long pe_header_offset
, opthdr_ofs
, num_entries
, i
;
306 unsigned long export_opthdrrva
, export_opthdrsize
;
307 unsigned long export_rva
, export_size
, nsections
, secptr
, expptr
;
308 unsigned long exp_funcbase
;
309 unsigned char *expdata
, *erva
;
310 unsigned long name_rvas
, ordinals
, nexp
, ordbase
;
311 int otherix
= PE_SECTION_TABLE_SIZE
;
315 char const *target
= bfd_get_target (objfile
->obfd
);
317 std::vector
<struct read_pe_section_data
> section_data
318 (PE_SECTION_TABLE_SIZE
);
320 for (i
=0; i
< PE_SECTION_TABLE_SIZE
; i
++)
322 section_data
[i
].vma_offset
= 0;
323 section_data
[i
].rva_start
= 1;
324 section_data
[i
].rva_end
= 0;
326 section_data
[PE_SECTION_INDEX_TEXT
].ms_type
= mst_text
;
327 section_data
[PE_SECTION_INDEX_TEXT
].section_name
= ".text";
328 section_data
[PE_SECTION_INDEX_DATA
].ms_type
= mst_data
;
329 section_data
[PE_SECTION_INDEX_DATA
].section_name
= ".data";
330 section_data
[PE_SECTION_INDEX_BSS
].ms_type
= mst_bss
;
331 section_data
[PE_SECTION_INDEX_BSS
].section_name
= ".bss";
333 is_pe64
= (strcmp (target
, "pe-x86-64") == 0
334 || strcmp (target
, "pei-x86-64") == 0);
335 is_pe32
= (strcmp (target
, "pe-i386") == 0
336 || strcmp (target
, "pei-i386") == 0
337 || strcmp (target
, "pe-arm-wince-little") == 0
338 || strcmp (target
, "pei-arm-wince-little") == 0);
339 if (!is_pe32
&& !is_pe64
)
341 /* This is not a recognized PE format file. Abort now, because
342 the code is untested on anything else. *FIXME* test on
343 further architectures and loosen or remove this test. */
347 /* Get pe_header, optional header and numbers of export entries. */
348 pe_header_offset
= pe_get32 (dll
, 0x3c);
349 opthdr_ofs
= pe_header_offset
+ 4 + 20;
351 num_entries
= pe_get32 (dll
, opthdr_ofs
+ 108);
353 num_entries
= pe_get32 (dll
, opthdr_ofs
+ 92);
355 if (num_entries
< 1) /* No exports. */
359 export_opthdrrva
= pe_get32 (dll
, opthdr_ofs
+ 112);
360 export_opthdrsize
= pe_get32 (dll
, opthdr_ofs
+ 116);
364 export_opthdrrva
= pe_get32 (dll
, opthdr_ofs
+ 96);
365 export_opthdrsize
= pe_get32 (dll
, opthdr_ofs
+ 100);
367 nsections
= pe_get16 (dll
, pe_header_offset
+ 4 + 2);
368 secptr
= (pe_header_offset
+ 4 + 20 +
369 pe_get16 (dll
, pe_header_offset
+ 4 + 16));
373 /* Get the rva and size of the export section. */
374 for (i
= 0; i
< nsections
; i
++)
377 unsigned long secptr1
= secptr
+ 40 * i
;
378 unsigned long vaddr
= pe_get32 (dll
, secptr1
+ 12);
379 unsigned long vsize
= pe_get32 (dll
, secptr1
+ 16);
380 unsigned long fptr
= pe_get32 (dll
, secptr1
+ 20);
382 bfd_seek (dll
, (file_ptr
) secptr1
, SEEK_SET
);
383 bfd_bread (sname
, (bfd_size_type
) sizeof (sname
), dll
);
385 if ((strcmp (sname
, ".edata") == 0)
386 || (vaddr
<= export_opthdrrva
&& export_opthdrrva
< vaddr
+ vsize
))
388 if (strcmp (sname
, ".edata") != 0)
390 if (debug_coff_pe_read
)
391 gdb_printf (gdb_stdlog
, _("Export RVA for dll "
392 "\"%s\" is in section \"%s\"\n"),
393 bfd_get_filename (dll
), sname
);
395 else if (export_opthdrrva
!= vaddr
&& debug_coff_pe_read
)
396 gdb_printf (gdb_stdlog
, _("Wrong value of export RVA"
397 " for dll \"%s\": 0x%lx instead of 0x%lx\n"),
398 bfd_get_filename (dll
), export_opthdrrva
, vaddr
);
399 expptr
= fptr
+ (export_opthdrrva
- vaddr
);
406 /* no section contains export table rva */
410 export_rva
= export_opthdrrva
;
411 export_size
= export_opthdrsize
;
413 if (export_size
== 0)
415 /* Empty export table. */
419 /* Scan sections and store the base and size of the relevant
421 for (i
= 0; i
< nsections
; i
++)
423 unsigned long secptr1
= secptr
+ 40 * i
;
424 unsigned long vsize
= pe_get32 (dll
, secptr1
+ 8);
425 unsigned long vaddr
= pe_get32 (dll
, secptr1
+ 12);
426 unsigned long characteristics
= pe_get32 (dll
, secptr1
+ 36);
427 char sec_name
[SCNNMLEN
+ 1];
429 unsigned int bfd_section_index
;
432 bfd_seek (dll
, (file_ptr
) secptr1
+ 0, SEEK_SET
);
433 bfd_bread (sec_name
, (bfd_size_type
) SCNNMLEN
, dll
);
434 sec_name
[SCNNMLEN
] = '\0';
436 sectix
= read_pe_section_index (sec_name
);
437 section
= bfd_get_section_by_name (dll
, sec_name
);
439 bfd_section_index
= section
->index
;
441 bfd_section_index
= -1;
443 if (sectix
!= PE_SECTION_INDEX_INVALID
)
445 section_data
[sectix
].rva_start
= vaddr
;
446 section_data
[sectix
].rva_end
= vaddr
+ vsize
;
447 section_data
[sectix
].index
= bfd_section_index
;
451 section_data
.resize (otherix
+ 1);
452 section_data
[otherix
].section_name
= sec_name
;
453 section_data
[otherix
].rva_start
= vaddr
;
454 section_data
[otherix
].rva_end
= vaddr
+ vsize
;
455 section_data
[otherix
].vma_offset
= 0;
456 section_data
[otherix
].index
= bfd_section_index
;
457 if (characteristics
& IMAGE_SCN_CNT_CODE
)
458 section_data
[otherix
].ms_type
= mst_text
;
459 else if (characteristics
& IMAGE_SCN_CNT_INITIALIZED_DATA
)
460 section_data
[otherix
].ms_type
= mst_data
;
461 else if (characteristics
& IMAGE_SCN_CNT_UNINITIALIZED_DATA
)
462 section_data
[otherix
].ms_type
= mst_bss
;
464 section_data
[otherix
].ms_type
= mst_unknown
;
469 gdb::def_vector
<unsigned char> expdata_storage (export_size
);
470 expdata
= expdata_storage
.data ();
472 bfd_seek (dll
, (file_ptr
) expptr
, SEEK_SET
);
473 bfd_bread (expdata
, (bfd_size_type
) export_size
, dll
);
474 erva
= expdata
- export_rva
;
476 nexp
= pe_as32 (expdata
+ 24);
477 name_rvas
= pe_as32 (expdata
+ 32);
478 ordinals
= pe_as32 (expdata
+ 36);
479 ordbase
= pe_as32 (expdata
+ 16);
480 exp_funcbase
= pe_as32 (expdata
+ 28);
482 /* Use internal dll name instead of full pathname. */
483 char *dll_name
= (char *) (pe_as32 (expdata
+ 12) + erva
);
485 for (asection
*sectp
: gdb_bfd_sections (dll
))
487 int sectix
= get_pe_section_index (sectp
->name
, section_data
);
488 if (sectix
!= PE_SECTION_INDEX_INVALID
)
490 /* Data within the section start at rva_start in the pe and at
491 bfd_get_section_vma() within memory. Store the offset. */
492 section_data
[sectix
].vma_offset
493 = bfd_section_vma (sectp
) - section_data
[sectix
].rva_start
;
497 /* Truncate name at first dot. Should maybe also convert to all
498 lower case for convenience on Windows. */
499 read_pe_truncate_name (dll_name
);
501 if (debug_coff_pe_read
)
502 gdb_printf (gdb_stdlog
, _("DLL \"%s\" has %ld export entries,"
503 " base=%ld\n"), dll_name
, nexp
, ordbase
);
506 /* Iterate through the list of symbols. */
507 for (i
= 0; i
< nexp
; i
++)
509 /* Pointer to the names vector. */
510 unsigned long name_rva
= pe_as32 (erva
+ name_rvas
+ i
* 4);
511 /* Retrieve ordinal value. */
513 unsigned long ordinal
= pe_as16 (erva
+ ordinals
+ i
* 2);
516 /* Pointer to the function address vector. */
517 /* This is relative to ordinal value. */
518 unsigned long func_rva
= pe_as32 (erva
+ exp_funcbase
+
521 /* Find this symbol's section in our own array. */
523 int section_found
= 0;
525 /* First handle forward cases. */
526 if (func_rva
>= export_rva
&& func_rva
< export_rva
+ export_size
)
528 const char *forward_name
= (const char *) (erva
+ func_rva
);
529 const char *funcname
= (const char *) (erva
+ name_rva
);
530 const char *forward_dll_name
= forward_name
;
531 const char *forward_func_name
= forward_name
;
532 const char *sep
= strrchr (forward_name
, '.');
534 std::string name_storage
;
537 int len
= (int) (sep
- forward_name
);
539 name_storage
= std::string (forward_name
, len
);
540 forward_dll_name
= name_storage
.c_str ();
541 forward_func_name
= sep
+ 1;
543 if (add_pe_forwarded_sym (reader
, funcname
, forward_dll_name
,
544 forward_func_name
, ordinal
,
545 dll_name
, objfile
) != 0)
550 for (sectix
= 0; sectix
< otherix
; ++sectix
)
552 if ((func_rva
>= section_data
[sectix
].rva_start
)
553 && (func_rva
< section_data
[sectix
].rva_end
))
555 const char *sym_name
= (const char *) (erva
+ name_rva
);
558 add_pe_exported_sym (reader
, sym_name
, func_rva
, ordinal
,
559 §ion_data
[sectix
], dll_name
, objfile
);
566 const char *funcname
= (const char *) (erva
+ name_rva
);
570 add_pe_exported_sym (reader
, NULL
, func_rva
, ordinal
,
571 §ion_data
[0], dll_name
, objfile
);
574 else if (debug_coff_pe_read
)
575 gdb_printf (gdb_stdlog
, _("Export name \"%s\" ord. %lu,"
576 " RVA 0x%lx in dll \"%s\" not handled\n"),
577 funcname
, ordinal
, func_rva
, dll_name
);
581 if (debug_coff_pe_read
)
582 gdb_printf (gdb_stdlog
, _("Finished reading \"%s\", exports %ld,"
583 " forwards %ld, total %ld/%ld.\n"), dll_name
, nbnormal
,
584 nbforward
, nbnormal
+ nbforward
, nexp
);
587 /* Extract from ABFD the offset of the .text section.
588 This offset is mainly related to the offset within the file.
589 The value was previously expected to be 0x1000 for all files,
590 but some Windows OS core DLLs seem to use 0x10000 section alignment
591 which modified the return value of that function.
592 Still return default 0x1000 value if ABFD is NULL or
593 if '.text' section is not found, but that should not happen... */
595 #define DEFAULT_COFF_PE_TEXT_SECTION_OFFSET 0x1000
598 pe_text_section_offset (struct bfd
*abfd
)
601 unsigned long pe_header_offset
, i
;
602 unsigned long nsections
, secptr
;
608 return DEFAULT_COFF_PE_TEXT_SECTION_OFFSET
;
610 target
= bfd_get_target (abfd
);
612 is_pe64
= (strcmp (target
, "pe-x86-64") == 0
613 || strcmp (target
, "pei-x86-64") == 0);
614 is_pe32
= (strcmp (target
, "pe-i386") == 0
615 || strcmp (target
, "pei-i386") == 0
616 || strcmp (target
, "pe-arm-wince-little") == 0
617 || strcmp (target
, "pei-arm-wince-little") == 0);
619 if (!is_pe32
&& !is_pe64
)
621 /* This is not a recognized PE format file. Abort now, because
622 the code is untested on anything else. *FIXME* test on
623 further architectures and loosen or remove this test. */
624 return DEFAULT_COFF_PE_TEXT_SECTION_OFFSET
;
627 /* Get pe_header, optional header and numbers of sections. */
628 pe_header_offset
= pe_get32 (abfd
, 0x3c);
629 nsections
= pe_get16 (abfd
, pe_header_offset
+ 4 + 2);
630 secptr
= (pe_header_offset
+ 4 + 20 +
631 pe_get16 (abfd
, pe_header_offset
+ 4 + 16));
633 /* Get the rva and size of the export section. */
634 for (i
= 0; i
< nsections
; i
++)
636 char sname
[SCNNMLEN
+ 1];
637 unsigned long secptr1
= secptr
+ 40 * i
;
638 unsigned long vaddr
= pe_get32 (abfd
, secptr1
+ 12);
640 bfd_seek (abfd
, (file_ptr
) secptr1
, SEEK_SET
);
641 bfd_bread (sname
, (bfd_size_type
) SCNNMLEN
, abfd
);
642 sname
[SCNNMLEN
] = '\0';
643 if (strcmp (sname
, ".text") == 0)
647 return DEFAULT_COFF_PE_TEXT_SECTION_OFFSET
;
650 /* Implements "show debug coff_pe_read" command. */
653 show_debug_coff_pe_read (struct ui_file
*file
, int from_tty
,
654 struct cmd_list_element
*c
, const char *value
)
656 gdb_printf (file
, _("Coff PE read debugging is %s.\n"), value
);
659 /* Adds "Set/show debug coff_pe_read" commands. */
661 void _initialize_coff_pe_read ();
663 _initialize_coff_pe_read ()
665 add_setshow_zuinteger_cmd ("coff-pe-read", class_maintenance
,
667 _("Set coff PE read debugging."),
668 _("Show coff PE read debugging."),
669 _("When set, debugging messages for coff reading "
670 "of exported symbols are displayed."),
671 NULL
, show_debug_coff_pe_read
,
672 &setdebuglist
, &showdebuglist
);