Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ELFParseError for Atmel and NXP binaries #513

Open
s8maschi opened this issue Sep 29, 2024 · 1 comment
Open

ELFParseError for Atmel and NXP binaries #513

s8maschi opened this issue Sep 29, 2024 · 1 comment
Labels
question

Comments

@s8maschi
Copy link

s8maschi commented Sep 29, 2024
edited
Loading

Description

I'm getting the following ElfParser error when opening these Atmel and NXP binaries in angr. I have not included all the files, just a sample set
problematic_binaries.zip

File "cle\backends\elf\elf.py", line 393, in get_symbol
    re_sym = symbol_table.get_symbol(symid)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "elftools\elf\sections.py", line 190, in get_symbol
    entry = struct_parse(
            ^^^^^^^^^^^^^
  File "elftools\common\utils.py", line 45, in struct_parse
    raise ELFParseError(str(e))
elftools.common.exceptions.ELFParseError: expected 4, found 0

This seems to be similar to #116 but i'm fairly certain the binaries are not corrupted in this case.

Most of them are from the P2IM unit test repository https://github.com/RiS3-Lab/p2im-unit_tests/tree/cdfd9bbc72e1cc87a1f5d3905804ae1f91539beb

The STM binaries from the same work without an issue.

Steps to reproduce the bug

I just load them into a regular angr project without any additional parameters

Environment

angr environment report
=============================
Date: 2024-09-30 01:09:57.975707
!!! running in global environment.  Are you sure? !!!
C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\angr\misc\bug_report.py:88: DeprecationWarning: pkg_resources is deprecated as an API. See https://setuptools.pypa.io/en/latest/pkg_resources.html
  import pkg_resources  # pylint:disable=import-outside-toplevel
Platform: win-amd64
Python version: 3.12.0 (tags/v3.12.0:0fb18b0, Oct  2 2023, 13:03:39) [MSC v.1935 64 bit (AMD64)]
######## angr #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\angr\__init__.py
Pip version angr 9.2.86
Couldn't find git info
######## ailment #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\ailment\__init__.py
Pip version ailment 9.2.86
Couldn't find git info
######## cle #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\cle\__init__.py
Pip version cle 9.2.86
Couldn't find git info
######## pyvex #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\pyvex\__init__.py
Pip version pyvex 9.2.86
Couldn't find git info
######## claripy #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\claripy\__init__.py
Pip version claripy 9.2.86
Couldn't find git info
######## archinfo #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\archinfo\__init__.py
Pip version archinfo 9.2.86
Couldn't find git info
######## z3 #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\z3\__init__.py
Pip version z3-solver 4.10.2.0
Couldn't find git info
######## unicorn #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\unicorn\__init__.py
Pip version unicorn 2.0.1.post1
Couldn't find git info
######### Native Module Info ##########
angr: <CDLL 'C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\angr\lib\angr_native.dll', handle 7ffbabc00000 at 0x1ec2d6cfbc0>
unicorn: <CDLL 'C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\unicorn\lib\unicorn.dll', handle 7ffbad640000 at 0x1ec2b4167b0>
pyvex: <cffi.api._make_ffi_library.<locals>.FFILibrary object at 0x000001EC2B1211C0>
z3: <CDLL 'C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\z3\lib\libz3.dll', handle 7ffbae750000 at 0x1ec2a7cf7d0>
PS C:\Users\mschi\OneDrive\Desktop\masterarbeit\masterthesis-marco-schichtel> python -m angr.misc.bug_report
angr environment report
=============================
Date: 2024-09-30 01:13:37.649914
!!! running in global environment.  Are you sure? !!!
C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\angr\misc\bug_report.py:88: DeprecationWarning: pkg_resources is deprecated as an API. See https://setuptools.pypa.io/en/latest/pkg_resources.html
  import pkg_resources  # pylint:disable=import-outside-toplevel
Platform: win-amd64
Python version: 3.12.0 (tags/v3.12.0:0fb18b0, Oct  2 2023, 13:03:39) [MSC v.1935 64 bit (AMD64)]
######## angr #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\angr\__init__.py
Pip version angr 9.2.86
Couldn't find git info
######## ailment #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\ailment\__init__.py
Pip version ailment 9.2.86
Couldn't find git info
######## cle #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\cle\__init__.py
Pip version cle 9.2.86
Couldn't find git info
######## pyvex #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\pyvex\__init__.py
Pip version pyvex 9.2.86
Couldn't find git info
######## claripy #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\claripy\__init__.py
Pip version claripy 9.2.86
Couldn't find git info
######## archinfo #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\archinfo\__init__.py
Pip version archinfo 9.2.86
Couldn't find git info
######## z3 #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\z3\__init__.py
Pip version z3-solver 4.10.2.0
Couldn't find git info
######## unicorn #########
Python found it in C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\unicorn\__init__.py
Pip version unicorn 2.0.1.post1
Couldn't find git info
######### Native Module Info ##########
angr: <CDLL 'C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\angr\lib\angr_native.dll', handle 7ffbabec0000 at 0x235107af9b0>
unicorn: <CDLL 'C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\unicorn\lib\unicorn.dll', handle 7ffbad900000 at 0x2350e72f6b0>
pyvex: <cffi.api._make_ffi_library.<locals>.FFILibrary object at 0x000002350E214DD0>
z3: <CDLL 'C:\Users\mschi\AppData\Local\Programs\Python\Python312\Lib\site-packages\z3\lib\libz3.dll', handle 7ffbaea10000 at 0x2350cfb7980>

Additional context

No response
@rhelmot
Copy link
Member

rhelmot commented Sep 30, 2024

These binaries load for me and only show the traceback as a log message, so this isn't a showstopper, just a partial failure.

Moreover, readelf(1) is unable to parse the part of the binary that is generating these errors; I get a ton of Error: bad symbol index errors, which is the same thing being reported by angr. There's something wrong with the toolchain that's generating these binaries. Specifically, it looks like the .relocate section is marked with the ELF semantic tag for a relocation table, but it's not actually filled with valid ELF relocations.

If these binaries are meant to run on a platform that doesn't have relocations, you can just pass perform_relocations=False to the angr/cle constructor.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rhelmot @s8maschi