From eeddaba7d3382f6688db41fd586636634c1486b1 Mon Sep 17 00:00:00 2001 From: pagabuc Date: Mon, 20 Jul 2020 14:21:49 -0700 Subject: [PATCH] Return the correct number of program headers when e_phnum is 0xffff (#326) * Return the correct number of program headers when e_phnum is 0xffff * Added link and relevant text of the specification --- elftools/elf/elffile.py | 12 +++++++++++- scripts/readelf.py | 2 +- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/elftools/elf/elffile.py b/elftools/elf/elffile.py index b7868f2..3c8ed51 100644 --- a/elftools/elf/elffile.py +++ b/elftools/elf/elffile.py @@ -120,7 +120,17 @@ class ELFFile(object): def num_segments(self): """ Number of segments in the file """ - return self['e_phnum'] + # From: https://github.com/hjl-tools/x86-psABI/wiki/X86-psABI + # Section: 4.1.2 Number of Program Headers + # If the number of program headers is greater than or equal to + # PN_XNUM (0xffff), this member has the value PN_XNUM + # (0xffff). The actual number of program header table entries + # is contained in the sh_info field of the section header at + # index 0. + if self['e_phnum'] < 0xffff: + return self['e_phnum'] + else: + return self.get_section(0)['sh_info'] def get_segment(self, n): """ Get the segment at index #n from the file (Segment object) diff --git a/scripts/readelf.py b/scripts/readelf.py index 9971b3b..366c50e 100755 --- a/scripts/readelf.py +++ b/scripts/readelf.py @@ -218,7 +218,7 @@ class ReadElf(object): # readelf weirness - why isn't e_phoff printed as hex? (for section # headers, it is...) self._emitline('There are %s program headers, starting at offset %s' % ( - elfheader['e_phnum'], elfheader['e_phoff'])) + self.elffile.num_segments(), elfheader['e_phoff'])) self._emitline() self._emitline('Program Headers:') -- 2.30.2