This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: What have you done to strings!
- From: Nicholas Clifton <nickc at redhat dot com>
- To: Jeff Law <law at redhat dot com>, Tristan Gingold <gingold at adacore dot com>, Andreas Schwab <schwab at linux-m68k dot org>
- Cc: Russell Fulton <r dot fulton at auckland dot ac dot nz>, "binutils at sourceware dot org" <binutils at sourceware dot org>, "bugreg at galexander dot org >> Greg Alexander" <bugreg at galexander dot org>
- Date: Thu, 30 Oct 2014 13:30:27 +0000
- Subject: Re: What have you done to strings!
- Authentication-results: sourceware.org; auth=none
- References: <282DFD25-A41D-469C-834E-570AC1EF54B5 at auckland dot ac dot nz> <87sii7j0qd dot fsf at igel dot home> <7A77C375-DD28-499D-AFE6-AFD783502CB8 at adacore dot com> <mvmzjcfl120 dot fsf at hawking dot suse dot de> <623A53FB-08A9-4C05-8DE0-AA4370F1FD56 at adacore dot com> <5450E05C dot 8050007 at redhat dot com>
Hi Guys.
OK - what do you think of the attached patch ? It does the following:
* Makes -a be strings default behaviour.
* Adds a new option to strings -d which restores the old
behaviour of only scanning data sections.
* Provides a configure time option --disable-default-strings-all
which restores the old behaviour of strings scanning data
sections be default.
* Updates the documentation to describe -d, plus why -a might be
preferred and how the - option works as well.
* Adds a NEWS entry about all of the above.
Cheers
Nick
diff --git a/binutils/NEWS b/binutils/NEWS
index 126219b..e7af3c7 100644
--- a/binutils/NEWS
+++ b/binutils/NEWS
@@ -1,5 +1,10 @@
-*- text -*-
+* Add --data option to strings to only print strings in loadable, initialized
+ data sections. Change the default behaviour to be --all, but add a new
+ configure time option of --disable-default-strings-all to restore the old
+ default behaviour.
+
Changes in 2.25:
* Add --include-all-whitespace to strings.
diff --git a/binutils/configure.ac b/binutils/configure.ac
index c5da20d..c5aadd8 100644
--- a/binutils/configure.ac
+++ b/binutils/configure.ac
@@ -55,6 +55,18 @@ fi], [default_ar_deterministic=0])
AC_DEFINE_UNQUOTED(DEFAULT_AR_DETERMINISTIC, $default_ar_deterministic,
[Should ar and ranlib use -D behavior by default?])
+AC_ARG_ENABLE(default-strings-all,
+[AS_HELP_STRING([--disable-default-strings-all],
+ [strings defaults to --data behavior])], [
+if test "${enableval}" = no; then
+ default_strings_all=0
+else
+ default_strings_all=1
+fi], [default_strings_all=1])
+
+AC_DEFINE_UNQUOTED(DEFAULT_STRINGS_ALL, $default_strings_all,
+ [Should strings use -a behavior by default?])
+
AM_BINUTILS_WARNINGS
AC_CONFIG_HEADERS(config.h:config.in)
diff --git a/binutils/doc/binutils.texi b/binutils/doc/binutils.texi
index 3874f25..eee77b1 100644
--- a/binutils/doc/binutils.texi
+++ b/binutils/doc/binutils.texi
@@ -2672,15 +2672,24 @@ strings [@option{-afovV}] [@option{-}@var{min-len}]
@c man begin DESCRIPTION strings
-For each @var{file} given, @sc{gnu} @command{strings} prints the printable
-character sequences that are at least 4 characters long (or the number
-given with the options below) and are followed by an unprintable
-character. By default, it only prints the strings from the initialized
-and loaded sections of object files; for other types of files, it prints
-the strings from the whole file.
+For each @var{file} given, @sc{gnu} @command{strings} prints the
+printable character sequences that are at least 4 characters long (or
+the number given with the options below) and are followed by an
+unprintable character.
-@command{strings} is mainly useful for determining the contents of non-text
-files.
+Depending upon how the strings program was configured it will default
+to either displaying all the printable sequences that it can find in
+each file, or only those sequences that are in loadable, initialized
+data sections. If the file type in unrecognizable, or if strings is
+reading from stdin then it will always display all of the printable
+sequences that it can find.
+
+For backwards compatibility any file that occurs after a command line
+option of just @option{-} will also be scanned in full, regardless of
+the presence of any @option{-d} option.
+
+@command{strings} is mainly useful for determining the contents of
+non-text files.
@c man end
@@ -2690,8 +2699,25 @@ files.
@item -a
@itemx --all
@itemx -
-Do not scan only the initialized and loaded sections of object files;
-scan the whole files.
+Scan the whole file, regardless of what sections it contains or
+whether those sections are loaded or initialized. Normally this is
+the default behaviour, but strings can be configured so that the
+@option{-d} is the default instead.
+
+The @option{-} option is position dependent and forces strings to
+perform full scans of any file that is mentioned after the @option{-}
+on the command line, even if the @option{-d} option has been
+specified.
+
+@item -d
+@itemx --data
+Only print strings from initialized, loaded data sections in the
+file. This may reduce the amount of garbage in the output, but it
+also exposes the strings program to any security flaws that may be
+present in the BFD library used to scan and load sections. Strings
+can be configured so that this option is the default behaviour. In
+such cases the @option{-a} option can be used to avoid using the BFD
+library and instead just print all of the strings found in the file.
@item -f
@itemx --print-file-name
diff --git a/binutils/strings.c b/binutils/strings.c
index f92132b..72085ac 100644
--- a/binutils/strings.c
+++ b/binutils/strings.c
@@ -23,6 +23,9 @@
-a
- Do not scan only the initialized data section of object files.
+ --data
+ -d Scan each file in its entirety.
+
--print-file-name
-f Print the name of the file before each string.
@@ -114,6 +117,7 @@ static int encoding_bytes;
static struct option long_options[] =
{
{"all", no_argument, NULL, 'a'},
+ {"data", no_argument, NULL, 'd'},
{"print-file-name", no_argument, NULL, 'f'},
{"bytes", required_argument, NULL, 'n'},
{"radix", required_argument, NULL, 't'},
@@ -136,7 +140,7 @@ typedef struct
static void strings_a_section (bfd *, asection *, void *);
static bfd_boolean strings_object_file (const char *);
-static bfd_boolean strings_file (char *file);
+static bfd_boolean strings_file (char *);
static void print_strings (const char *, FILE *, file_ptr, int, int, char *);
static void usage (FILE *, int);
static long get_char (FILE *, file_ptr *, int *, char **);
@@ -167,11 +171,14 @@ main (int argc, char **argv)
include_all_whitespace = FALSE;
print_addresses = FALSE;
print_filenames = FALSE;
- datasection_only = TRUE;
+ if (DEFAULT_STRINGS_ALL)
+ datasection_only = FALSE;
+ else
+ datasection_only = TRUE;
target = NULL;
encoding = 's';
- while ((optc = getopt_long (argc, argv, "afhHn:wot:e:T:Vv0123456789",
+ while ((optc = getopt_long (argc, argv, "adfhHn:wot:e:T:Vv0123456789",
long_options, (int *) 0)) != EOF)
{
switch (optc)
@@ -180,6 +187,10 @@ main (int argc, char **argv)
datasection_only = FALSE;
break;
+ case 'd':
+ datasection_only = TRUE;
+ break;
+
case 'f':
print_filenames = TRUE;
break;
@@ -648,8 +659,18 @@ usage (FILE *stream, int status)
{
fprintf (stream, _("Usage: %s [option(s)] [file(s)]\n"), program_name);
fprintf (stream, _(" Display printable strings in [file(s)] (stdin by default)\n"));
- fprintf (stream, _(" The options are:\n\
+ fprintf (stream, _(" The options are:\n"));
+
+ if (DEFAULT_STRINGS_ALL)
+ fprintf (stream, _("\
+ -a - --all Scan the entire file, not just the data section [default]\n\
+ -d --data Only scan the data sections in the file\n"));
+ else
+ fprintf (stream, _("\
-a - --all Scan the entire file, not just the data section\n\
+ -d --data Only scan the data sections in the file [default]\n"));
+
+ fprintf (stream, _("\
-f --print-file-name Print the name of the file before each string\n\
-n --bytes=[number] Locate & print any NUL-terminated sequence of at\n\
-<number> least [number] characters (default 4).\n\