This is the mail archive of the
mailing list for the elfutils project.
Misinterpreted FILE note for 32bit core files in readelf
- From: Markus Engel <m_engel at cs dot uni-kl dot de>
- To: elfutils-devel at lists dot fedorahosted dot org
- Date: Thu, 10 Apr 2014 10:42:17 +0200
- Subject: Misinterpreted FILE note for 32bit core files in readelf
For 32bit core files, the FILE note is misinterpreted (tested in Version
0.158 and git with readelf being a 64 and 32 bit binary), here is an
CORE 72 FILE
00000000-080eb000 36d67b6ccd38000 135180288 gel/z/a.out
Not enough data in NT_FILE note.
In readelf.c:handle_file_note, count and page_size are already
interpreted as 64 bit values, which advances ptr by 2*8 instead of 2*4.
I traced this further to buf_read_ulong, where u has a size of 8, which
is given to convert, returning data + 8.
Besides tracing these things I don't know how to fix it, mostly because
I don't know where exactly things go an unintended way :)