Defective "portable executables" distributed/created by Cygwin
Marco Atzeri
marco.atzeri@gmail.com
Thu May 10 21:26:00 GMT 2018
On 5/10/2018 8:30 PM, Stefan Kanthak wrote:
> Hi @ll,
>
> the "portable executables" distributed by Cygwin (and of course those
> created with Cygwin's GCC toolchain too) have INVALID/ILLEGAL headers:
>
> 0. Microsoft's DUMPBIN.EXE alias LINK.EXE /DUMP aborts with
> "access violation" (see below) on almost all Cygwin binaries!
A program should never fail in such way. It seems the program is NOT
validating properly its input and it is probably expecting the
organization of the data as used by Microsoft Visual Studio 2010.
As it fails probably you can not fully trust its output
for program built from other compilers.
> 1. they use INVALID/ILLEGAL section names like "/4" or "/14", upon
> which Microsoft's DUMPBIN.EXE alias LINK.EXE /DUMP stops enumerating
> the section headers (see below)!
It seems Cygwin tools disagree with such interpretation
$ objdump -h /usr/bin/bash.exe
/usr/bin/bash.exe: file format pei-x86-64
Sections:
Idx Name Size VMA LMA File off
Algn
0 .text 0007ce08 0000000100401000 0000000100401000
00000400 2**4
CONTENTS, ALLOC, LOAD, READONLY, CODE, DATA
1 .data 000033c8 000000010047e000 000000010047e000
0007d400 2**5
CONTENTS, ALLOC, LOAD, DATA
2 .rdata 0001caf8 0000000100482000 0000000100482000
00080800 2**5
CONTENTS, ALLOC, LOAD, READONLY, DATA
3 .buildid 00000035 000000010049f000 000000010049f000
0009d400 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
4 .pdata 0000492c 00000001004a0000 00000001004a0000
0009d600 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
5 .xdata 0000459c 00000001004a5000 00000001004a5000
000a2000 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
6 .bss 0000a980 00000001004aa000 00000001004aa000
00000000 2**5
ALLOC
7 .edata 00009722 00000001004b5000 00000001004b5000
000a6600 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
8 .idata 000035c8 00000001004bf000 00000001004bf000
000afe00 2**2
CONTENTS, ALLOC, LOAD, DATA
9 .rsrc 000004e8 00000001004c3000 00000001004c3000
000b3400 2**2
CONTENTS, ALLOC, LOAD, DATA
10 .reloc 00000c70 00000001004c4000 00000001004c4000
000b3a00 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
11 .gnu_debuglink 00000014 00000001004c5000 00000001004c5000
000b4800 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
As bash.exe is working fine, I doubt it is using a invalid structure.
> From the PE format specification
> <https://msdn.microsoft.com/en-us/library//ms680547.aspx#section_table__section_headers_>:
Have you also noted:
"Note This document is provided to aid in the development of tools and
applications for Windows but is not guaranteed to be a complete
specification in all respects. Microsoft reserves the right to alter
this document without notice."
Regards
Marco
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list