This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: [PATCH/PING all PE target maintainers] Disallow long COFF section names in PE executable image files.
- From: Kai Tietz <Kai dot Tietz at onevision dot com>
- To: Dave Korn <dave dot korn dot cygwin at googlemail dot com>
- Cc: binutils at sourceware dot org, piotr dot wyderski at gmail dot com
- Date: Fri, 6 Feb 2009 11:58:27 +0100
- Subject: Re: [PATCH/PING all PE target maintainers] Disallow long COFF section names in PE executable image files.
Dave,
binutils-owner@sourceware.org wrote on 05.02.2009 15:29:09:
>
> Hello team,
>
> As reported by Piotr a couple of days ago(*), bfd currently
generates PE
> executables that fail to conform to the PE specification docs. To
recap:
>
> - COFF (on which PE is based) only allows 8-byte section names.
>
> - PE adds an extension where long section names can be encoded in the
string
> table that is appended to the COFF symbols, by setting the section name
to an
> ASCII string of the form "/nnnnn" where nnnn is the decimal offset of
the long
> name in the string table.
>
> - According to the spec, " Executable images do not use a string table
and do
> not support section names longer than 8 characters. Long names in object
files
> are truncated if they are emitted to an executable file. "
>
> - But BFD does this for fully-linked executables as well.
>
> This is wrong, but it's hard to show it. The standard MS
"dumpbin" tool
> accepts the format without complaint and shows the expanded long name,
as does
> objdump. It does, however, cause the (free as in beer but not speech)
> PEview(+) utility to display gibberish, but there's no way to export the
dump
> from that utility as text. If anyone wants to see, I took a
screenshot.(^)
>
> This patch shows the simplest way to deal with the problem:
> WDDTT, for all
> the PE executable image file formats. But I had second thoughts.
>
> - This may not be standard, but it does in fact work; the executables
> generated by binutils are fully functional, the string table (that
shouldn't
> be there) is just treated as harmless bunch-of-bytes appended to the
image,
> and it's only a few tools that even notice the problem. It also makes
for
> nicer output when you have to dump something, so could be
considereddesirable
> as a GNU extension.
>
> - OTOH I don't know for absolute certain whether some conceivable harm
might
> result from adhering to the standard and truncating the long section
names in
> the fully-linked executable image files. We do occasionally link
against
> executable images - DLLs in particular - and I could imagine things
> conceivably becoming confused from the presence of multiple
identically-named
> input sections, but then again it only happens to the .debug_* sections,
so we
> might get away with it.
>
> So, I thought up a slightly more sophisticated approach, but before
I put
> the work in to implement it I thought I'd see if there's any kind
ofconsensus
> among the PE maintainers: Would we like this behaviour to be controlled
by a
> command-line flag, rather than just forcefully disabled?
I would vote for a command-line option. By default turned off. To allow
this extension could be useful for some tools, but by default we should
try to be close to the specification IMHO.
Cheers,
Kai
| (\_/) This is Bunny. Copy and paste Bunny
| (='.'=) into your signature to help him gain
| (")_(") world domination.