Web lists-archives.com

Re: Defective "portable executables" distributed/created by Cygwin




On 5/10/2018 8:30 PM, Stefan Kanthak wrote:
Hi @ll,

the "portable executables" distributed by Cygwin (and of course those
created with Cygwin's GCC toolchain too) have INVALID/ILLEGAL headers:

0. Microsoft's DUMPBIN.EXE alias LINK.EXE /DUMP aborts with
    "access violation" (see below) on almost all Cygwin binaries!

A program should never fail in such way. It seems the program is NOT
validating properly its input and it is probably expecting the
organization of the data as used by Microsoft Visual Studio 2010.
As it fails probably you can not fully trust its output
for program built from other compilers.


1. they use INVALID/ILLEGAL section names like "/4" or "/14", upon
    which Microsoft's DUMPBIN.EXE alias LINK.EXE /DUMP stops enumerating
    the section headers (see below)!

It seems Cygwin tools disagree with such interpretation

$ objdump -h /usr/bin/bash.exe

/usr/bin/bash.exe:     file format pei-x86-64

Sections:
Idx Name Size VMA LMA File off Algn 0 .text 0007ce08 0000000100401000 0000000100401000 00000400 2**4
                  CONTENTS, ALLOC, LOAD, READONLY, CODE, DATA
1 .data 000033c8 000000010047e000 000000010047e000 0007d400 2**5
                  CONTENTS, ALLOC, LOAD, DATA
2 .rdata 0001caf8 0000000100482000 0000000100482000 00080800 2**5
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
3 .buildid 00000035 000000010049f000 000000010049f000 0009d400 2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
4 .pdata 0000492c 00000001004a0000 00000001004a0000 0009d600 2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
5 .xdata 0000459c 00000001004a5000 00000001004a5000 000a2000 2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
6 .bss 0000a980 00000001004aa000 00000001004aa000 00000000 2**5
                  ALLOC
7 .edata 00009722 00000001004b5000 00000001004b5000 000a6600 2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
8 .idata 000035c8 00000001004bf000 00000001004bf000 000afe00 2**2
                  CONTENTS, ALLOC, LOAD, DATA
9 .rsrc 000004e8 00000001004c3000 00000001004c3000 000b3400 2**2
                  CONTENTS, ALLOC, LOAD, DATA
10 .reloc 00000c70 00000001004c4000 00000001004c4000 000b3a00 2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
11 .gnu_debuglink 00000014 00000001004c5000 00000001004c5000 000b4800 2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA


As bash.exe is working fine, I doubt it is using a invalid structure.


    From the PE format specification
    <https://msdn.microsoft.com/en-us/library//ms680547.aspx#section_table__section_headers_>:

Have you also noted:
"Note This document is provided to aid in the development of tools and applications for Windows but is not guaranteed to be a complete specification in all respects. Microsoft reserves the right to alter this document without notice."

Regards
Marco

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple