Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Show binary exports, entrypoint, and imports #2626

Merged
merged 9 commits into from
Mar 12, 2024
Merged

Show binary exports, entrypoint, and imports #2626

merged 9 commits into from
Mar 12, 2024

Conversation

wagoodman
Copy link
Contributor

@wagoodman wagoodman commented Feb 12, 2024
edited
Loading

Partially implements #661

This PR adds the following indications to the file.Executable object:

  • hasEntrypoint denotes if the binary is self-executable
  • hasExports denotes that the binary can be used as a library
  • importsLibraries denotes which dynamic libraries a binary needs

Why not just indicate isLibrary? Mainly because some executable formats can support a binary being both a library and a self-executing application simultaneously:

$ readelf -h /bin/busybox | grep "Entry point address"
  Entry point address:               0xd8f4

$ nm -D --defined-only /bin/busybox | grep ' T \| W \| B '
00000000000b8974 T _fini
000000000000c010 T _init
00000000000b7618 T endutxent
00000000000b7624 T getutxent
00000000000b7668 T pututxline
00000000000b76bc T setutxent
00000000000b76e8 T updwtmpx

(anything that isn't U is an export)

Why not make relationships between binary files instead of declaring the imports as attributes on the file object? There is some discussion about this, but this PR only goes so far; no new relationships are being added in this PR, but it is important to be able to know:

  • about imports where there is no binary file or package that suffices, thus we would not show the dependency without it required to be installed
  • exactly which imports are declared on a binary. At a package level this kind of information could be lost some (say if a package provides multiple binaries and we don't know which one).

This functionality has been implemented for ELF, Mach-o, and PE binary formats.

@github-actions github-actions bot added the json-schema Changes the json schema label Feb 12, 2024
@wagoodman
ignore ephemeral test files
c840022 
Signed-off-by: Alex Goodman <[email protected]>
@github-actions GitHub Actions

This comment has been minimized.

Sign in to view
@wagoodman wagoodman marked this pull request as ready for review February 27, 2024 22:25
@wagoodman wagoodman requested a review from a team February 27, 2024 22:26
@wagoodman wagoodman self-assigned this Mar 12, 2024
kzantow
kzantow approved these changes Mar 12, 2024
View reviewed changes
Copy link
Contributor

@kzantow kzantow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

.github/workflows/validations.yaml Outdated Show resolved Hide resolved
syft/file/cataloger/executable/elf.go Outdated Show resolved Hide resolved
syft/file/cataloger/executable/elf.go Outdated Show resolved Hide resolved
syft/file/cataloger/executable/elf_test.go Outdated Show resolved Hide resolved
syft/file/cataloger/executable/macho.go
func findMachoFeatures(data *file.Executable, reader unionreader.UnionReader) error {
// TODO: support security features

// TODO: support multi-architecture binaries
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Isn't this what the UnionReader is for?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no a union reader only makes the reader easier to use for seeking and such:

type UnionReader interface {
	io.Reader
	io.ReaderAt
	io.Seeker
	io.Closer
}

Where as we could be individually unwrapping the multiple binaries from "universal" or multi-architecture binaries: https://github.com/anchore/go-macholibre/blob/5df1434a0b50a4fe3e1dae035d10d4c977369e43/universal_binary.go#L143 .

I've descoped this from this particular PR.

@wagoodman
handle PR review comments
fd0eb3e 
Signed-off-by: Alex Goodman <[email protected]>
@wagoodman wagoodman enabled auto-merge (squash) March 12, 2024 21:55
@wagoodman wagoodman merged commit 47fc909 into main Mar 12, 2024
11 checks passed
@wagoodman wagoodman deleted the shared-lib-attributes branch March 12, 2024 22:04
brian-ebarb pushed a commit to brian-ebarb/syft that referenced this pull request Mar 13, 2024
@wagoodman @brian-ebarb
Show binary exports, entrypoint, and imports (anchore#2626)
a7a2c3a 
show binary exports, entrypoint, and imports for macho, elf, and pe formats

Signed-off-by: Alex Goodman <[email protected]>
Signed-off-by: Brian Ebarb <[email protected]>
@spiffcs spiffcs added the enhancement New feature or request label Mar 25, 2024
@BrewTestBot BrewTestBot mentioned this pull request Mar 25, 2024
Merged
@wagoodman wagoodman mentioned this pull request May 22, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kzantow kzantow kzantow approved these changes

Assignees

@wagoodman wagoodman

Labels
enhancement New feature or request json-schema Changes the json schema
Projects
OSS
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@wagoodman @kzantow @spiffcs