Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/vuln: support XCOFF files #59730

Open
julieqiu opened this issue Apr 20, 2023 · 1 comment
Open

x/vuln: support XCOFF files #59730

julieqiu opened this issue Apr 20, 2023 · 1 comment
Labels
NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. OS-AIX vulncheck or vulndb Issues for the x/vuln or x/vulndb repo
Milestone
vuln/unplanned

Comments

@julieqiu
Copy link
Member

julieqiu commented Apr 20, 2023
edited

From https://github.com/golang/vuln/blob/d3666e3e8dbbcb0748a371d2ff17f4da36a158f4/internal/vulncheck/internal/buildinfo/buildinfo.go#L52-L61

We cannot support XCOFF files due to the usage of internal/xcoff. Once this code is moved into the stdlib, this support can be enabled:

if bytes.HasPrefix(data, []byte{0x01, 0xDF}) || bytes.HasPrefix(data, []byte{0x01, 0xF7}) {
	e, err := xcoff.NewFile(r)
	if err != nil {
		return nil, err
	}
	return &xcoffExe{e}, nil
}

And from https://github.com/golang/vuln/blob/9268f8338db8b8377d58c92d7168aa495cc5b9c6/internal/vulncheck/internal/buildinfo/buildinfo.go#L233-L262:

// xcoffExe is the XCOFF (AIX eXtended COFF) implementation of the exe interface.
type xcoffExe struct {
	f  *xcoff.File
}

func (x *xcoffExe) ReadData(addr, size uint64) ([]byte, error) {
	for _, sect := range x.f.Sections {
		if uint64(sect.VirtualAddress) <= addr && addr <= uint64(sect.VirtualAddress+sect.Size-1) {
			n := uint64(sect.VirtualAddress+sect.Size) - addr
			if n > size {
				n = size
			}
			data := make([]byte, n)
			_, err := sect.ReadAt(data, int64(addr-uint64(sect.VirtualAddress)))
			if err != nil {
				return nil, err
			}
			return data, nil
		}
	}
	return nil, fmt.Errorf("address not mapped")
}

func (x *xcoffExe) DataStart() uint64 {
	return x.f.SectionByType(xcoff.STYP_DATA).VirtualAddress
}
@julieqiu julieqiu added the vulncheck or vulndb Issues for the x/vuln or x/vulndb repo label Apr 20, 2023
@julieqiu julieqiu added this to the vuln/unplanned milestone Apr 20, 2023
@prattmic prattmic added NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. OS-AIX labels Apr 21, 2023
@prattmic
Copy link
Member

cc @golang/aix

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. OS-AIX vulncheck or vulndb Issues for the x/vuln or x/vulndb repo
Projects
None yet
Milestone
vuln/unplanned
Development

No branches or pull requests
2 participants
@prattmic @julieqiu