patchelf produces a corrupted file: no .dynamic section in the dynamic segment

[antocuni]

If I try to run patchelf on the libm.so which is shipped with centos6, I get a corrupted file: (for convenience, you can find the file also here: http://antocuni.eu/misc/libm-2.12.so)

$ ~/tmp/patchelf/src/patchelf --set-soname xxx libm-2.12.so
$ readelf -d libm-2.12.so
readelf: Error: no .dynamic section in the dynamic segment
...

Moreover, the sections also appear to be corrupted: note the names of some of the sections (like e.ABI-tag instead of note.ABI-tag, la.dyn instead of rela.dyn, etc):

$ readelf -S libm-2.12.so
There are 37 section headers, starting at offset 0x91240:

Section Headers:
  [Nr] Name              Type             Address           Offset
       Size              EntSize          Flags  Link  Info  Align
  [ 0]                   NULL             0000000000000000  00000000
       0000000000000000  0000000000000000           0     0     0
  [ 1] sion_r            GNU_HASH         0000000000000280  00000280
       0000000000000fa4  0000000000000000   A       2     0     8
  [ 2] t                 DYNSYM           0000000000001228  00001228
       0000000000001f08  0000000000000018   A      34     2     8
  [ 3] .fini             VERSYM           00000000000038b2  000038b2
       0000000000000296  0000000000000002   A       2     0     2
  [ 4] e.ABI-tag         VERDEF           0000000000003b48  00003b48
       000000000000005c  0000000000000000   A      34     3     8
  [ 5] e_hdr             VERNEED          0000000000003ba8  00003ba8
       0000000000000030  0000000000000000   A      34     1     8
  [ 6]                   RELA             0000000000003bd8  00003bd8
       00000000000000a8  0000000000000018   A       2     0     8
  [ 7]                   RELA             0000000000003c80  00003c80
       0000000000000108  0000000000000018   A       2     9     8
  [ 8] a                 PROGBITS         0000000000003d88  00003d88
       0000000000000018  0000000000000000  AX       0     0     4
  [ 9] e.stapsdt         PROGBITS         0000000000003da0  00003da0
       00000000000000c0  0000000000000010  AX       0     0     4
  [10] anges             PROGBITS         0000000000003e60  00003e60
       0000000000040578  0000000000000000  AX       0     0     16
  [11] la.dyn            PROGBITS         00000000000443d8  000443d8
       000000000000000e  0000000000000000  AX       0     0     4
  [12] b                 PROGBITS         0000000000044400  00044400
       00000000000384e8  0000000000000000   A       0     0     32
  [13] sion              PROGBITS         000000000007c8e8  0007c8e8
       0000000000000001  0000000000000000   A       0     0     1
  [14] .eh_frame_hdr     PROGBITS         000000000007c8f0  0007c8f0
       000000000000001c  0000000000000000   A       0     0     16
  [15] rs                PROGBITS         000000000007c90c  0007c90c
       0000000000000e74  0000000000000000   A       0     0     4
  [16] r                 PROGBITS         000000000007d780  0007d780
       00000000000044e4  0000000000000000   A       0     0     8
  [17] _r                HASH             0000000000081c68  00081c68
       0000000000000ea8  0000000000000004   A       2     0     8
  [18] el.ro             PROGBITS         0000000000282dc8  00082dc8
       0000000000000010  0000000000000000  WA       0     0     8
  [19] dynamic           PROGBITS         0000000000282dd8  00082dd8
       0000000000000010  0000000000000000  WA       0     0     8
  [20]                   PROGBITS         0000000000282de8  00082de8
       0000000000000008  0000000000000000  WA       0     0     8
  [21] base              PROGBITS         0000000000282df0  00082df0
       0000000000000008  0000000000000000  WA       0     0     8
  [22] d-id              DYNAMIC          0000000000282df8  00082df8
       00000000000001c0  0000000000000010  WA      34     0     8
  [23] ug_aranges        PROGBITS         0000000000282fb8  00082fb8
       0000000000000030  0000000000000008  WA       0     0     8
  [24] psdt              PROGBITS         0000000000282fe8  00082fe8
       0000000000000070  0000000000000008  WA       0     0     8
  [25] .symtab           PROGBITS         0000000000283058  00083058
       0000000000000014  0000000000000000  WA       0     0     4
  [26]                   NOBITS           0000000000283070  0008306c
       0000000000000048  0000000000000000  WA       0     0     16
  [27]                   NOTE             0000000000000000  0008306c
       0000000000000150  0000000000000000           0     0     4
  [28] ment              PROGBITS         0000000000000000  000831bc
       000000000000002d  0000000000000001  MS       0     0     1
  [29] e.gnu.build-id    STRTAB           0000000000000000  000831e9
       00000000000001ba  0000000000000000           0     0     1
  [30] b                 SYMTAB           0000000000000000  000833a8
       000000000000a590  0000000000000018          31   1437     8
  [31] tab               STRTAB           0000000000000000  0008d938
       00000000000037a2  0000000000000000           0     0     1
  [32]                   PROGBITS         0000000000000000  000910dc
       0000000000000018  0000000000000000           0     0     4
  [33] e.gnu.build-id    STRTAB           0000000000000000  000910f4
       0000000000000145  0000000000000000           0     0     1
  [34]                   STRTAB           0000000000092000  00092000
       0000000000000786  0000000000000000   A       0     0     8
  [35] ion_d             NOTE             0000000000092788  00092788
       0000000000000020  0000000000000000   A       0     0     8
  [36] hash              NOTE             00000000000927a8  000927a8
       0000000000000024  0000000000000000   A       0     0     8

For context, I got this problem when I tried to build a python wheel on a centos 6 docker image.

[mhoeher]

I ran into a similar issue today but with libnsl.so - first reported this in the context of linuxdeployqt, see this issue. Happens on both Fedora 25 and CentOS 7.3.

[romainthomas]

Not sure if it can help you but the following snippet could resolve your issue:

import lief
libm = lief.parse("libm-2.12.so")
libm[lief.ELF.DYNAMIC_TAGS.SONAME].name = "xxx"
libm.write("libm_updated.so")

readelf -d ./libm_updated.so        

Dynamic section at offset 0x83df8 contains 24 entries:
  Étiquettes Type                         Nom/Valeur
 0x0000000000000001 (NEEDED)             Bibliothèque partagée: [libc.so.6]
 0x000000000000000e (SONAME)             Bibliothèque soname: [xxx]
 0x000000000000000c (INIT)               0x4d88
 0x000000000000000d (FINI)               0x453d8
 0x0000000000000004 (HASH)               0x82c68
 0x000000006ffffef5 (GNU_HASH)           0x1280
 0x0000000000000005 (STRTAB)             0x493000
 0x0000000000000006 (SYMTAB)             0x2228
 0x000000000000000a (STRSZ)              1911 (octets)
 0x000000000000000b (SYMENT)             24 (octets)
 0x0000000000000003 (PLTGOT)             0x283fe8
 0x0000000000000002 (PLTRELSZ)           264 (octets)
 0x0000000000000014 (PLTREL)             RELA
 0x0000000000000017 (JMPREL)             0x4c80
 0x0000000000000007 (RELA)               0x4bd8
 0x0000000000000008 (RELASZ)             168 (octets)
 0x0000000000000009 (RELAENT)            24 (octets)
 0x000000006ffffffc (VERDEF)             0x4b48
 0x000000006ffffffd (VERDEFNUM)          3
 0x000000006ffffffe (VERNEED)            0x4ba8
 0x000000006fffffff (VERNEEDNUM)         1
 0x000000006ffffff0 (VERSYM)             0x48b2
 0x000000006ffffff9 (RELACOUNT)          1
 0x0000000000000000 (NULL)               0x0

Sorry for the Shameless plug of LIEF

[dtzWill]

Link to file seems dead, so here's a cpy of file in question I grabbed from a centos-6 docker image: http://ix.io/DFU

Can reproduce (with patchelf 0.9), FWIW.

[domenkozar]

Still a bug in master.

[charpty]

Still a bug in master.