google / bloaty

Bloaty: a size profiler for binaries
Apache License 2.0
4.77k stars 345 forks source link

Corrupt Mach-O file #153

Open kellycampbell opened 5 years ago

kellycampbell commented 5 years ago

Bloaty gives a Corrupt Mach-O file error on a file.

lipo -detailed_info gives this output:

Fat header in: REDACTEDSdk
fat_magic 0xcafebabe
nfat_arch 5
architecture armv7
    cputype CPU_TYPE_ARM
    cpusubtype CPU_SUBTYPE_ARM_V7
    offset 108
    size 8291248
    align 2^2 (4)
architecture armv7s
    cputype CPU_TYPE_ARM
    cpusubtype CPU_SUBTYPE_ARM_V7S
    offset 8291356
    size 8307560
    align 2^2 (4)
architecture i386
    cputype CPU_TYPE_I386
    cpusubtype CPU_SUBTYPE_I386_ALL
    offset 16598916
    size 8294024
    align 2^2 (4)
architecture x86_64
    cputype CPU_TYPE_X86_64
    cpusubtype CPU_SUBTYPE_X86_64_ALL
    offset 34485416
    size 8454008
    align 2^3 (8)
architecture arm64
    cputype CPU_TYPE_ARM64
    cpusubtype CPU_SUBTYPE_ARM64_ALL
    offset 24892944
    size 9592472
    align 2^3 (8)

The hexdump of the first part of the file is this:

0000000 ca fe ba be 00 00 00 05 00 00 00 0c 00 00 00 09  >................<
0000020 00 00 00 6c 00 7e 83 b0 00 00 00 02 00 00 00 0c  >...l.~..........<
0000040 00 00 00 0b 00 7e 84 1c 00 7e c3 68 00 00 00 02  >.....~...~.h....<
0000060 00 00 00 07 00 00 00 03 00 fd 47 84 00 7e 8e 88  >..........G..~..<
0000100 00 00 00 02 01 00 00 07 00 00 00 03 02 0e 34 a8  >..............4.<
0000120 00 80 ff 78 00 00 00 03 01 00 00 0c 00 00 00 00  >...x............<
0000140 01 7b d6 10 00 92 5e 98 00 00 00 03 21 3c 61 72  >.{....^.....!<ar<
0000160 63 68 3e 0a 23 31 2f 32 30 20 20 20 20 20 20 20  >ch>.#1/20       <
0000200 20 20 20 20 31 35 31 39 32 32 31 38 35 30 20 20  >    1519221850  <
0000220 35 30 31 20 20 20 32 30 20 20 20 20 31 30 30 36  >501   20    1006<
haberman commented 5 years ago

Any way for me to reproduce this? Any chance you could post a binary where this is happening?

kellycampbell commented 5 years ago

Sorry, it's from a proprietary smart lock sdk that I'm not able to post. I could run a debug version of bloaty against it and post output though if that would help?

alaroldai commented 5 years ago

I can reproduce this as well - looks like an issue with fat / multi-architecture libraries. Worked around by running lipo -thin arm64 to produce a single-architecture library, then running bloaty on the result.

haberman commented 5 years ago

Hmm, Bloaty has code to support fat Mach-O files. I thought I had tested it, but maybe it's broken.

I have my hands full at the moment, but I'd be happy to take contributions from anyone who wants to do a little debugging of the code: https://github.com/google/bloaty/blob/master/src/macho.cc#L201-L236