In response to a public outcry the strings program now defaults to using the

--all option which displays text from anywhere in the input file(s).  The
default used to be --data, which only displays text from loadable data sections,
but this requires the use of the BFD library.  Since the BFD library almost
certainly still contains buffer overrun and/or memory corruption bugs, and
since the strings program is often used to examine malicious code, it was
decided that the --data option option represents a possible security risk.

	* strings.c: Add new command line option --data to only scan the
	initialized, loadable data secions of binaries.  Choose the
	default behaviour of --all or --data based upon a configure
	option.
	* doc/binutils.texi (strings): Update documentation.  Include
	description  of why the --data option might be unsafe.
	* configure.ac: Add new option --disable-default-strings-all which
	restores the old behaviour of strings using --data by default.  If
	the option is not used make strings use --all by default.
	* NEWS: Mention the new behaviour of strings.
	* configure: Regenerate.
	* config.in: Regenerate.
This commit is contained in:
Nick Clifton 2014-10-31 10:10:37 +00:00
parent 02be9a7100
commit 7fac9594c4
6 changed files with 106 additions and 17 deletions

View file

@ -2,6 +2,11 @@
Changes in 2.25:
* Add --data option to strings to only print strings in loadable, initialized
data sections. Change the default behaviour to be --all, but add a new
configure time option of --disable-default-strings-all to restore the old
default behaviour.
* Add --include-all-whitespace to strings.
* Add --dump-section option to objcopy.

View file

@ -18,6 +18,9 @@
/* Should ar and ranlib use -D behavior by default? */
#undef DEFAULT_AR_DETERMINISTIC
/* Should strings use -a behavior by default? */
#undef DEFAULT_STRINGS_ALL
/* Define to 1 if translation of program messages to the user's native
language is requested. */
#undef ENABLE_NLS

26
binutils/configure vendored
View file

@ -772,6 +772,7 @@ enable_plugins
enable_largefile
enable_targets
enable_deterministic_archives
enable_default_strings_all
enable_werror
enable_build_warnings
enable_nls
@ -1423,6 +1424,8 @@ Optional Features:
--enable-targets alternative target configurations
--enable-deterministic-archives
ar and ranlib default to -D behavior
--disable-default-strings-all
strings defaults to --data behavior
--enable-werror treat compile warnings as errors
--enable-build-warnings enable build-time compiler warnings
--disable-nls do not use Native Language Support
@ -10984,7 +10987,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF
#line 10987 "configure"
#line 10990 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@ -11090,7 +11093,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF
#line 11093 "configure"
#line 11096 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@ -11681,6 +11684,25 @@ cat >>confdefs.h <<_ACEOF
_ACEOF
# Check whether --enable-default-strings-all was given.
if test "${enable_default_strings_all+set}" = set; then :
enableval=$enable_default_strings_all;
if test "${enableval}" = no; then
default_strings_all=0
else
default_strings_all=1
fi
else
default_strings_all=1
fi
cat >>confdefs.h <<_ACEOF
#define DEFAULT_STRINGS_ALL $default_strings_all
_ACEOF
# Set the 'development' global.
. $srcdir/../bfd/development.sh

View file

@ -55,6 +55,18 @@ fi], [default_ar_deterministic=0])
AC_DEFINE_UNQUOTED(DEFAULT_AR_DETERMINISTIC, $default_ar_deterministic,
[Should ar and ranlib use -D behavior by default?])
AC_ARG_ENABLE(default-strings-all,
[AS_HELP_STRING([--disable-default-strings-all],
[strings defaults to --data behavior])], [
if test "${enableval}" = no; then
default_strings_all=0
else
default_strings_all=1
fi], [default_strings_all=1])
AC_DEFINE_UNQUOTED(DEFAULT_STRINGS_ALL, $default_strings_all,
[Should strings use -a behavior by default?])
AM_BINUTILS_WARNINGS
AC_CONFIG_HEADERS(config.h:config.in)

View file

@ -2672,15 +2672,24 @@ strings [@option{-afovV}] [@option{-}@var{min-len}]
@c man begin DESCRIPTION strings
For each @var{file} given, @sc{gnu} @command{strings} prints the printable
character sequences that are at least 4 characters long (or the number
given with the options below) and are followed by an unprintable
character. By default, it only prints the strings from the initialized
and loaded sections of object files; for other types of files, it prints
the strings from the whole file.
For each @var{file} given, @sc{gnu} @command{strings} prints the
printable character sequences that are at least 4 characters long (or
the number given with the options below) and are followed by an
unprintable character.
@command{strings} is mainly useful for determining the contents of non-text
files.
Depending upon how the strings program was configured it will default
to either displaying all the printable sequences that it can find in
each file, or only those sequences that are in loadable, initialized
data sections. If the file type in unrecognizable, or if strings is
reading from stdin then it will always display all of the printable
sequences that it can find.
For backwards compatibility any file that occurs after a command line
option of just @option{-} will also be scanned in full, regardless of
the presence of any @option{-d} option.
@command{strings} is mainly useful for determining the contents of
non-text files.
@c man end
@ -2690,8 +2699,25 @@ files.
@item -a
@itemx --all
@itemx -
Do not scan only the initialized and loaded sections of object files;
scan the whole files.
Scan the whole file, regardless of what sections it contains or
whether those sections are loaded or initialized. Normally this is
the default behaviour, but strings can be configured so that the
@option{-d} is the default instead.
The @option{-} option is position dependent and forces strings to
perform full scans of any file that is mentioned after the @option{-}
on the command line, even if the @option{-d} option has been
specified.
@item -d
@itemx --data
Only print strings from initialized, loaded data sections in the
file. This may reduce the amount of garbage in the output, but it
also exposes the strings program to any security flaws that may be
present in the BFD library used to scan and load sections. Strings
can be configured so that this option is the default behaviour. In
such cases the @option{-a} option can be used to avoid using the BFD
library and instead just print all of the strings found in the file.
@item -f
@itemx --print-file-name

View file

@ -21,7 +21,10 @@
Options:
--all
-a
- Do not scan only the initialized data section of object files.
- Scan each file in its entirety.
--data
-d Scan only the initialized data section(s) of object files.
--print-file-name
-f Print the name of the file before each string.
@ -114,6 +117,7 @@ static int encoding_bytes;
static struct option long_options[] =
{
{"all", no_argument, NULL, 'a'},
{"data", no_argument, NULL, 'd'},
{"print-file-name", no_argument, NULL, 'f'},
{"bytes", required_argument, NULL, 'n'},
{"radix", required_argument, NULL, 't'},
@ -136,7 +140,7 @@ typedef struct
static void strings_a_section (bfd *, asection *, void *);
static bfd_boolean strings_object_file (const char *);
static bfd_boolean strings_file (char *file);
static bfd_boolean strings_file (char *);
static void print_strings (const char *, FILE *, file_ptr, int, int, char *);
static void usage (FILE *, int);
static long get_char (FILE *, file_ptr *, int *, char **);
@ -167,11 +171,14 @@ main (int argc, char **argv)
include_all_whitespace = FALSE;
print_addresses = FALSE;
print_filenames = FALSE;
datasection_only = TRUE;
if (DEFAULT_STRINGS_ALL)
datasection_only = FALSE;
else
datasection_only = TRUE;
target = NULL;
encoding = 's';
while ((optc = getopt_long (argc, argv, "afhHn:wot:e:T:Vv0123456789",
while ((optc = getopt_long (argc, argv, "adfhHn:wot:e:T:Vv0123456789",
long_options, (int *) 0)) != EOF)
{
switch (optc)
@ -180,6 +187,10 @@ main (int argc, char **argv)
datasection_only = FALSE;
break;
case 'd':
datasection_only = TRUE;
break;
case 'f':
print_filenames = TRUE;
break;
@ -648,8 +659,18 @@ usage (FILE *stream, int status)
{
fprintf (stream, _("Usage: %s [option(s)] [file(s)]\n"), program_name);
fprintf (stream, _(" Display printable strings in [file(s)] (stdin by default)\n"));
fprintf (stream, _(" The options are:\n\
fprintf (stream, _(" The options are:\n"));
if (DEFAULT_STRINGS_ALL)
fprintf (stream, _("\
-a - --all Scan the entire file, not just the data section [default]\n\
-d --data Only scan the data sections in the file\n"));
else
fprintf (stream, _("\
-a - --all Scan the entire file, not just the data section\n\
-d --data Only scan the data sections in the file [default]\n"));
fprintf (stream, _("\
-f --print-file-name Print the name of the file before each string\n\
-n --bytes=[number] Locate & print any NUL-terminated sequence of at\n\
-<number> least [number] characters (default 4).\n\