loading android system libs

[antisec]

seams this is elftools related.
starting with android7.0 with libs in /lib/system/ from a nexus device.

>>> p = angr.Project("libmedia.so")
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/local/lib/python2.7/dist-packages/angr/project.py", line 156, in __init__
    self.loader = cle.Loader(self.filename, **load_options)
  File "/usr/local/lib/python2.7/dist-packages/cle/loader.py", line 124, in __init__
    self.initial_load_objects = self._internal_load(main_binary, *force_load_libs)
  File "/usr/local/lib/python2.7/dist-packages/cle/loader.py", line 471, in _internal_load
    if self.find_object(main_spec, extra_objects=objects) is not None:
  File "/usr/local/lib/python2.7/dist-packages/cle/loader.py", line 284, in find_object
    for ident in self._possible_idents(spec):
  File "/usr/local/lib/python2.7/dist-packages/cle/loader.py", line 805, in _possible_idents
    soname = backend_cls.extract_soname(spec)
  File "/usr/local/lib/python2.7/dist-packages/cle/backends/elf/metaelf.py", line 272, in extract_soname
    soname = [ x.soname for x in list(dyn.iter_tags()) if x.entry.d_tag == 'DT_SONAME']
  File "/usr/local/lib/python2.7/dist-packages/elftools/elf/dynamic.py", line 135, in iter_tags
    yield DynamicTag(tag, self._get_stringtable())
  File "/usr/local/lib/python2.7/dist-packages/elftools/elf/dynamic.py", line 51, in __init__
    stringtable.get_string(self.entry.d_val))
  File "/usr/local/lib/python2.7/dist-packages/elftools/elf/sections.py", line 70, in get_string
    return s.decode('ascii')
UnicodeDecodeError: 'ascii' codec can't decode byte 0xfa in position 1: ordinal not in range(128)
>>>

[schieb]

Could you please upload the binary?

[rhelmot]

It's not hard to reproduce - pyelftools just absolutely cannot handle non-ascii characters. I've reported it to them here eliben/pyelftools#173

[antisec]

i uploaded it here :libmedia.so its standart system/lib from android 7.0 nexus 5x

[rhelmot]

so this is indeed a pyelftools bug, though it's more complicated than I initially thought. See the latest linked issue.

[rhelmot]

I finally figured out how to solve this on the pyelftools level, but now we're waiting for them to make a new release.

You can't actually use the current github pyelftools with cle because of some internal changes they made that break some hacks we use, so that's preventing me from closing this issue right now, but I'll get to that soon.

[ltfish]

The related PR: eliben/pyelftools#182

[rhelmot]

Actually that was not the fix to this problem, it would have just masked the issue. This was the one that actually fixed it: eliben/pyelftools#183

[rhelmot]

You can now use the upstream, fixed pyelftools with angr! It's not released on pypi so you'll have to install it from their github, but it now works: a22c5a6