Re: Getting package NEVR list from core dump ?

František Šumšal Fri, 13 Oct 2023 06:11:20 -0700

Hey

On 10/13/23 09:41, Daniel P. Berrangé wrote:

Not too long ago Fedora added a new ELF note with the NEVR information for
a package, to all shared libraries


   https://fedoraproject.org/wiki/Changes/Package_information_on_ELF_objects

For cores dumped by processes on my local system, coredumpctl extracts the
package info which is great.


Along with the ELF notes, systemd-analyze gained a new verb - inspect-elf - 
that can be used to retrieve them:

$ systemd-analyze inspect-elf 
core.varlinkctl.1000.89df21ab140948a591f91ecc084568f8.2677628.1697116492000000
           path: 
/home/mrc0mmand/tmp/core.varlinkctl.1000.89df21ab140948a591f91ecc084568f8.2677628.1697116492000000
        elfType: coredump
elfArchitecture: AMD x86-64

module name: libnl-3.so.200

           type: rpm
           name: libnl3
        version: 3.7.0-3.fc38
   architecture: x86_64
          osCpe: cpe:/o:fedoraproject:fedora:38
        buildId: c9b97577bfc99992cc4651143f597ded2b3e1bd2
...

Also in JSON:

$ systemd-analyze inspect-elf --json=pretty 
core.varlinkctl.1000.89df21ab140948a591f91ecc084568f8.2677628.1697116492000000
{
        "elfType" : "coredump",
        "elfArchitecture" : "AMD x86-64",
        "libnl-3.so.200" : {
                "type" : "rpm",
                "name" : "libnl3",
                "version" : "3.7.0-3.fc38",
                "architecture" : "x86_64",
                "osCpe" : "cpe:/o:fedoraproject:fedora:38",
                "buildId" : "c9b97577bfc99992cc4651143f597ded2b3e1bd2"
        },
        "libnl-route-3.so.200" : {
                "type" : "rpm",
                "name" : "libnl3",
                "version" : "3.7.0-3.fc38",
                "architecture" : "x86_64",
                "osCpe" : "cpe:/o:fedoraproject:fedora:38",
                "buildId" : "e71fe7f76f1c4bff5d935f0d19c5498c8505c61a"
        },
...


Lets say, however, that I receive a coredump from an end user, and thus it
isn't known to coredumpctl.

What's the "right" way to extract the NEVR list from a standalone core
dump ?

Presumably there's a better way than just running 'strings' over the binary...

$ strings core | grep osCpe:
     
{"type":"rpm","name":"qemu","version":"7.2.6-1.fc38","architecture":"x86_64","osCpe":"cpe:/o:fedoraproject:fedora:38"}
     
{"type":"rpm","name":"librsvg2","version":"2.56.3-1.fc38","architecture":"x86_64","osCpe":"cpe:/o:fedoraproject:fedora:38"}
     
{"type":"rpm","name":"libogg","version":"1.3.5-5.fc38","architecture":"x86_64","osCpe":"cpe:/o:fedoraproject:fedora:38"}
     ..snip...
     
{"type":"rpm","name":"pixman","version":"0.42.2-1.fc38","architecture":"x86_64","osCpe":"cpe:/o:fedoraproject:fedora:38"}
     
{"type":"rpm","name":"libXau","version":"1.0.11-2.fc38","architecture":"x86_64","osCpe":"cpe:/o:fedoraproject:fedora:38"}
     
{"type":"rpm","name":"qemu","version":"7.2.6-1.fc38","architecture":"x86_64","osCpe":"cpe:/o:fedoraproject:fedora:38"}


With regards,
Daniel

_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: Getting package NEVR list from core dump ?

Reply via email to