• Stars
    star
    108
  • Rank 321,259 (Top 7 %)
  • Language
    Python
  • License
    MIT License
  • Created over 1 year ago
  • Updated about 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Explore ELF objects through the power of SQL

sqlelf

PyPI - Version PyPI - Python Version build workflow

Explore ELF objects through the power of SQL

A tool that utilizes SQLite's virtual table functionality to allow you to explore Linux ELF objects through SQL.

Traditionally exploring an ELF file was limited to tools such as objdump or readelf. While these tools are full featured in their parsing capability, the output format and ability to ask exploratory questions is limited.

SQL is the lingua franca for asking questions in a declarative manner. Let's enhance our ability to introspect binaries!

---
title: ELF Schema
---
erDiagram
    ELF_HEADERS ||--o{ ELF_SECTIONS : contains
    ELF_HEADERS {
        string path
        int type
        int version
        int machine
        int entry
    }
    ELF_SECTIONS {
        string path
        string name
        int offset
        int size
        int type
        blob content
    }
    ELF_HEADERS ||--o{ ELF_SYMBOLS : contains
    ELF_SECTIONS ||--o{ ELF_SYMBOLS : defined
    ELF_SYMBOLS {
        string path
        string name
        string demangled_name
        bool imported
        bool exported
        int section
        int size
    }
    ELF_HEADERS ||--o{ ELF_DYNAMIC_ENTRIES : defined
    ELF_DYNAMIC_ENTRIES {
        string path
        string tag
        string value
    }
    ELF_SECTIONS ||--o{ ELF_INSTRUCTIONS : contains
    ELF_INSTRUCTIONS {
        string path
        string section
        string mnemonic
        string address
        string operands
    }
    ELF_SECTIONS ||--o{ ELF_STRINGS : contains
    ELF_STRINGS {
        string path
        string section
        string value
    }
    ELF_HEADERS ||--o{ ELF_VERSION_REQUIREMENTS : contains
    ELF_VERSION_REQUIREMENTS {
        string path
        string file
        string name
    }
    ELF_HEADERS ||--o{ ELF_VERSION_DEFINITIONS : contains
    ELF_VERSION_DEFINITIONS {
        string path
        string name
        int flags
    }

Installation

❯ pip install sqlelf
❯ sqlelf /usr/bin/python3 -- \
--sql "select mnemonic, COUNT(*) from elf_instructions GROUP BY mnemonic ORDER BY 2 DESC LIMIT 3"

mov|223497
call|56209
jmp|48213

Usage

❯ sqlelf --help
usage: sqlelf [-h] FILE [FILE ...]

Analyze ELF files with the power of SQL

positional arguments:
  FILE        The ELF file to analyze

options:
  -h, --help            show this help message and exit
  -s SQL, --sql SQL     Potential SQL to execute. Omitting this enters the REPL.
  --recursive, --no-recursive
                        Load all shared libraries needed by each file using ldd

Note: You may provide directories for FILE. Avoid giving too many binaries though since they must all be parsed at startup.

Tour

You simply have to fire up sqlelf and give it a list of binaries or directories and start exploring ELF via SQL.

Simple demo showing a simple SELECT :

❯ sqlelf /usr/bin/ruby --sql "select * from elf_headers"
/usr/bin/ruby|DYNAMIC|x86_64|CURRENT|4400
❯ sqlelf /usr/bin/ruby /bin/ls
SQLite version 3.40.1 (APSW 3.40.0.0)
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
sqlite> .header ON
sqlite> select * from elf_headers;
path|type|machine|version|entry
/usr/bin/ruby|3|62|1|4400
/bin/ls|3|62|1|25040

A more intricate demo showing an INNER JOIN, WHERE and GROUP BY across two tables which each represent different portions of the ELF format.

SQLite version 3.40.1 (APSW 3.40.0.0)
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
sqlite> .header ON
sqlite> SELECT elf_headers.path, COUNT(*) as num_sections
    ..> FROM elf_headers
    ..> INNER JOIN elf_sections ON elf_headers.path = elf_sections.path
    ..> WHERE elf_headers.type = 3
    ..> GROUP BY elf_headers.path;
path|num_sections
/bin/ls|31
/usr/bin/pnmarith|27
/usr/bin/ruby|28

You can provide multiple SQL statements to the CLI. This is useful if you want to invoke many of the special dot commands. You can use .help to see the list of possible commands or refer to the apsw shell documentation.

For instance, to have sqelf emit JSON you can do the following:

❯ sqlelf /usr/bin/ruby --sql ".mode json" --sql "select path,name from elf_sections LIMIT 3;"
{ "path": "\/usr\/bin\/ruby", "name": ""},
{ "path": "\/usr\/bin\/ruby", "name": ".interp"},
{ "path": "\/usr\/bin\/ruby", "name": ".note.gnu.property"},

sqlelf will store the data from the ELF file into in-memory SQLite database. This allows you to run multiple queries against the same file(s) without having to reparse them and is much more efficient than iterating the ELF structures. This comes at the cost of startup time.

You can however dump the sqlite database to a file on disk and then load it back up later. This is useful if you want to run many queries against the same file(s) and don't want to pay the startup cost each time.

❯ sqlelf /nix/store/gjr9ylm023rl9di484g1wxcd1jp84xxv-nix-2.8.1/bin/nix \
    --sql ".dump /tmp/nix.sqlite"
❯ file /tmp/nix-backup.sqlite
/tmp/nix-backup.sqlite: SQLite 3.x database, last written using SQLite version 3043001, writer version 2,
    read version 2, file counter 3, database pages 14069, cookie 0x2, schema 4, UTF-8, version-valid-for 3

Queries

List all symbol resolutions (match import & export)
❯ sqlelf /usr/bin/ruby --sql "SELECT caller.path as 'caller.path',
       callee.path as 'calee.path',
       caller.name,
       caller.demangled_name
FROM ELF_SYMBOLS caller
INNER JOIN ELF_SYMBOLS callee
ON
caller.name = callee.name AND
caller.path != callee.path AND
caller.imported = TRUE AND
callee.exported = TRUE
LIMIT 25;"
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚               caller.path                β”‚                calee.path                β”‚         name         β”‚    demangled_name    β”‚
β”‚ /usr/bin/ruby                            β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ ruby_run_node        β”‚ ruby_run_node        β”‚
β”‚ /usr/bin/ruby                            β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ ruby_init            β”‚ ruby_init            β”‚
β”‚ /usr/bin/ruby                            β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ ruby_options         β”‚ ruby_options         β”‚
β”‚ /usr/bin/ruby                            β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ ruby_sysinit         β”‚ ruby_sysinit         β”‚
β”‚ /usr/bin/ruby                            β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ __stack_chk_fail     β”‚ __stack_chk_fail     β”‚
β”‚ /usr/bin/ruby                            β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ ruby_init_stack      β”‚ ruby_init_stack      β”‚
β”‚ /usr/bin/ruby                            β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ setlocale            β”‚ setlocale            β”‚
β”‚ /usr/bin/ruby                            β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ __libc_start_main    β”‚ __libc_start_main    β”‚
β”‚ /usr/bin/ruby                            β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ __libc_start_main    β”‚ __libc_start_main    β”‚
β”‚ /usr/bin/ruby                            β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ __cxa_finalize       β”‚ __cxa_finalize       β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ initgroups           β”‚ initgroups           β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libm.so.6          β”‚ log10                β”‚ log10                β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ chmod                β”‚ chmod                β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libgmp.so.10       β”‚ __gmpz_mul           β”‚ __gmpz_mul           β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libm.so.6          β”‚ lgamma_r             β”‚ lgamma_r             β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ symlink              β”‚ symlink              β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ mprotect             β”‚ mprotect             β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ pipe2                β”‚ pipe2                β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ seteuid              β”‚ seteuid              β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ chdir                β”‚ chdir                β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ fileno               β”‚ fileno               β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ dup2                 β”‚ dup2                 β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ pthread_cond_destroy β”‚ pthread_cond_destroy β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libc.so.6          β”‚ pthread_cond_destroy β”‚ pthread_cond_destroy β”‚
β”‚ /lib/x86_64-linux-gnu/libruby-3.1.so.3.1 β”‚ /lib/x86_64-linux-gnu/libm.so.6          β”‚ atan2                β”‚ atan2                β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
Find symbols that are exported by more than one library
❯ sqlelf ./examples/shadowed-symbols/exe --recursive --sql "
SELECT name, version, count(*) as symbol_count, GROUP_CONCAT(path, ':') as libraries
FROM elf_symbols
WHERE exported = TRUE
GROUP BY name, version
HAVING count(*) >= 2;"
β”Œβ”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ name β”‚ versio β”‚ symbol_co β”‚                                                                       libraries                                                                        β”‚
β”‚      β”‚   n    β”‚    unt    β”‚                                                                                                                                                        β”‚
β”œβ”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€
β”‚ foo  β”‚ NULL   β”‚ 2         β”‚ /usr/local/google/home/fmzakari/code/github.com/fzakaria/sqlelf/examples/shadowed-                                                                     β”‚
β”‚      β”‚        β”‚           β”‚ symbols/x/libx.so:/usr/local/google/home/fmzakari/code/github.com/fzakaria/sqlelf/examples/shadowed-symbols/x/libx2.so                                 β”‚
β””β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
List contained symbols, i.e. a symbol fully within the bounds of another
sqlelf ./examples/nested-symbols/exe --sql "
SELECT outer_symbol.path, 
    outer_symbol.name AS outer_symbol_name, 
    inner_symbol.name AS inner_symbol_name
FROM 
    elf_symbols AS outer_symbol, 
    elf_symbols AS inner_symbol
WHERE
    inner_symbol.section = '.text' AND
    outer_symbol.section = '.text' AND
    inner_symbol.path = outer_symbol.path AND
    inner_symbol.value > outer_symbol.value AND
    (inner_symbol.value + inner_symbol.size) < (outer_symbol.value + outer_symbol.size) AND
    inner_symbol.name != outer_symbol.name LIMIT 5;"
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚               path               β”‚ outer_symbol_name β”‚ inner_symbol_name β”‚
β”‚ ./examples/nested-symbols/nested β”‚ outer_function    β”‚ inner_symbol      β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
Determine Python extension version

You will need to edit the SQL below to have the module name. For instance, the below assumes the module name is extension from the pypa/python-manylinux-demo.

❯ sqlelf pypa/python-manylinux-demo/build/lib.linux-x86_64-cpython-311/pymanylinuxdemo/extension.cpython-311-x86_64-linux-gnu.so \
> --sql "SELECT
            CASE name
                WHEN 'initextension' THEN 2
                WHEN 'PyInit_extension' THEN 3
                WHEN '_cffi_pypyinit_extension' THEN 2
                ELSE -1
            END AS python_version
        FROM elf_symbols
        WHERE name IN ('initextension', 'PyInit_extension', '_cffi_pypyinit_extension')
              AND exported = TRUE
              AND type = 'FUNC'
        LIMIT 1
        "
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ python_version β”‚
β”‚ 3              β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
Determine the NEEDED entries for a program

This may be improved in the future but for now there is a little knowledge of the polymorphic nature of the dynamic entries needed.

❯ sqlelf extension.cpython-311-x86_64-linux-gnu.so \
> --sql "SELECT elf_strings.path, elf_strings.value
FROM elf_dynamic_entries
INNER JOIN elf_strings ON elf_dynamic_entries.value = elf_strings.offset
WHERE elf_dynamic_entries.tag = 'NEEDED'"
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚                   path                    β”‚     value     β”‚
β”‚ extension.cpython-311-x86_64-linux-gnu.so β”‚ libcblas.so.3 β”‚
β”‚ extension.cpython-311-x86_64-linux-gnu.so β”‚ libc.so.6     β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
Determine the RPATH/RUNPATH entries for a program

This may be improved in the future but for now there is a little knowledge of the polymorphic nature of the dynamic entries needed.

The below uses a file built with NixOS as they all have RUNPATH set.

❯ sqlelf /nix/store/gjr9ylm023rl9di484g1wxcd1jp84xxv-nix-2.8.1/bin/nix \
 --sql "SELECT elf_strings.path, elf_strings.value
FROM elf_dynamic_entries
INNER JOIN elf_strings ON elf_dynamic_entries.value = elf_strings.offset
WHERE elf_dynamic_entries.tag = 'RUNPATH';"
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚                      path                       β”‚                                                                                 value                                                                                 β”‚
β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€
β”‚ /nix/store/gjr9ylm023rl9di484g1wxcd1jp84xxv-    β”‚ /nix/store/gjr9ylm023rl9di484g1wxcd1jp84xxv-                                                                                                                          β”‚
β”‚ nix-2.8.1/bin/nix                               β”‚ nix-2.8.1/lib:/nix/store/pkxyfwarcq081rybpbnprjmnkiy1cz6g-libsodium-1.0.18/lib:/nix/store/r6mrf9pz4dpax6rcszcmbyrpsk8j6saz-                                           β”‚
β”‚                                                 β”‚ editline-1.17.1/lib:/nix/store/ppm63lvkyfa58sgcnr2ddzh14dy1k9fn-boehm-gc-8.0.6/lib:/nix/store/sgw2i15l01rwxzj62745h30bsjmh7wc1-lowdown-0.11.1-                        β”‚
β”‚                                                 β”‚ lib/lib:/nix/store/bvy2z17rzlvkx2sj7fy99ajm853yv898-glibc-2.34-210/lib:/nix/store/gka59hya7l7qp26s0rydcgq8hj0d7v7k-gcc-11.3.0-lib/lib                                 β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

A recursive query can further be used to split the row into multiple rows.

❯ sqlelf /nix/store/gjr9ylm023rl9di484g1wxcd1jp84xxv-nix-2.8.1/bin/nix \
--sql "WITH split(rpath, str) AS (
    SELECT '', elf_strings.value||':' as rpath
    FROM elf_dynamic_entries
    INNER JOIN elf_strings ON elf_dynamic_entries.value = elf_strings.offset
    WHERE elf_dynamic_entries.tag = 'RUNPATH'
    UNION ALL SELECT
    substr(str, 0, instr(str, ':')),
    substr(str, instr(str, ':')+1)
    FROM split WHERE str!=''
) SELECT rpath FROM split WHERE rpath!='';"
WARNING:root:SQLITE_LOG: automatic index on elf_strings(offset) (284) SQLITE_WARNING SQLITE_WARNING_AUTOINDEX
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚                               rpath                                β”‚
β”‚ /nix/store/gjr9ylm023rl9di484g1wxcd1jp84xxv-nix-2.8.1/lib          β”‚
β”‚ /nix/store/pkxyfwarcq081rybpbnprjmnkiy1cz6g-libsodium-1.0.18/lib   β”‚
β”‚ /nix/store/r6mrf9pz4dpax6rcszcmbyrpsk8j6saz-editline-1.17.1/lib    β”‚
β”‚ /nix/store/ppm63lvkyfa58sgcnr2ddzh14dy1k9fn-boehm-gc-8.0.6/lib     β”‚
β”‚ /nix/store/sgw2i15l01rwxzj62745h30bsjmh7wc1-lowdown-0.11.1-lib/lib β”‚
β”‚ /nix/store/bvy2z17rzlvkx2sj7fy99ajm853yv898-glibc-2.34-210/lib     β”‚
β”‚ /nix/store/gka59hya7l7qp26s0rydcgq8hj0d7v7k-gcc-11.3.0-lib/lib     β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Development

You may want to install the package in editable mode as well to make development easier

> python3 -m venv venv
> source venv/bin/activate
> pip install --editable ".[dev]"

A helping Makefile is provided to run all the linters and formatters.

> make lint
> make fmt

More Repositories

1

HypeMachine-Extension

This is a Google Chrome Extension that injects a download button next to the songs.
JavaScript
168
star
2

shrinkwrap

A tool that embosses the needed dependencies on the top level executable
Python
164
star
3

slf4j-timbre

SLF4J binding for Clojure's Timbre
Clojure
94
star
4

mvn2nix

Easily package your Maven Java application with the Nix package manager.
Java
92
star
5

transcoding

A basic transcoding Golang server that utilizes FFMPEG over the command line
Go
68
star
6

HypeScript

Python HypeMachine script downloader
Python
56
star
7

ebpf-mpls-encap-decap

Sample project demonstrating how to use eBPF to encap/decap packets with an MPLS label.
C
46
star
8

nix-harden-needed

Bubble up the correct paths to your shared object libraries in Nix
Nix
40
star
9

autopatchelf

Go
30
star
10

space-saving

Space Saving algorithm implementation (StreamSummary) in Java, used to solve heavy hitters / topk items.
Java
28
star
11

WaterFlow

WaterFlow is a non-magical / easy to understand / JDK8 framework for use with SWF
Java
20
star
12

nix-home

A nix home development environment
Shell
19
star
13

nix-http-binary-cache-api-spec

An OpenAPI specification for a Nix HTTP Binary Cache
HTML
17
star
14

ascii85

A Java library for working with Ascii85, also called Base85 - a form of binary-to-text encoding
Java
16
star
15

Akka-Camel-SQS

This is a sample project that ties Apache-Camel, Akka & SQS together.
Scala
13
star
16

calcite-git

A native Calcite Git adapter
Java
8
star
17

http4j

http4j is an HTTP toolkit written in Java (in the vein of http4k) that allows for functional HTTP services
Java
6
star
18

HypemFinderSite

A website to help people download songs from Hypem.com!
Python
6
star
19

nixos-maven-example

An example of how to use buildMaven with Nix to build a Maven project
Nix
6
star
20

simple-annotations-plugin

A simple Grafana annotations plugin that works with any datasource.
TypeScript
6
star
21

fzakaria.com

My personal blog & website
HTML
5
star
22

addressme

This is a new service where you can find addresses across the world to send mail to.
Scala
5
star
23

chisel-base64

A Chisel module that includes a base64 codec
Scala
4
star
24

old

The Other Link Editor
C++
4
star
25

HypeMachine-Java

Java GUI downloader for HypeMachine
Java
3
star
26

CSE231-Breaking-Shared-Object-Monolith

The course project for UCSC CSE231 to attempt to break the shared code monolith.
C
3
star
27

guide-dedupe

Sample code showing how to properly dedupe modules and bindings in Guice
Java
2
star
28

lametun

This is a very minimalistic demonstration of how to setup a VPN-like tunnel.
Go
2
star
29

dotfiles

My dotfiles (or rather aggregation of others!)
Perl
2
star
30

iHype

iPhone HypeMachine Application using Three20 UI
Objective-C
2
star
31

beatprice

Attempts to find cheaper alternatives to tracks on electronic dance music stores
JavaScript
2
star
32

Huffman-Compression

Basic Huffman Encoding
C++
2
star
33

elf2sql

Convert ELF files to SQLite databases
Shell
2
star
34

ChocoPy

An implementation of ChocoPy using ANTLR4
Java
2
star
35

circularfifoqueue

CircularFifoQueue is a first-in first-out queue with a fixed size that replaces its oldest element if full
Go
1
star
36

donothing

LD_PRELOAD override to have your program do nothing.
C
1
star
37

dx

An exchange, is a highly organized market where commodities are sold and bought. Exchanges bring together brokers and dealers who buy and sell these objects.
Python
1
star
38

BeerService

A sample pants + finatra + thrift codebase
Shell
1
star
39

RayTracer

Raytracer for CS488 (http://www.student.cs.uwaterloo.ca/~cs488/)
C++
1
star
40

lookml-parsec

A LookML parser in Haskell using Megaparsec
Haskell
1
star
41

rust-ebpf-demo

A simple pure hello world demo of writing an ebpf filter in rust
Rust
1
star
42

ninja-crater

A web service that helps users ideas for others they'd like to see
Java
1
star
43

liblist

Provide a simple list of the dynamic libraries found and print as a new line list using the dynamic linker.
C++
1
star