简体繁体 English

QT应用程序 - 替换嵌入式资源

[英]QT Applications - Replacing embedded resources

原文 2016-03-03 12:22:27 1 1 c++/ linux/ qt/ binary

Is it possible to replace embedded resources [eg styles, images, text] in a Linux [ELF] binary? 是否有可能在Linux [ELF]二进制文件中替换嵌入式资源[例如样式，图像，文本]？

I noticed that I can change text but if I type more text or if I remove text, then the segmentation faults start coming up. 我注意到我可以更改文本，但如果我输入更多文本或删除文本，则会出现分段错误。 I have not gone through the ELF spec yet but I am wondering if it is possible. 我还没有通过ELF规范，但我想知道是否有可能。

I managed to extract the images from the binary using the mediaextract project but I need to do just the opposite without breaking the binary structure. 我设法使用mediaextract项目从二进制文件中提取图像，但我需要做相反的操作而不破坏二进制结构。

1 个解决方案

This answer is specific for Qt's resource system (.qrc, rcc). 这个答案特定于Qt的资源系统（.qrc，rcc）。

From the docs: 来自文档：

Currently, Qt always stores the data directly in the executable, even on Windows, macOS, and iOS, where the operating system provides native support for resources. 目前，Qt始终将数据直接存储在可执行文件中，即使在Windows，macOS和iOS上，操作系统也在其中提供对资源的本机支持。 This might change in a future Qt release. 这可能会在未来的Qt版本中发生变化。

So yes, the Qt resources are contained in the binary. 所以是的，Qt资源包含在二进制文件中。

rcc 'ing a .qrc file yields a .cpp file containing (mainly) simple char arrays which represent resource data, the resource names and some other metadata. rcc的.qrc文件产生一个.cpp文件，其中包含（主要）简单的char数组，这些数组表示资源数据，资源名称和一些其他元数据。

Compiling such a .cpp file creates byte fields in the binary. 编译这样的.cpp文件会在二进制文件中创建字节字段。

You can alter such resources within a binary, but only in very limited ways. 您可以在二进制文件中更改此类资源，但只能以非常有限的方式。

For starters, if the binary contains any kind of self-check (like hashing the data section and comparing it to some pre-calculated hash), you will not be able to change the data in a reasonable way. 对于初学者，如果二进制包含任何类型的自检（如散列数据部分并将其与一些预先计算的散列进行比较），您将无法以合理的方式更改数据。
If your data doesn't have the same byte length as the original data, you can't simply replace it because it would alter the internal layout of the binary and invalidate relative addresses. 如果您的数据与原始数据的字节长度不同，则不能简单地替换它，因为它会改变二进制文件的内部布局并使相对地址无效。
In case of replacing with shorter strings you might get away with zero-padding at the end. 如果用较短的字符串替换，最后可能会使用零填充。

Resources are compressed by default (in the ZIP format). 默认情况下会压缩资源（采用ZIP格式）。 It is possible to turn off compression. 可以关闭压缩。

If compression was turned on during compilation (which you don't control, as it seems), you'd need to create new data which compresses to the same length as the original. 如果在编译期间打开了压缩（您似乎无法控制），则需要创建压缩到与原始压缩长度相同的新数据。