打印节标题的精灵名称
[英]printing elf names of section headers
问题描述
I have a C program where I want to print out names of section headers of input file.
我有一个 C 程序,我想在其中打印输入文件的部分标题的名称。 I made everything based on researching ELF notation and helped with existing programs on internet but it still doesn't work.我在研究 ELF 符号的基础上做了一切,并帮助了互联网上的现有程序,但它仍然不起作用。 It printed only indexes from for loop where also should to be section names.它只打印来自 for 循环的索引,其中也应该是部分名称。 Anyone see something I missed?有人看到我错过的东西吗?
Update: I updated the code and remove the bug which causes Stack Overflow if anyone in future will need it.更新:如果将来有人需要它,我更新了代码并删除了导致堆栈溢出的错误。
Code:代码:
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <elf.h>
int main(int argc, char *argv[]) {
int fd;
int val;
Elf32_Ehdr elfHdr;
Elf32_Shdr sectHdr;
FILE* ElfFile = NULL;
char* SectNames = NULL;
if(argc != 2) {
perror("Error while opening file");
return 0;
}
ElfFile = fopen(argv[1], "r");
if(ElfFile == NULL) {
printf("fopen");
return -1;
}
//preberemo elf header
fread(&elfHdr, 1, sizeof(Elf32_Ehdr), ElfFile);
printf("\tVersion: 0x%.2X\n", elfHdr.e_version);
printf("\tEntry point address: 0x%.8X\n", elfHdr.e_entry);
printf("\tProgram header offset: 0x%.8X\n", elfHdr.e_phoff);
printf("\tSection header offset: 0x%.8X\n", elfHdr.e_shoff);
printf("\tFlags: 0x%.8X\n", elfHdr.e_flags);
printf("\tSize of this header: 0x%X\n", elfHdr.e_ehsize);
printf("\tSize of program headers: 0x%X\n", elfHdr.e_phentsize);
printf("\tNumber of program headers: %d\n", elfHdr.e_phnum);
printf("\tSize of section headers: 0x%X\n", elfHdr.e_shentsize);
printf("\tNumber of section headers: %d\n", elfHdr.e_shnum);
printf("\tSection header string table index: 0x%X\n", elfHdr.e_shstrndx);
//premik do section tabele
fseek(ElfFile, elfHdr.e_shoff + elfHdr.e_shstrndx * elfHdr.e_shentsize, SEEK_SET);
fread(§Hdr, 1, sizeof(sectHdr), ElfFile);
SectNames = malloc(sectHdr.sh_size);
fseek(ElfFile, sectHdr.sh_offset, SEEK_SET);
fread(SectNames, 1, sectHdr.sh_size, ElfFile);
for (int idx = 0; idx < elfHdr.e_shnum; idx++){
char* name = "";
fseek(ElfFile, elfHdr.e_shoff + idx * sizeof(sectHdr), SEEK_SET);
fread(§Hdr, 1, sizeof(sectHdr), ElfFile);
// print section name
if (sectHdr.sh_name);
name = SectNames + sectHdr.sh_name;
printf("%i %s\n", idx, name);
}
close(fd);
return 0;
}
1 个解决方案
解决方案1
0 2020-04-03 04:55:28
Anyone see something I missed?
Did you compile your program in 32-bit mode?你是在 32 位模式下编译你的程序吗?
Update:更新:
There is an "obvious" bug, which I missed on first reading, and which was exposed by building with -fsanitize=address :有一个“明显”的错误,我在第一次阅读时错过了,并且通过使用-fsanitize=address构建而暴露出来:
Elf32_Ehdr elfHdr;
...
fread(&elfHdr, 1, sizeof(Elf64_Ehdr), ElfFile);
This bug causes stack buffer overflow.此错误会导致堆栈缓冲区溢出。 To prevent such bugs, it is always safer to use sizeof(variable) instead of sizeof(Type) , eg为了防止此类错误,使用sizeof(variable)而不是sizeof(Type)总是更安全,例如
fread(&elfHdr, 1, sizeof(elfHdr), ElfFile);
It works for me:这个对我有用:
gcc -w -m32 t.c && ./a.out ./a.out
Version: 0x01
Entry point address: 0x000010C0
Program header offset: 0x00000034
Section header offset: 0x000038B0
Flags: 0x00000000
Size of this header: 0x34
Size of program headers: 0x20
Number of program headers: 11
Size of section headers: 0x28
Number of section headers: 30
Section header string table index: 0x1D
0
1 .interp
2 .note.gnu.build-id
3 .note.ABI-tag
4 .gnu.hash
5 .dynsym
6 .dynstr
7 .gnu.version
8 .gnu.version_r
9 .rel.dyn
10 .rel.plt
11 .init
12 .plt
13 .plt.got
14 .text
15 .fini
16 .rodata
17 .eh_frame_hdr
18 .eh_frame
19 .init_array
20 .fini_array
21 .dynamic
22 .got
23 .got.plt
24 .data
25 .bss
26 .comment
27 .symtab
28 .strtab
29 .shstrtab
If you are trying to run it on a 64-bit ELF file, then you need to change Elf32_Ehdr and Elf32_Shdr with their Elf64_... equivalents.如果您尝试在 64 位 ELF 文件上运行它,那么您需要使用Elf64_...等效项更改Elf32_Ehdr和Elf32_Shdr 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.