link 2. object files - wikimedia · link 2. object files youngw.lim 2017-09-25mon youngw.lim link2....

Link 2. Object Files

Young W. Lim

2017-09-25 Mon

Young W. Lim Link 2. Object Files 2017-09-25 Mon 1 / 55

Outline

1 Linking - 2. Object FilesBased onOject FilesELF SectionsExample Program Source CodesObject File ComparsionAssembly code analysis 1. mainAssembly code analysis 2. swapRelocatable Object FilesExecutable Object FilesELF Tables of Example Codes


Based on

"Self-service Linux: Mastering the Art of Problem Determination",Mark Wilding"Computer Architecture: A Programmer’s Perspective",Bryant & O’Hallaron

I, the copyright holder of this work, hereby publish it under the following licenses: GNU head Permission is granted tocopy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts,and no Back-Cover Texts. A copy of the license is included in the section entitled GNU Free Documentation License.

CC BY SA This file is licensed under the Creative Commons Attribution ShareAlike 3.0 Unported License. In short:you are free to share and make derivative works of the file under the conditions that you appropriately attribute it,and that you distribute it only under a license compatible with this one.


Object Files

Relocatable object fileExecutable object fileShared object file


Relocatable Object Files

Relocatable object filecontains binary code and data in a formthat can be combined with other relocatable object filesat compile time to create an executable object file


Executable Object Files

Shared object filea special relocatable object filethat can be loaded into memory and linke dynamicallyat either load time or run time


Types of Excutable Object Files

a.outCOFF (Common Object File format)PE (Portable Executable format)ELF (Executable and Linkable Format)


ELF Relocatable Object FilesLinking View

ELF HeaderProgram Header TableSection 1Section 2Section 3...............Section nSection Header Table

Program Header Table isoptional

Possible Section Types

.text

.rodata

.data

.bss

.symtab

.rel.text

.rel.data

.debug

.line

.strtab


ELF Header

16-byte sequence :the word size and byte orderinginformation that allows a linkerto parse and interpret the object file

the size of ELF headerthe object file type (relocatble, executable, shared)the machine type


Program Header Table 1

tells the system how to create a process imageexecutable files must have program header tablerelocatable files do not need (optional)need for execution

1http://www.skyfree.org/linux/references/ELF_Format.pdfYoung W. Lim Link 2. Object Files 2017-09-25 Mon 10 / 55

http://www.skyfree.org/linux/references/ELF_Format.pdf

Section Header Table 1

identifies all the sections in the fileevery section in the file has an entryin the section header tablean array of structures with an indexthe file offset of the section header tablethe size and number of entries in the section header tablecontains a fixed sized entry for each section in the object filerelocatable files must have program header tableexecutable files do not need (optional)need for linking


Memory Map

environment varscommandline argsstack.........heapuninit .bssinit .datatext


ELF Relocatable and Executable Object FilesLinking View

ELF HeaderProgram Header TableSection 1Section 2Section 3...............Section nSection Header Table

Program Header Table isoptional

Execution View

ELF HeaderSegment Header Table.init.text.rodata.data.bss.symtab.debug.line.strtabSection header Table


ELF Executable Object Files (1)

Execution View

ELF HeaderSegment Header Table.init.text.rodata.data.bss.symtab.debug.line.strtabSection header Table

RO Memory (Code) SegmentELF HeaderSegment Header Table.init.text.rodata

RW Memory (Data) Segment.data.bss

Non-memory Segment.debug.line.strtabSection Header Table


ELF Executable Object Files (2)

ELF Headerdescribes the overall format of the fileincludes the program’s entry pointthe address of the 1st instruction to executewhen the program runs

Segment Header Tablemaps contiguous file sectionsto run-time memory segments

.initdefines a small function _initcalled by the program’s initialization cdoe

.text, .rodata, datarelocated to the final run-time memory addresses

no .rel.text neither .rel.data


ELF Section Types Overview

.text the machine code

.rodata such as the format strings of printf

.data initialized global c variables

.bss uninitialized global c variables

.symtab about functions and global variables

.rel.text a list of locations in the .text to be modified

.rel.data global variables referenced or defined

.debug local, global variables, typedefs, c source files

.line line number information

.strtab a string table for .symtab and .debug


.text, .rodata

.textthe machine code

.rodataread only datastring constantsjump tables for swtich statements


.data, .bss

.datainitialized global variablesinitialized static variablesno local variables (on the stack, at the run time)occupy actual space in the object file

.bssuninitialized global variablesuninitialized static variablesno local variables (on the stack, at the run time)no actual space in the object filejust a place holder for space efficiency


.symtab

.symtab

symbol table information aboutfunctions and global variablesregardless of -g compile switchevery relocatable object filehas a symbol table in .symtabthe symbol table in .symtabno entries for local variablesthe symbol table inside a compilerdoes have entries for local variables


.rel.text

.rel.text

locations in the text sectionwill be changed when linker combines object filesinstructions that need to be changed:

calls an external functionreferences a global variable

instructions that calls local functions :no need to be changedexecutable object files do not needrelocation informationis usually omittedwithout an explicit instruction to include it


.rel.data

.rel.data

relocation information for any global variablesthat are referenced or defined by the moduleany initialized global variable will need to be modifiedwhose initial value is

the address of a global variableexternally defined function


.debug

.debug

a debugging symbole table entries

local variablestypedefsglobal variables

only present when compiled with the -g option


.line

.line

a mapping between line numbers and machine code instructions in the.textonly present when compiled with the -g option


.strtab

.strtab

a string table for the symbol tablesin the .symtab and .debug sectionsand for the section names in the section headersa string table is a sequence ofnull-terminated character string


c source code

// main.c ---------------------

void swap();

int buf[2] = {1, 2};

int main(){

swap();

return 0;}

// swap.c ---------------------

extern int buf[];

int *p0 = &buf[0];int *p1;

void swap(){

int tmp;

p1 = &buf[1];

tmp = *p0;*p0 = *p1;*p1 = tmp;

}


main source and assembly codes

// main.c ---------------------

void swap();

int buf[2] = {1, 2};

int main(){

swap();

return 0;}

00000000 <main>:0: lea 0x4(%esp),%ecx4: and $0xfffffff0,%esp7: pushl -0x4(%ecx)a: push %ebpb: mov %esp,%ebpd: push %ecxe: sub $0x4,%esp

11: call 12 <main+0x12>16: add $0x4,%esp19: xor %eax,%eax1b: pop %ecx1c: pop %ebp1d: lea -0x4(%ecx),%esp20: ret


swap source and assembly codes

// swap.c ---------------------

extern int buf[];

int *p0 = &buf[0];int *p1;

void swap(){

int tmp;

p1 = &buf[1];

tmp = *p0;*p0 = *p1;*p1 = tmp;

}

00000000 <swap>:0: mov 0x0,%eax5: mov 0x4,%ecxb: movl $0x4,0x0

12:15: mov (%eax),%edx17: mov %ecx,(%eax)19: mov %edx,0x41f: ret

+----------+p0 | buf[0] |

+----------+p1 | buf[1] |

+----------+


swap assembly codes witout optimization

-O200000000 <swap>:

0: push %ebp1: mov %esp,%ebp3: sub $0x10,%esp6: movl $0x4,0x0d:

10: mov 0x0,%eax15: mov (%eax),%eax17: mov %eax,-0x4(%ebp)1a: mov 0x0,%eax1f: mov 0x0,%edx25: mov (%edx),%edx27: mov %edx,(%eax)29: mov 0x0,%eax2e: mov -0x4(%ebp),%edx31: mov %edx,(%eax)33: nop34: leave35: ret

-O300000000 <swap>:

0: mov 0x0,%eax5: mov 0x4,%ecxb: movl $0x4,0x0


+----------+p0 | buf[0] |

+----------+p1 | buf[1] |

+----------+


relocatable and executable main’s

relocatable main00000000 <main>:

0: lea 0x4(%esp),%ecx4: and $0xfffffff0,%esp7: pushl -0x4(%ecx)a: push %ebpb: mov %esp,%ebpd: push %ecxe: sub $0x4,%esp

11: call 12 <main+0x12>16: add $0x4,%esp19: xor %eax,%eax1b: pop %ecx1c: pop %ebp1d: lea -0x4(%ecx),%esp20: ret

executable main080482e0 <main>:80482e0: lea 0x4(%esp),%ecx80482e4: and $0xfffffff0,%esp80482e7: pushl -0x4(%ecx)80482ea: push %ebp80482eb: mov %esp,%ebp80482ed: push %ecx80482ee: sub $0x4,%esp80482f1: call 8048400 <swap>80482f6: add $0x4,%esp80482f9: xor %eax,%eax80482fb: pop %ecx80482fc: pop %ebp80482fd: lea -0x4(%ecx),%esp8048300: ret


relocatable and executable swap’s

relocatable swap00000000 <swap>:

0: mov 0x0,%eax5: mov 0x4,%ecxb: movl $0x4,0x0


executable swap08048400 <swap>:8048400: mov 0x804a020,%eax8048405: mov 0x804a01c,%ecx804840b: movl $0x804a01c,0x804a0288048412:8048415: mov (%eax),%edx8048417: mov %ecx,(%eax)8048419: mov %edx,0x804a01c804841f: ret


(1) 16-byte alignment

0: lea 0x4(%esp),%ecx%ecx= %esp+4, %ecx-4=%esp%ecx = init_%esp + 4(%ecx) = normally, the 1st argument of a function

4: and $0xfffffff0,%esp%esp = %esp & 0xFFFFFFF0make zero the least 4-bits of %espnew %esp : the 16-byte alignment of %esp

7: pushl -0x4(%ecx)push [%ecx-4]. . . . . . . . . . . . . . . . . . . . . . . . (%esp -= 4)push [init_%esp], data where init_%esp points topush once more the return addresspreviously, stored at the unaligned init_%espnow, also stored at the 16-byte aligned new %esp


(2) Function Prologue

a: push %ebppush %ebp. . . . . . . . . . . . . . . . . . . . . . . . . . . ..(%esp -= 4)push init_%ebp (init_%ebp address)after the aligned %esp, %ebp is stored on the stack

b: mov %esp,%ebp%ebp= %espnew %ebp = %esp (aligned %esp)the base of the new stack frame is the aligned %esp

d: push %ecxpush %ecx. . . . . . . . . . . . . . . . . . . . . . . . . . . ..(%esp -= 4)push init_%esp+4 (address init_%esp +4)%ecx points to the unaligned stack top +4

e: sub $0x4,%esp%esp -= 4alloc local var’s. . . . . . . . . . . . . . . . . . . . . (%esp -= 4)enlarge %esp by 4


(3) Function Call

11: call 12 <main+0x12>

16: add $0x4,%esp%esp += 4dealloc local variabls . . . . . . . . . . . . .(%esp += 4)shrink %esp by 4

19: xor %eax,%eax%eax= 0return value %eax= 0return zero


(4) Function Epilogue

1b: pop %ecxpop %ecx. . . . . . . . . . . . . . . . . . . . . . . . . . . ..(%esp += 4)pop init_%esp+4 (address init_%esp+4)now %ecx points to the unaligned stack top +4

1c: pop %ebppop %ebp. . . . . . . . . . . . . . . . . . . . . . . . . . . ..(%esp += 4)pop init_%ebp (init_%ebp address)restore init_%ebp

1d: lea -0x4(%ecx),%esp%esp= %ecx-4 = (init_%esp+4)-4%esp= init_%esp (int_%esp unaligned address)restore init_%esp

20: ret


swap assembly code analysis (1)

readelf -s p53: 0804a020 4 OBJECT GLOBAL DEFAULT 25 p064: 0804a018 8 OBJECT GLOBAL DEFAULT 25 buf67: 0804a028 4 OBJECT GLOBAL DEFAULT 26 p1

0x804a028 p10x804a0240x804a020 p0

0x804a01c buf[ 1 ]0x804a018 buf[ 0 ]



initialized global variable is in .datareadelf -x .data p

0x0804a010 00000000 00000000 01000000 020000000x0804a020 18a00408

0x804a018 0x000000010x804a01c 0x000000020x804a020 0x0804a018

0x804a028 p10x804a0240x804a020 p0 = 0x08094a018

0x804a01c buf[ 1 ] = 20x804a018 buf[ 0 ] = 1



0: mov 0x0,%eax. . . . . . . . . . . . . . . . 0x804a020mov M[0x804a020], %eax%eax= M[0x804a020]%eax= p0 (address)

5: mov 0x4,%ecx. . . . . . . . . . . . . . . . 0x804a01cmov M[0x804a01c], %ecx%ecx= M[0x804a01c]%ecx= buf[ 1 ] (integer)

b: movl $0x4,0x0. . . . . . . . . . . . . . . . 0x804a01c, 0x804a028movl $0x804a01c, M[0x804a028]M[0x804a028] = 0x804a01cp1 = buf+1



%eax = p0 = 0x0804a018 (address)%ecx = buf[ 1 ] = 2 (integer)p1 = buf + 1 = 0x804a01c (address)

0x804a028 p1 = 0x0804a01c0x804a0240x804a020 p0 = 0x0804a018

0x804a01c buf[ 1 ] = 20x804a018 buf[ 0 ] = 1



swap( (%eax), {0x4})15: mov (%eax),%edx

mov M[ M[0x804a020] ], %edx%edx= M[ M[0x804a020] ] = M[0x804a018] = 1tmp = *p0;

17: mov %ecx,(%eax)mov M[0x804a01c], (%eax)M[ M[0x804a020] ] = M[0x804a018] = M[0x804a01c] = 2*p0 = buf[ 1 ];

19: mov %edx,0x4. . . . . . . . . . . . . . . 0x804a01cmov %edx, M[0x804a01c]M[0x804a01c]= %edxbuf[ 1 ] = tmp

1f: ret


relocatable objdump -d main.o

main.o: formato del fichero elf32-i386

Desensamblado de la sección .text.startup:

00000000 <main>:0: 8d 4c 24 04 lea 0x4(%esp),%ecx4: 83 e4 f0 and $0xfffffff0,%esp7: ff 71 fc pushl -0x4(%ecx)a: 55 push %ebpb: 89 e5 mov %esp,%ebpd: 51 push %ecxe: 83 ec 04 sub $0x4,%esp

11: e8 fc ff ff ff call 12 <main+0x12>16: 83 c4 04 add $0x4,%esp19: 31 c0 xor %eax,%eax1b: 59 pop %ecx1c: 5d pop %ebp1d: 8d 61 fc lea -0x4(%ecx),%esp20: c3 ret


relocatable objdump -d swap.o

swap.o: formato del fichero elf32-i386

Desensamblado de la sección .text:

00000000 <swap>:0: a1 00 00 00 00 mov 0x0,%eax5: 8b 0d 04 00 00 00 mov 0x4,%ecxb: c7 05 00 00 00 00 04 movl $0x4,0x0

12: 00 00 0015: 8b 10 mov (%eax),%edx17: 89 08 mov %ecx,(%eax)19: 89 15 04 00 00 00 mov %edx,0x41f: c3 ret


executable objdump -d p (disassemble) - main

080482e0 <main>:80482e0: 8d 4c 24 04 lea 0x4(%esp),%ecx80482e4: 83 e4 f0 and $0xfffffff0,%esp80482e7: ff 71 fc pushl -0x4(%ecx)80482ea: 55 push %ebp80482eb: 89 e5 mov %esp,%ebp80482ed: 51 push %ecx80482ee: 83 ec 04 sub $0x4,%esp80482f1: e8 0a 01 00 00 call 8048400 <swap>80482f6: 83 c4 04 add $0x4,%esp80482f9: 31 c0 xor %eax,%eax80482fb: 59 pop %ecx80482fc: 5d pop %ebp80482fd: 8d 61 fc lea -0x4(%ecx),%esp8048300: c3 ret


executable objdump -d p (disassemble) - swap

08048400 <swap>:8048400: a1 20 a0 04 08 mov 0x804a020,%eax8048405: 8b 0d 1c a0 04 08 mov 0x804a01c,%ecx804840b: c7 05 28 a0 04 08 1c movl $0x804a01c,0x804a0288048412: a0 04 088048415: 8b 10 mov (%eax),%edx8048417: 89 08 mov %ecx,(%eax)8048419: 89 15 1c a0 04 08 mov %edx,0x804a01c804841f: c3 ret


executable objdump -d p (disassemble) - section summary

./p: formato del fichero elf32-i386Desensamblado de la sección .init: .............................0804828c <_init>:Desensamblado de la sección .plt: ..............................080482b0 <__libc_start_main@plt-0x10>:080482c0 <__libc_start_main@plt>:Desensamblado de la sección .plt.got: ..........................080482d0 <.plt.got>:Desensamblado de la sección .text: .............................080482e0 <main>:08048301 <_start>:08048330 <__x86.get_pc_thunk.bx>:08048340 <deregister_tm_clones>:08048370 <register_tm_clones>:080483b0 <__do_global_dtors_aux>:080483d0 <frame_dummy>:08048400 <swap>:08048420 <__libc_csu_init>:08048480 <__libc_csu_fini>:Desensamblado de la sección .fini: .............................08048484 <_fini>:


readelf -h main.o

Encabezado ELF:Mágico: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00Clase: ELF32Datos: complemento a 2, little endianVersión: 1 (current)OS/ABI: UNIX - System VVersión ABI: 0Tipo: REL (Fichero reubicable)Máquina: Intel 80386Versión: 0x1Dirección del punto de entrada: 0x0Inicio de encabezados de programa: 0 (bytes en el fichero)Inicio de encabezados de sección: 524 (bytes en el fichero)Opciones: 0x0Tamaño de este encabezado: 52 (bytes)Tamaño de encabezados de programa: 0 (bytes)Número de encabezados de programa: 0Tamaño de encabezados de sección: 40 (bytes)Número de encabezados de sección: 12Índice de tabla de cadenas de sección de encabezado: 9


readelf -h swap.o

Encabezado ELF:Mágico: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00Clase: ELF32Datos: complemento a 2, little endianVersión: 1 (current)OS/ABI: UNIX - System VVersión ABI: 0Tipo: REL (Fichero reubicable)Máquina: Intel 80386Versión: 0x1Dirección del punto de entrada: 0x0Inicio de encabezados de programa: 0 (bytes en el fichero)Inicio de encabezados de sección: 596 (bytes en el fichero)Opciones: 0x0Tamaño de este encabezado: 52 (bytes)Tamaño de encabezados de programa: 0 (bytes)Número de encabezados de programa: 0Tamaño de encabezados de sección: 40 (bytes)Número de encabezados de sección: 13Índice de tabla de cadenas de sección de encabezado: 10


readelf -h p

Mágico: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00Clase: ELF32Datos: complemento a 2, little endianVersión: 1 (current)OS/ABI: UNIX - System VVersión ABI: 0Tipo: EXEC (Fichero ejecutable)Máquina: Intel 80386Versión: 0x1Dirección del punto de entrada: 0x8048301Inicio de encabezados de programa: 52 (bytes en el fichero)Inicio de encabezados de sección: 6180 (bytes en el fichero)Opciones: 0x0Tamaño de este encabezado: 52 (bytes)Tamaño de encabezados de programa: 32 (bytes)Número de encabezados de programa: 9Tamaño de encabezados de sección: 40 (bytes)Número de encabezados de sección: 31Índice de tabla de cadenas de sección de encabezado: 28


readelf -S main.o

Hay 12 encabezados de sección, comenzando en el desplazamiento: 0x20c:

Encabezados de Sección:[Nr] Nombre Tipo Direc Desp Tam ES Opt En Inf Al[ 0] NULL 00000000 000000 000000 00 0 0 0[ 1] .text PROGBITS 00000000 000034 000024 00 AX 0 0 1[ 2] .rel.text REL 00000000 0001a4 000008 08 I 10 1 4[ 3] .data PROGBITS 00000000 000058 000008 00 WA 0 0 4[ 4] .bss NOBITS 00000000 000060 000000 00 WA 0 0 1[ 5] .comment PROGBITS 00000000 000060 000035 01 MS 0 0 1[ 6] .note.GNU-stack PROGBITS 00000000 000095 000000 00 0 0 1[ 7] .eh_frame PROGBITS 00000000 000098 000044 00 A 0 0 4[ 8] .rel.eh_frame REL 00000000 0001ac 000008 08 I 10 7 4[ 9] .shstrtab STRTAB 00000000 0001b4 000057 00 0 0 1[10] .symtab SYMTAB 00000000 0000dc 0000b0 10 11 8 4[11] .strtab STRTAB 00000000 00018c 000016 00 0 0 1

Clave para Opciones:W (escribir), A (asignar), X (ejecutar), M (mezclar), S (cadenas)I (info), L (orden enlazado), G (grupo), T (TLS), E (excluir)x (desconocido), O (se requiere procesamiento extra del SO)o (específico del SO), p (específico del procesador)


readelf -S swap.o

Hay 13 encabezados de sección, comenzando en el desplazamiento: 0x254:

Encabezados de Sección:[Nr] Nombre Tipo Direc Desp Tam ES Opt En Inf Al[ 0] NULL 00000000 000000 000000 00 0 0 0[ 1] .text PROGBITS 00000000 000034 000036 00 AX 0 0 1[ 2] .rel.text REL 00000000 0001b8 000030 08 I 11 1 4[ 3] .data PROGBITS 00000000 00006c 000004 00 WA 0 0 4[ 4] .rel.data REL 00000000 0001e8 000008 08 I 11 3 4[ 5] .bss NOBITS 00000000 000070 000000 00 WA 0 0 1[ 6] .comment PROGBITS 00000000 000070 000035 01 MS 0 0 1[ 7] .note.GNU-stack PROGBITS 00000000 0000a5 000000 00 0 0 1[ 8] .eh_frame PROGBITS 00000000 0000a8 000038 00 A 0 0 4[ 9] .rel.eh_frame REL 00000000 0001f0 000008 08 I 11 8 4[10] .shstrtab STRTAB 00000000 0001f8 00005b 00 0 0 1[11] .symtab SYMTAB 00000000 0000e0 0000c0 10 12 8 4[12] .strtab STRTAB 00000000 0001a0 000017 00 0 0 1



readelf -S p (1)

Hay 31 encabezados de sección, comenzando en el desplazamiento: 0x1824:

Encabezados de Sección:[Nr] Nombre Tipo Direc Desp Tam ES Opt En Inf Al[ 0] NULL 00000000 000000 000000 00 0 0 0[ 1] .interp PROGBITS 08048154 000154 000013 00 A 0 0 1[ 2] .note.ABI-tag NOTE 08048168 000168 000020 00 A 0 0 4[ 3] .note.gnu.build-i NOTE 08048188 000188 000024 00 A 0 0 4[ 4] .gnu.hash GNU_HASH 080481ac 0001ac 000020 04 A 5 0 4[ 5] .dynsym DYNSYM 080481cc 0001cc 000040 10 A 6 1 4[ 6] .dynstr STRTAB 0804820c 00020c 000045 00 A 0 0 1[ 7] .gnu.version VERSYM 08048252 000252 000008 02 A 5 0 2[ 8] .gnu.version_r VERNEED 0804825c 00025c 000020 00 A 6 1 4[ 9] .rel.dyn REL 0804827c 00027c 000008 08 A 5 0 4[10] .rel.plt REL 08048284 000284 000008 08 AI 5 24 4[11] .init PROGBITS 0804828c 00028c 000023 00 AX 0 0 4[12] .plt PROGBITS 080482b0 0002b0 000020 04 AX 0 0 16[13] .plt.got PROGBITS 080482d0 0002d0 000008 00 AX 0 0 8[14] .text PROGBITS 080482e0 0002e0 0001a2 00 AX 0 0 16[15] .fini PROGBITS 08048484 000484 000014 00 AX 0 0 4


readelf -S p (2)

[16] .rodata PROGBITS 08048498 000498 000008 00 A 0 0 4[17] .eh_frame_hdr PROGBITS 080484a0 0004a0 000034 00 A 0 0 4[18] .eh_frame PROGBITS 080484d4 0004d4 0000e0 00 A 0 0 4[19] .init_array INIT_ARRAY 08049f08 000f08 000004 00 WA 0 0 4[20] .fini_array FINI_ARRAY 08049f0c 000f0c 000004 00 WA 0 0 4[21] .jcr PROGBITS 08049f10 000f10 000004 00 WA 0 0 4[22] .dynamic DYNAMIC 08049f14 000f14 0000e8 08 WA 6 0 4[23] .got PROGBITS 08049ffc 000ffc 000004 04 WA 0 0 4[24] .got.plt PROGBITS 0804a000 001000 000010 04 WA 0 0 4[25] .data PROGBITS 0804a010 001010 000014 00 WA 0 0 4[26] .bss NOBITS 0804a024 001024 000008 00 WA 0 0 4[27] .comment PROGBITS 00000000 001024 000034 01 MS 0 0 1[28] .shstrtab STRTAB 00000000 00171a 00010a 00 0 0 1[29] .symtab SYMTAB 00000000 001058 000490 10 30 48 4[30] .strtab STRTAB 00000000 0014e8 000232 00 0 0 1



readelf -l p (1)

El tipo del fichero elf es EXEC (Fichero ejecutable)Punto de entrada 0x8048301Hay 9 encabezados de programa, empezando en el desplazamiento 52

Encabezados de Programa:Tipo Desplaz DirVirt DirFísica TamFich TamMem Opt AlinPHDR 0x000034 0x08048034 0x08048034 0x00120 0x00120 R E 0x4INTERP 0x000154 0x08048154 0x08048154 0x00013 0x00013 R 0x1

[Requesting program interpreter: /lib/ld-linux.so.2]LOAD 0x000000 0x08048000 0x08048000 0x005b4 0x005b4 R E 0x1000LOAD 0x000f08 0x08049f08 0x08049f08 0x0011c 0x00124 RW 0x1000DYNAMIC 0x000f14 0x08049f14 0x08049f14 0x000e8 0x000e8 RW 0x4NOTE 0x000168 0x08048168 0x08048168 0x00044 0x00044 R 0x4GNU_EH_FRAME 0x0004a0 0x080484a0 0x080484a0 0x00034 0x00034 R 0x4GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10GNU_RELRO 0x000f08 0x08049f08 0x08049f08 0x000f8 0x000f8 R 0x1


readelf -l p (2)

mapeo de Sección a Segmento:Segmento Secciones...0001 .interp02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym

.dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init

.plt .plt.got .text .fini .rodata .eh_frame_hdr .eh_frame03 .init_array .fini_array .jcr .dynamic .got .got.plt .data .bss04 .dynamic05 .note.ABI-tag .note.gnu.build-id06 .eh_frame_hdr0708 .init_array .fini_array .jcr .dynamic .got


readelf HH


link 2. object files - wikimedia · link 2. object files youngw.lim 2017-09-25mon youngw.lim link2....

Documents