|
- UID
- 1029342
- 性别
- 男
|
这里,通过使用一些用于操作ELF文件的工具的例子,来对其有一个直观的了解。
1 readelf工具
readelf用来显示ELF格式目标文件的信息.可通过参数选项来控制显示哪些特定信息。
*读取elf文件头信息:
$ readelf -h fbtest
输入之后,输出如下:
ELF Header:
Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
Class: ELF32
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: EXEC (Executable file)
Machine: Intel 80386
Version: 0x1
Entry point address: 0x80484d0
Start of program headers: 52 (bytes into file)
Start of section headers: 5924 (bytes into file)
Flags: 0x0
Size of this header: 52 (bytes)
Size of program headers: 32 (bytes)
Number of program headers: 8
Size of section headers: 40 (bytes)
Number of section headers: 36
Section header string table index: 33
这里,fbtest是在本地使用gcc编译生成的一个简单的可执行程序。
*查看elf文件程序头表信息:
$readelf -l fbtest
输入之后,输出如下:
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
PHDR 0x000034 0x08048034 0x08048034 0x00100 0x00100 R E 0x4
INTERP 0x000134 0x08048134 0x08048134 0x00013 0x00013 R 0x1
[Requesting program interpreter: /lib/ld-linux.so.2]
LOAD 0x000000 0x08048000 0x08048000 0x00df4 0x00df4 R E 0x1000
LOAD 0x000f0c 0x08049f0c 0x08049f0c 0x00128 0x00178 RW 0x1000
DYNAMIC 0x000f20 0x08049f20 0x08049f20 0x000d0 0x000d0 RW 0x4
NOTE 0x000148 0x08048148 0x08048148 0x00020 0x00020 R 0x4
GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x4
GNU_RELRO 0x000f0c 0x08049f0c 0x08049f0c 0x000f4 0x000f4 R 0x1
Section to Segment mapping:
Segment Sections...
00
01 .interp
02 .interp .note.ABI-tag .hash .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .eh_frame
03 .ctors .dtors .jcr .dynamic .got .got.plt .data .bss
04 .dynamic
05 .note.ABI-tag
06
07 .ctors .dtors .jcr .dynamic .got
*查看elf文件的节信息:
$readelf -S libmy.so
输入之后,输出如下:
There are 33 section headers, starting at offset 0xfd0:
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[ 0] NULL 00000000 000000 000000 00 0 0 0
[ 1] .hash HASH 000000d4 0000d4 0000a0 04 A 3 0 4
[ 2] .gnu.hash GNU_HASH 00000174 000174 000040 04 A 3 0 4
[ 3] .dynsym DYNSYM 000001b4 0001b4 000150 10 A 4 1 4
[ 4] .dynstr STRTAB 00000304 000304 00018a 00 A 0 0 1
[ 5] .gnu.version VERSYM 0000048e 00048e 00002a 02 A 3 0 2
[ 6] .gnu.version_r VERNEED 000004b8 0004b8 000020 00 A 4 1 4
[ 7] .rel.dyn REL 000004d8 0004d8 0000e8 08 A 3 0 4
[ 8] .rel.plt REL 000005c0 0005c0 000010 08 A 3 10 4
[ 9] .init PROGBITS 000005d0 0005d0 000030 00 AX 0 0 4
[10] .plt PROGBITS 00000600 000600 000030 04 AX 0 0 4
[11] .text PROGBITS 00000630 000630 0002a4 00 AX 0 0 16
[12] .fini PROGBITS 000008d4 0008d4 00001c 00 AX 0 0 4
[13] .rodata PROGBITS 000008f0 0008f0 000006 00 A 0 0 1
[14] .eh_frame_hdr PROGBITS 000008f8 0008f8 000034 00 A 0 0 4
[15] .eh_frame PROGBITS 0000092c 00092c 0000d8 00 A 0 0 4
[16] .ctors PROGBITS 00001a04 000a04 00000c 00 WA 0 0 4
[17] .dtors PROGBITS 00001a10 000a10 000008 00 WA 0 0 4
[18] .jcr PROGBITS 00001a18 000a18 000004 00 WA 0 0 4
[19] .dynamic DYNAMIC 00001a1c 000a1c 0000d0 08 WA 4 0 4
[20] .got PROGBITS 00001aec 000aec 00000c 04 WA 0 0 4
[21] .got.plt PROGBITS 00001af8 000af8 000014 04 WA 0 0 4
[22] .data PROGBITS 00001b0c 000b0c 000008 00 WA 0 0 4
[23] .bss NOBITS 00001b14 000b14 000008 00 WA 0 0 4
[24] .comment PROGBITS 00000000 000b14 0000d2 00 0 0 1
[25] .debug_aranges PROGBITS 00000000 000be8 000050 00 0 0 8
[26] .debug_info PROGBITS 00000000 000c38 00011a 00 0 0 1
[27] .debug_abbrev PROGBITS 00000000 000d52 000024 00 0 0 1
[28] .debug_line PROGBITS 00000000 000d76 000102 00 0 0 1
[29] .debug_ranges PROGBITS 00000000 000e78 000040 00 0 0 8
[30] .shstrtab STRTAB 00000000 000eb8 000116 00 0 0 1
[31] .symtab SYMTAB 00000000 0014f8 0004c0 10 32 56 4
[32] .strtab STRTAB 00000000 0019b8 00031c 00 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings)
I (info), L (link order), G (group), x (unknown)
O (extra OS processing required) o (OS specific), p (processor specific)
这里的libmy.so是自行生成的一个共享库。 |
|
