readelf源码学习
生活随笔
收集整理的這篇文章主要介紹了
readelf源码学习
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
?
導入 /usr/include/elf.h
main.cpp
#include <iostream> #include <cstring> #include "elf.h" #include "stdio.h" #include "ELF_process.h"#define file_name "libhello-jni.so" #define SARMAG 8int main() {FILE *file = fopen(file_name,"rb");char armag[SARMAG];printf("Input file '%s'.\n", file_name);if (file == NULL){printf("Input file '%s' is not readable.\n", file_name);return 0;}if (fread (armag, SARMAG, 1, file) != 1){printf("%s: Failed to read file's magic number\n", file_name);fclose (file);return 0;}rewind(file);ELF_process *pro;pro->Process_object(file);fclose (file);delete(pro);return 0; }?
?
?
ELF_process.h
#include <iostream>/* ELF Header (32-bit implementations) */typedef struct {unsigned char e_ident[16]; /* ELF "magic number" */unsigned char e_type[2]; /* Identifies object file type */unsigned char e_machine[2]; /* Specifies required architecture */unsigned char e_version[4]; /* Identifies object file version */unsigned char e_entry[4]; /* Entry point virtual address */unsigned char e_phoff[4]; /* Program header table file offset */unsigned char e_shoff[4]; /* Section header table file offset */unsigned char e_flags[4]; /* Processor-specific flags */unsigned char e_ehsize[2]; /* ELF header size in bytes */unsigned char e_phentsize[2]; /* Program header table entry size */unsigned char e_phnum[2]; /* Program header table entry count */unsigned char e_shentsize[2]; /* Section header table entry size */unsigned char e_shnum[2]; /* Section header table entry count */unsigned char e_shstrndx[2]; /* Section header string table index */ } Elf32_External_Ehdr;typedef struct {unsigned char e_ident[16]; /* ELF "magic number" */unsigned char e_type[2]; /* Identifies object file type */unsigned char e_machine[2]; /* Specifies required architecture */unsigned char e_version[4]; /* Identifies object file version */unsigned char e_entry[8]; /* Entry point virtual address */unsigned char e_phoff[8]; /* Program header table file offset */unsigned char e_shoff[8]; /* Section header table file offset */unsigned char e_flags[4]; /* Processor-specific flags */unsigned char e_ehsize[2]; /* ELF header size in bytes */unsigned char e_phentsize[2]; /* Program header table entry size */unsigned char e_phnum[2]; /* Program header table entry count */unsigned char e_shentsize[2]; /* Section header table entry size */unsigned char e_shnum[2]; /* Section header table entry count */unsigned char e_shstrndx[2]; /* Section header string table index */ } Elf64_External_Ehdr;/* Section header */typedef struct {unsigned char sh_name[4]; /* Section name, index in string tbl */unsigned char sh_type[4]; /* Type of section */unsigned char sh_flags[4]; /* Miscellaneous section attributes */unsigned char sh_addr[4]; /* Section virtual addr at execution */unsigned char sh_offset[4]; /* Section file offset */unsigned char sh_size[4]; /* Size of section in bytes */unsigned char sh_link[4]; /* Index of another section */unsigned char sh_info[4]; /* Additional section information */unsigned char sh_addralign[4]; /* Section alignment */unsigned char sh_entsize[4]; /* Entry size if section holds table */ } Elf32_External_Shdr;typedef struct {unsigned char sh_name[4]; /* Section name, index in string tbl */unsigned char sh_type[4]; /* Type of section */unsigned char sh_flags[8]; /* Miscellaneous section attributes */unsigned char sh_addr[8]; /* Section virtual addr at execution */unsigned char sh_offset[8]; /* Section file offset */unsigned char sh_size[8]; /* Size of section in bytes */unsigned char sh_link[4]; /* Index of another section */unsigned char sh_info[4]; /* Additional section information */unsigned char sh_addralign[8]; /* Section alignment */unsigned char sh_entsize[8]; /* Entry size if section holds table */ } Elf64_External_Shdr;/* Program header */typedef struct {unsigned char p_type[4]; /* Identifies program segment type */unsigned char p_offset[4]; /* Segment file offset */unsigned char p_vaddr[4]; /* Segment virtual address */unsigned char p_paddr[4]; /* Segment physical address */unsigned char p_filesz[4]; /* Segment size in file */unsigned char p_memsz[4]; /* Segment size in memory */unsigned char p_flags[4]; /* Segment flags */unsigned char p_align[4]; /* Segment alignment, file & memory */ } Elf32_External_Phdr;typedef struct {unsigned char p_type[4]; /* Identifies program segment type */unsigned char p_flags[4]; /* Segment flags */unsigned char p_offset[8]; /* Segment file offset */unsigned char p_vaddr[8]; /* Segment virtual address */unsigned char p_paddr[8]; /* Segment physical address */unsigned char p_filesz[8]; /* Segment size in file */unsigned char p_memsz[8]; /* Segment size in memory */unsigned char p_align[8]; /* Segment alignment, file & memory */ } Elf64_External_Phdr;/* dynamic section structure */typedef struct {unsigned char d_tag[4]; /* entry tag value */union {unsigned char d_val[4];unsigned char d_ptr[4];} d_un; } Elf32_External_Dyn;typedef struct {unsigned char d_tag[8]; /* entry tag value */union {unsigned char d_val[8];unsigned char d_ptr[8];} d_un; } Elf64_External_Dyn;/* Relocation Entries */ typedef struct {unsigned char r_offset[4]; /* Location at which to apply the action */unsigned char r_info[4]; /* index and type of relocation */ } Elf32_External_Rel;typedef struct {unsigned char r_offset[4]; /* Location at which to apply the action */unsigned char r_info[4]; /* index and type of relocation */unsigned char r_addend[4]; /* Constant addend used to compute value */ } Elf32_External_Rela;typedef struct {unsigned char r_offset[8]; /* Location at which to apply the action */unsigned char r_info[8]; /* index and type of relocation */ } Elf64_External_Rel;typedef struct {unsigned char r_offset[8]; /* Location at which to apply the action */unsigned char r_info[8]; /* index and type of relocation */unsigned char r_addend[8]; /* Constant addend used to compute value */ } Elf64_External_Rela;/* Symbol table entry */typedef struct {unsigned char st_name[4]; /* Symbol name, index in string tbl */unsigned char st_value[4]; /* Value of the symbol */unsigned char st_size[4]; /* Associated symbol size */unsigned char st_info[1]; /* Type and binding attributes */unsigned char st_other[1]; /* No defined meaning, 0 */unsigned char st_shndx[2]; /* Associated section index */ } Elf32_External_Sym;typedef struct {unsigned char st_name[4]; /* Symbol name, index in string tbl */unsigned char st_info[1]; /* Type and binding attributes */unsigned char st_other[1]; /* No defined meaning, 0 */unsigned char st_shndx[2]; /* Associated section index */unsigned char st_value[8]; /* Value of the symbol */unsigned char st_size[8]; /* Associated symbol size */ } Elf64_External_Sym;class ELF_process {ELF_process();void* get_data(void * var, FILE * file, long offset, size_t size, size_t nmemb,const char * reason);void *cmalloc (size_t nmemb, size_t size);int get_32bit_section_headers (FILE * file, unsigned int num);int get_file_header(FILE *file);int process_file_header();const char* get_elf_class (unsigned int elf_class);const char * get_data_encoding (unsigned int encoding);const char * get_osabi_name (unsigned int osabi);const char *get_file_type (unsigned e_type);const char *get_machine_name (unsigned e_machine);int process_section_headers (FILE * file);const char *get_section_type_name (unsigned int sh_type);const char *get_mips_section_type_name (unsigned int sh_type);const char *get_parisc_section_type_name (unsigned int sh_type);const char *get_ia64_section_type_name (unsigned int sh_type);const char *get_x86_64_section_type_name (unsigned int sh_type);const char *get_aarch64_section_type_name (unsigned int sh_type);const char *get_arm_section_type_name (unsigned int sh_type);const char *get_tic6x_section_type_name (unsigned int sh_type);const char *get_msp430x_section_type_name (unsigned int sh_type);int process_program_headers (FILE * file);const char *get_segment_type (unsigned int p_type);const char *get_aarch64_segment_type (unsigned long type);const char *get_arm_segment_type (unsigned long type);const char *get_mips_segment_type (unsigned long type);const char *get_parisc_segment_type (unsigned long type);const char *get_ia64_segment_type (unsigned long type);const char *get_tic6x_segment_type (unsigned long type);int get_program_headers (FILE * file);int get_32bit_program_headers (FILE * file, Elf32_Phdr * pheaders);int get_64bit_program_headers (FILE * file, Elf64_Phdr * pheaders);int process_dynamic_section (FILE * file);int get_32bit_dynamic_section (FILE * file);int get_64bit_dynamic_section(FILE * file);void print_dynamic_flags (Elf32_Word flags);const char *get_dynamic_type (unsigned long type);int process_relocs (FILE * file);void get_32bit_rel(FILE *pFILE, unsigned int offset); public:int Process_object(FILE *file);void process_symbol_table(FILE *pFILE);void get_32bit_symbol(FILE *pFILE);void get_32bit_strdyn(FILE *pFILE, Elf32_Word name); };?
?
ELF_process.cpp
#include <elf.h> #include <cstring> #include "ELF_process.h" #define file_name "/home/hx/cProgram/Process/libhello-jni.so" #define BYTE_GET(field) byte_get_little_endian (field,sizeof(field)) static int is_32bit_elf; Elf32_Ehdr elf_header; Elf32_Shdr* section_headers; Elf32_Phdr* program_headers; Elf32_Sym* sym_dyn;static unsigned int dynamic_addr; static unsigned int dynamic_offset; unsigned int dynamic_strings; unsigned int dynamic_size; static unsigned int rel_nent; static unsigned int rel_dyn_offset; static unsigned int rel_dyn_size; static unsigned int sym_dyn_offset; static unsigned int sym_dyn_size; static unsigned int str_dyn_offset; static unsigned int str_dyn_size; unsigned int sym_nent; Elf32_Dyn* dynamic_section;static unsigned int dynamic_nent;#define SHT_PARISC_ANNOT 0x70000003 #define SHT_PARISC_SYMEXTN SHT_LOPROC + 8 #define SHT_PARISC_STUBS SHT_LOPROC + 9 #define SHT_PARISC_DLKM 0x70000004#define PT_PARISC_WEAKORDER 0x70000002 #define PT_HP_CORE_UTSNAME (PT_LOOS + 0x15)#define SHT_IA_64_PRIORITY_INIT (SHT_LOPROC + 0x9000000) #define SHT_IA_64_VMS_TRACE 0x60000000 #define SHT_IA_64_VMS_TIE_SIGNATURES 0x60000001 #define SHT_IA_64_VMS_DEBUG 0x60000002 #define SHT_IA_64_VMS_DEBUG_STR 0x60000003 #define SHT_IA_64_VMS_LINKAGES 0x60000004 #define SHT_IA_64_VMS_SYMBOL_VECTOR 0x60000005 #define SHT_IA_64_VMS_FIXUP 0x60000006 #define SHT_IA_64_LOPSREG (SHT_LOPROC + 0x8000000)#define EM_L1OM 180 /* Intel L1OM */ #define EM_K1OM 181 /* Intel K1OM */ #define EM_TI_C6000 140 /* Texas Instruments TMS320C6000 DSP family */ #define EM_MSP430 105 /* TI msp430 micro controller */#define SHT_ARM_DEBUGOVERLAY 0x70000004 /* Section holds overlay debug info. */ #define SHT_ARM_OVERLAYSECTION 0x70000005 /* Section holds GDB and overlay integration info. */#define SHT_X86_64_UNWIND 0x70000001 /* unwind information */#define SHT_AARCH64_ATTRIBUTES 0x70000003 /* Section holds attributes. */#define SHT_C6000_UNWIND 0x70000001 #define SHT_C6000_PREEMPTMAP 0x70000002 #define SHT_C6000_ATTRIBUTES 0x70000003 #define SHT_TI_ICODE 0x7F000000 #define SHT_TI_XREF 0x7F000001 #define SHT_TI_HANDLER 0x7F000002 #define SHT_TI_INITINFO 0x7F000003 #define SHT_TI_PHATTRS 0x7F000004#define SHT_MSP430_ATTRIBUTES 0x70000003 /* Section holds ABI attributes. */ #define SHT_MSP430_SEC_FLAGS 0x7f000005 /* Holds TI compiler's section flags. */ #define SHT_MSP430_SYM_ALIASES 0x7f000006 /* Holds TI compiler's symbol aliases. */#define PT_AARCH64_ARCHEXT (PT_LOPROC + 0)int byte_get_little_endian (unsigned char *field, int size){switch (size){case 1:return *field;case 2:return ((unsigned int)(field[0]))| (((unsigned int)(field[1])) << 8);case 3:return ((unsigned long) (field[0]))| (((unsigned long) (field[1])) << 8)| (((unsigned long) (field[2])) << 16);case 4:return ((unsigned long) (field[0]))| (((unsigned long) (field[1])) << 8)| (((unsigned long) (field[2])) << 16)| (((unsigned long) (field[3])) << 24);}}ELF_process::ELF_process() {}int ELF_process::Process_object(FILE *file) {if (!get_file_header(file)){printf("gei file header Failed");return 0;}/********* start process ***********/if (!process_file_header()){return 0;}if(!process_section_headers(file)){return 0;}if(!process_program_headers(file)){process_dynamic_section(file);}process_relocs(file);process_symbol_table(file);}int ELF_process::get_file_header(FILE *file) {/* Read in the identity array. */if (fread (elf_header.e_ident, EI_NIDENT, 1, file) != 1)return 0;/* For now we only support 32 bit and 64 bit ELF files. */is_32bit_elf = (elf_header.e_ident[EI_CLASS] != ELFCLASS64);/* Read in the rest of the header. */if (is_32bit_elf){Elf32_External_Ehdr ehdr32;if (fread (ehdr32.e_type, sizeof (ehdr32) - EI_NIDENT, 1, file) != 1)return 0;elf_header.e_type = BYTE_GET (ehdr32.e_type);elf_header.e_machine = BYTE_GET (ehdr32.e_machine);elf_header.e_version = BYTE_GET (ehdr32.e_version);elf_header.e_entry = BYTE_GET (ehdr32.e_entry);elf_header.e_phoff = BYTE_GET (ehdr32.e_phoff);elf_header.e_shoff = BYTE_GET (ehdr32.e_shoff);elf_header.e_flags = BYTE_GET (ehdr32.e_flags);elf_header.e_ehsize = BYTE_GET (ehdr32.e_ehsize);elf_header.e_phentsize = BYTE_GET (ehdr32.e_phentsize);elf_header.e_phnum = BYTE_GET (ehdr32.e_phnum);elf_header.e_shentsize = BYTE_GET (ehdr32.e_shentsize);elf_header.e_shnum = BYTE_GET (ehdr32.e_shnum);elf_header.e_shstrndx = BYTE_GET (ehdr32.e_shstrndx);if (elf_header.e_shoff){if (is_32bit_elf)get_32bit_section_headers(file,1);else{//64位 ... }}}return 1; }int ELF_process::get_32bit_section_headers(FILE *file, unsigned int num) {Elf32_External_Shdr * shdrs;Elf32_Shdr* internal;shdrs = (Elf32_External_Shdr *) get_data (NULL, file, elf_header.e_shoff,elf_header.e_shentsize, num,("section headers"));if (!shdrs)return 0;section_headers = (Elf32_Shdr *) cmalloc (num,sizeof (Elf32_Shdr));if (section_headers == NULL){printf("Out of memory\n");return 0;}internal = section_headers;for (int i = 0;i < num;i++, internal++){internal->sh_name = BYTE_GET (shdrs[i].sh_name);internal->sh_type = BYTE_GET (shdrs[i].sh_type);internal->sh_flags = BYTE_GET (shdrs[i].sh_flags);internal->sh_addr = BYTE_GET (shdrs[i].sh_addr);internal->sh_offset = BYTE_GET (shdrs[i].sh_offset);internal->sh_size = BYTE_GET (shdrs[i].sh_size);internal->sh_link = BYTE_GET (shdrs[i].sh_link);internal->sh_info = BYTE_GET (shdrs[i].sh_info);internal->sh_addralign = BYTE_GET (shdrs[i].sh_addralign);internal->sh_entsize = BYTE_GET (shdrs[i].sh_entsize);}free (shdrs);return 1; }void * ELF_process::get_data (void * var, FILE * file, long offset, size_t size, size_t nmemb,const char * reason) {void * mvar;if (size == 0 || nmemb == 0)return NULL;if (fseek (file, offset, SEEK_SET)){//error (_("Unable to seek to 0x%lx for %s\n"),// (unsigned long) archive_file_offset + offset, reason);return NULL;}mvar = var;if (mvar == NULL){/* Check for overflow. */if (nmemb < (~(size_t) 0 - 1) / size)/* + 1 so that we can '\0' terminate invalid string table sections. */mvar = malloc (size * nmemb + 1);if (mvar == NULL){//error (_("Out of memory allocating 0x%lx bytes for %s\n"),//(unsigned long)(size * nmemb), reason);return NULL;}((char *) mvar)[size * nmemb] = '\0';}if (fread (mvar, size, nmemb, file) != nmemb){//error (_("Unable to read in 0x%lx bytes of %s\n"),// (unsigned long)(size * nmemb), reason);if (mvar != var)free (mvar);return NULL;}return mvar; } void *ELF_process::cmalloc (size_t nmemb, size_t size) {/* Check for overflow. */if (nmemb >= ~(size_t) 0 / size)return NULL;elsereturn malloc (nmemb * size); }int ELF_process::process_file_header(void) {if ( elf_header.e_ident[EI_MAG0] != ELFMAG0|| elf_header.e_ident[EI_MAG1] != ELFMAG1|| elf_header.e_ident[EI_MAG2] != ELFMAG2|| elf_header.e_ident[EI_MAG3] != ELFMAG3){printf("Not an ELF file - it has the wrong magic bytes at the start\n");return 0;}printf("ELF Header:\n");printf(" Magic: ");for (int i = 0; i <EI_NIDENT ; ++i)printf ("%2.2x ", elf_header.e_ident[i]);printf("\n");printf(" Class: %s\n",get_elf_class(elf_header.e_ident[EI_CLASS]));printf (" Data: %s\n",get_data_encoding (elf_header.e_ident[EI_DATA]));printf (" Version: %d %s\n",elf_header.e_ident[EI_VERSION],(elf_header.e_ident[EI_VERSION] == EV_CURRENT? "(current)": (elf_header.e_ident[EI_VERSION] != EV_NONE? ("<unknown: %lx>"): "")));printf (" OS/ABI: %s\n",get_osabi_name (elf_header.e_ident[EI_OSABI]));printf (" ABI Version: %d\n",elf_header.e_ident[EI_ABIVERSION]);printf (" Type: %s\n",get_file_type (elf_header.e_type));printf (" Machine: %s\n",get_machine_name (elf_header.e_machine));printf (" Version: 0x%lx\n",(unsigned long) elf_header.e_version);printf (" Entry point address: 0x%x",elf_header.e_entry);printf ("\n Start of program headers: %d",elf_header.e_phoff);printf (" (bytes into file)\n Start of section headers: %d",elf_header.e_shoff);printf (" (bytes into file)\n");printf (" Flags: 0x%lx\n",(unsigned long)elf_header.e_flags);printf (" Size of this header: %ld (bytes)\n",(long)elf_header.e_ehsize);printf (" Size of program headers: %ld (bytes)\n",(long)elf_header.e_phentsize);printf (" Number of program headers: %ld\n",(long)elf_header.e_phnum);if (section_headers != NULL&& elf_header.e_phnum == PN_XNUM&& section_headers[0].sh_info != 0)printf (" (%ld)", (long) section_headers[0].sh_info);printf (" Size of section headers: %ld (bytes)\n",(long) elf_header.e_shentsize);printf (" Number of section headers: %ld\n",(long) elf_header.e_shnum);if (section_headers != NULL && elf_header.e_shnum == SHN_UNDEF)printf (" (%ld)", (long) section_headers[0].sh_size);printf (" Section header string table index: %ld\n",(long) elf_header.e_shstrndx);if (section_headers != NULL&& elf_header.e_shstrndx == (SHN_XINDEX & 0xffff))printf (" (%u)", section_headers[0].sh_link);else if (elf_header.e_shstrndx != SHN_UNDEF&& elf_header.e_shstrndx >= elf_header.e_shnum)printf (" <corrupt: out of range>");return 1;}const char * ELF_process::get_elf_class (unsigned int elf_class) {static char buff[32];switch (elf_class){case ELFCLASSNONE: return ("none");case ELFCLASS32: return "ELF32";case ELFCLASS64: return "ELF64";default:snprintf (buff, sizeof (buff), ("<unknown: %x>"), elf_class);return buff;} } const char * ELF_process::get_data_encoding (unsigned int encoding) {static char buff[32];switch (encoding){case ELFDATANONE: return ("none");case ELFDATA2LSB: return ("2's complement, little endian");case ELFDATA2MSB: return ("2's complement, big endian");default:snprintf (buff, sizeof (buff), ("<unknown: %x>"), encoding);return buff;} } const char * ELF_process::get_osabi_name (unsigned int osabi){static char buff[32];switch (osabi){case ELFOSABI_NONE: return "UNIX System V ABI";case ELFOSABI_HPUX: return "HP-UX";case ELFOSABI_NETBSD: return "NetBSD";case ELFOSABI_GNU: return "Object uses GNU ELF extensions";case ELFOSABI_SOLARIS: return "Sun Solaris";case ELFOSABI_AIX: return "IBM AIX";case ELFOSABI_IRIX: return "SGI Irix";case ELFOSABI_FREEBSD: return "FreeBSD";case ELFOSABI_TRU64: return "Compaq TRU64 UNIX";case ELFOSABI_MODESTO: return "Novell Modesto";case ELFOSABI_OPENBSD: return "OpenBSD";case ELFOSABI_ARM_AEABI: return "ARM EABI";case ELFOSABI_ARM: return "ARM";case ELFOSABI_STANDALONE: return "Standalone (embedded) application";default:break;}snprintf (buff, sizeof (buff), ("<unknown: %x>"), osabi);return buff; }const char *ELF_process::get_file_type(unsigned e_type) {static char buff[32];switch (e_type) {case ET_NONE:return "NONE (None)";case ET_REL:return "REL (Relocatable file)";case ET_EXEC:return "EXEC (Executable file)";case ET_DYN:return "DYN (Shared object file)";case ET_CORE:return "CORE (Core file)";default:if ((e_type >= ET_LOPROC) && (e_type <= ET_HIPROC))snprintf(buff, sizeof(buff), ("Processor Specific: (%x)"), e_type);else if ((e_type >= ET_LOOS) && (e_type <= ET_HIOS))snprintf(buff, sizeof(buff), ("OS Specific: (%x)"), e_type);elsesnprintf(buff, sizeof(buff), ("<unknown>: %x"), e_type);return buff;} }const char *ELF_process::get_machine_name(unsigned e_machine) {static char buff[64];switch (e_machine){case EM_NONE: return ("None");case EM_AARCH64: return "AArch64";case EM_M32: return "WE32100";case EM_SPARC: return "Sparc";case EM_386: return "Intel 80386";case EM_68K: return "MC68000";case EM_88K: return "MC88000";case EM_860: return "Intel 80860";case EM_MIPS: return "MIPS R3000";case EM_S370: return "IBM System/370";case EM_MIPS_RS3_LE: return "MIPS R4000 big-endian";case EM_PARISC: return "HPPA";case EM_SPARC32PLUS: return "Sparc v8+" ;case EM_960: return "Intel 90860";case EM_PPC: return "PowerPC";case EM_PPC64: return "PowerPC64";case EM_FR20: return "Fujitsu FR20";case EM_RH32: return "TRW RH32";case EM_ARM: return "ARM";case EM_SH: return "Renesas / SuperH SH";case EM_SPARCV9: return "Sparc v9";case EM_TRICORE: return "Siemens Tricore";case EM_ARC: return "ARC";case EM_H8_300: return "Renesas H8/300";case EM_H8_300H: return "Renesas H8/300H";case EM_H8S: return "Renesas H8S";case EM_H8_500: return "Renesas H8/500";case EM_IA_64: return "Intel IA-64";case EM_MIPS_X: return "Stanford MIPS-X";case EM_COLDFIRE: return "Motorola Coldfire";case EM_ALPHA: return "Alpha";case EM_D10V: return "d10v";case EM_D30V: return "d30v";case EM_M32R: return "Renesas M32R (formerly Mitsubishi M32r)";case EM_V800: return "Renesas V850 (using RH850 ABI)";case EM_V850: return "Renesas V850";case EM_MN10300: return "mn10300";case EM_MN10200: return "mn10200";case EM_FR30: return "Fujitsu FR30";case EM_PJ: return "picoJava";case EM_MMA: return "Fujitsu Multimedia Accelerator";case EM_PCP: return "Siemens PCP";case EM_NCPU: return "Sony nCPU embedded RISC processor";case EM_NDR1: return "Denso NDR1 microprocesspr";case EM_STARCORE: return "Motorola Star*Core processor";case EM_ME16: return "Toyota ME16 processor";case EM_ST100: return "STMicroelectronics ST100 processor";case EM_TINYJ: return "Advanced Logic Corp. TinyJ embedded processor";case EM_PDSP: return "Sony DSP processor";case EM_FX66: return "Siemens FX66 microcontroller";case EM_ST9PLUS: return "STMicroelectronics ST9+ 8/16 bit microcontroller";case EM_ST7: return "STMicroelectronics ST7 8-bit microcontroller";case EM_68HC16: return "Motorola MC68HC16 Microcontroller";case EM_68HC12: return "Motorola MC68HC12 Microcontroller";case EM_68HC11: return "Motorola MC68HC11 Microcontroller";case EM_68HC08: return "Motorola MC68HC08 Microcontroller";case EM_68HC05: return "Motorola MC68HC05 Microcontroller";case EM_SVX: return "Silicon Graphics SVx";case EM_ST19: return "STMicroelectronics ST19 8-bit microcontroller";case EM_VAX: return "Digital VAX";case EM_AVR: return "Atmel AVR 8-bit microcontroller";case EM_CRIS: return "Axis Communications 32-bit embedded processor";case EM_JAVELIN: return "Infineon Technologies 32-bit embedded cpu";case EM_FIREPATH: return "Element 14 64-bit DSP processor";case EM_ZSP: return "LSI Logic's 16-bit DSP processor";case EM_MMIX: return "Donald Knuth's educational 64-bit processor";case EM_HUANY: return "Harvard Universitys's machine-independent object format";case EM_PRISM: return "Vitesse Prism";case EM_X86_64: return "Advanced Micro Devices X86-64";case EM_S390: return "IBM S/390";case EM_OPENRISC:case EM_ARC_A5: return "ARC International ARCompact processor";case EM_XTENSA: return "Tensilica Xtensa Processor";case EM_MICROBLAZE:case EM_TILEPRO: return "Tilera TILEPro multicore architecture family";case EM_TILEGX: return "Tilera TILE-Gx multicore architecture family";default:snprintf (buff, sizeof (buff), ("<unknown>: 0x%x"), e_machine);}return buff;}int ELF_process::process_section_headers(FILE *file) {Elf32_Shdr * section;section = NULL;char * string_table;unsigned int flag_shoff;if (elf_header.e_shnum == 0){if (elf_header.e_shoff!=0)printf("possibly corrupt ELF file header - it has a non-zero section header offset, but no section headers\n");elseprintf ("\nThere are no sections in this file.\n");return 1;}printf (" There are %d section headers, starting at offset 0x%lx:\n",elf_header.e_shnum, (unsigned long) elf_header.e_shoff);if (is_32bit_elf){if (! get_32bit_section_headers (file, elf_header.e_shnum))return 0;}/* Read in the string table, so that we have names to display. */if (elf_header.e_shstrndx != SHN_UNDEF&& elf_header.e_shstrndx < elf_header.e_shnum){section = section_headers + elf_header.e_shstrndx;flag_shoff = section->sh_offset;}if (elf_header.e_shnum > 1)printf ("\nSection Headers:\n");elseprintf ("\nSection Header:\n");section = section_headers;unsigned int countC;if (is_32bit_elf){printf(" [Nr] Name Type Addr Off Size ES Flg Lk Inf Al\n");for (int i = 0;i < elf_header.e_shnum;i++, section++){printf (" [%2u] ", i);countC = flag_shoff + section->sh_name;fseek(file,countC,SEEK_SET);char string_name[20];fread(string_name,20,1,file);printf("%-16s ",string_name);printf ( " %-15.15s ",get_section_type_name (section->sh_type));printf("%6.8lx",(unsigned long) section->sh_addr);printf ( " %6.6lx %6.6lx %2.2lx",(unsigned long) section->sh_offset,(unsigned long) section->sh_size,(unsigned long) section->sh_entsize);if (section->sh_flags)printf (" %2.2x ", section->sh_flags);elseprintf("%4c",32);printf ("%2u ", section->sh_link);printf ("%3u %3lu", section->sh_info,(unsigned long) section->sh_addralign);if (strcmp(string_name,".dynamic")==0){dynamic_addr = section->sh_offset;dynamic_size = section->sh_size;}if (strcmp(string_name,".rel.dyn")==0){rel_dyn_offset = section->sh_offset;rel_dyn_size = section->sh_size;}if(strcmp(string_name,".dynsym")==0){sym_dyn_offset = section->sh_offset;sym_dyn_size = section->sh_size;}if(strcmp(string_name,".dynstr")==0){str_dyn_offset = section->sh_offset;str_dyn_size = section->sh_size;}printf("\n");}}return 1; }const char *ELF_process::get_section_type_name(unsigned int sh_type) {static char buff[32];switch (sh_type){case SHT_NULL: return "NULL";case SHT_PROGBITS: return "PROGBITS";case SHT_SYMTAB: return "SYMTAB";case SHT_STRTAB: return "STRTAB";case SHT_RELA: return "RELA";case SHT_HASH: return "HASH";case SHT_DYNAMIC: return "DYNAMIC";case SHT_NOTE: return "NOTE";case SHT_NOBITS: return "NOBITS";case SHT_REL: return "REL";case SHT_SHLIB: return "SHLIB";case SHT_DYNSYM: return "DYNSYM";case SHT_INIT_ARRAY: return "INIT_ARRAY";case SHT_FINI_ARRAY: return "FINI_ARRAY";case SHT_PREINIT_ARRAY: return "PREINIT_ARRAY";case SHT_GNU_HASH: return "GNU_HASH";case SHT_GROUP: return "GROUP";case SHT_SYMTAB_SHNDX: return "SYMTAB SECTION INDICIES";case SHT_GNU_verdef: return "VERDEF";case SHT_GNU_verneed: return "VERNEED";case SHT_GNU_versym: return "VERSYM";case 0x6ffffff0: return "VERSYM";case 0x6ffffffc: return "VERDEF";case 0x7ffffffd: return "AUXILIARY";case 0x7fffffff: return "FILTER";case SHT_GNU_LIBLIST: return "GNU_LIBLIST";default:if ((sh_type >= SHT_LOPROC) && (sh_type <= SHT_HIPROC)){const char * result;switch (elf_header.e_machine){case EM_MIPS:case EM_MIPS_RS3_LE:result = get_mips_section_type_name (sh_type);break;case EM_PARISC:result = get_parisc_section_type_name (sh_type);break;case EM_IA_64:result = get_ia64_section_type_name (sh_type);break;case EM_X86_64:case EM_L1OM:case EM_K1OM:result = get_x86_64_section_type_name (sh_type);break;case EM_AARCH64:result = get_aarch64_section_type_name (sh_type);break;case EM_ARM:result = get_arm_section_type_name (sh_type);break;case EM_TI_C6000:result = get_tic6x_section_type_name (sh_type);break;case EM_MSP430:result = get_msp430x_section_type_name (sh_type);break;default:result = NULL;break;}if (result != NULL)return result;sprintf (buff, "LOPROC+%x", sh_type - SHT_LOPROC);}else if ((sh_type >= SHT_LOOS) && (sh_type <= SHT_HIOS)){const char * result;switch (elf_header.e_machine){case EM_IA_64:result = get_ia64_section_type_name (sh_type);break;default:result = NULL;break;}if (result != NULL)return result;sprintf (buff, "LOOS+%x", sh_type - SHT_LOOS);}else if ((sh_type >= SHT_LOUSER) && (sh_type <= SHT_HIUSER))sprintf (buff, "LOUSER+%x", sh_type - SHT_LOUSER);else/* This message is probably going to be displayed in a 15character wide field, so put the hex value first. */snprintf (buff, sizeof (buff), ("%08x: <unknown>"), sh_type);return buff;} }const char *ELF_process::get_mips_section_type_name(unsigned int sh_type) {switch (sh_type){case SHT_MIPS_LIBLIST: return "MIPS_LIBLIST";case SHT_MIPS_MSYM: return "MIPS_MSYM";case SHT_MIPS_CONFLICT: return "MIPS_CONFLICT";case SHT_MIPS_GPTAB: return "MIPS_GPTAB";case SHT_MIPS_UCODE: return "MIPS_UCODE";case SHT_MIPS_DEBUG: return "MIPS_DEBUG";case SHT_MIPS_REGINFO: return "MIPS_REGINFO";case SHT_MIPS_PACKAGE: return "MIPS_PACKAGE";case SHT_MIPS_PACKSYM: return "MIPS_PACKSYM";case SHT_MIPS_RELD: return "MIPS_RELD";case SHT_MIPS_IFACE: return "MIPS_IFACE";case SHT_MIPS_CONTENT: return "MIPS_CONTENT";case SHT_MIPS_OPTIONS: return "MIPS_OPTIONS";case SHT_MIPS_SHDR: return "MIPS_SHDR";case SHT_MIPS_FDESC: return "MIPS_FDESC";case SHT_MIPS_EXTSYM: return "MIPS_EXTSYM";case SHT_MIPS_DENSE: return "MIPS_DENSE";case SHT_MIPS_PDESC: return "MIPS_PDESC";case SHT_MIPS_LOCSYM: return "MIPS_LOCSYM";case SHT_MIPS_AUXSYM: return "MIPS_AUXSYM";case SHT_MIPS_OPTSYM: return "MIPS_OPTSYM";case SHT_MIPS_LOCSTR: return "MIPS_LOCSTR";case SHT_MIPS_LINE: return "MIPS_LINE";case SHT_MIPS_RFDESC: return "MIPS_RFDESC";case SHT_MIPS_DELTASYM: return "MIPS_DELTASYM";case SHT_MIPS_DELTAINST: return "MIPS_DELTAINST";case SHT_MIPS_DELTACLASS: return "MIPS_DELTACLASS";case SHT_MIPS_DWARF: return "MIPS_DWARF";case SHT_MIPS_DELTADECL: return "MIPS_DELTADECL";case SHT_MIPS_SYMBOL_LIB: return "MIPS_SYMBOL_LIB";case SHT_MIPS_EVENTS: return "MIPS_EVENTS";case SHT_MIPS_TRANSLATE: return "MIPS_TRANSLATE";case SHT_MIPS_PIXIE: return "MIPS_PIXIE";case SHT_MIPS_XLATE: return "MIPS_XLATE";case SHT_MIPS_XLATE_DEBUG: return "MIPS_XLATE_DEBUG";case SHT_MIPS_WHIRL: return "MIPS_WHIRL";case SHT_MIPS_EH_REGION: return "MIPS_EH_REGION";case SHT_MIPS_XLATE_OLD: return "MIPS_XLATE_OLD";case SHT_MIPS_PDR_EXCEPTION: return "MIPS_PDR_EXCEPTION";default:break;}return NULL; }const char *ELF_process::get_parisc_section_type_name(unsigned int sh_type) {switch (sh_type){case SHT_PARISC_EXT: return "PARISC_EXT";case SHT_PARISC_UNWIND: return "PARISC_UNWIND";case SHT_PARISC_DOC: return "PARISC_DOC";case SHT_PARISC_ANNOT: return "PARISC_ANNOT";case SHT_PARISC_SYMEXTN: return "PARISC_SYMEXTN";case SHT_PARISC_STUBS: return "PARISC_STUBS";case SHT_PARISC_DLKM: return "PARISC_DLKM";default:break;}return NULL; }const char *ELF_process::get_ia64_section_type_name(unsigned int sh_type) {/* If the top 8 bits are 0x78 the next 8 are the os/abi ID. */if ((sh_type & 0xFF000000) == SHT_IA_64_LOPSREG)return get_osabi_name ((sh_type & 0x00FF0000) >> 16);switch (sh_type){case SHT_IA_64_EXT: return "IA_64_EXT";case SHT_IA_64_UNWIND: return "IA_64_UNWIND";case SHT_IA_64_PRIORITY_INIT: return "IA_64_PRIORITY_INIT";case SHT_IA_64_VMS_TRACE: return "VMS_TRACE";case SHT_IA_64_VMS_TIE_SIGNATURES: return "VMS_TIE_SIGNATURES";case SHT_IA_64_VMS_DEBUG: return "VMS_DEBUG";case SHT_IA_64_VMS_DEBUG_STR: return "VMS_DEBUG_STR";case SHT_IA_64_VMS_LINKAGES: return "VMS_LINKAGES";case SHT_IA_64_VMS_SYMBOL_VECTOR: return "VMS_SYMBOL_VECTOR";case SHT_IA_64_VMS_FIXUP: return "VMS_FIXUP";default:break;}return NULL;}const char *ELF_process::get_x86_64_section_type_name(unsigned int sh_type) {switch (sh_type){case SHT_X86_64_UNWIND: return "X86_64_UNWIND";default:break;}return NULL;}const char *ELF_process::get_aarch64_section_type_name(unsigned int sh_type) {switch (sh_type){case SHT_AARCH64_ATTRIBUTES:return "AARCH64_ATTRIBUTES";default:break;}return NULL;}const char *ELF_process::get_arm_section_type_name(unsigned int sh_type) {switch (sh_type){case SHT_ARM_EXIDX: return "ARM_EXIDX";case SHT_ARM_PREEMPTMAP: return "ARM_PREEMPTMAP";case SHT_ARM_ATTRIBUTES: return "ARM_ATTRIBUTES";case SHT_ARM_DEBUGOVERLAY: return "ARM_DEBUGOVERLAY";case SHT_ARM_OVERLAYSECTION: return "ARM_OVERLAYSECTION";default:break;}return NULL; }const char *ELF_process::get_tic6x_section_type_name(unsigned int sh_type) {switch (sh_type){case SHT_C6000_UNWIND:return "C6000_UNWIND";case SHT_C6000_PREEMPTMAP:return "C6000_PREEMPTMAP";case SHT_C6000_ATTRIBUTES:return "C6000_ATTRIBUTES";case SHT_TI_ICODE:return "TI_ICODE";case SHT_TI_XREF:return "TI_XREF";case SHT_TI_HANDLER:return "TI_HANDLER";case SHT_TI_INITINFO:return "TI_INITINFO";case SHT_TI_PHATTRS:return "TI_PHATTRS";default:break;}return NULL;}const char *ELF_process::get_msp430x_section_type_name(unsigned int sh_type) {switch (sh_type){case SHT_MSP430_SEC_FLAGS: return "MSP430_SEC_FLAGS";case SHT_MSP430_SYM_ALIASES: return "MSP430_SYM_ALIASES";case SHT_MSP430_ATTRIBUTES: return "MSP430_ATTRIBUTES";default: return NULL;} }const char *ELF_process::get_segment_type(unsigned int p_type) {static char buff[32];switch (p_type){case PT_NULL: return "NULL";case PT_LOAD: return "LOAD";case PT_DYNAMIC: return "DYNAMIC";case PT_INTERP: return "INTERP";case PT_NOTE: return "NOTE";case PT_SHLIB: return "SHLIB";case PT_PHDR: return "PHDR";case PT_TLS: return "TLS";case PT_GNU_EH_FRAME:return "GNU_EH_FRAME";case PT_GNU_STACK: return "GNU_STACK";case PT_GNU_RELRO: return "GNU_RELRO";default:if ((p_type >= PT_LOPROC) && (p_type <= PT_HIPROC)){const char * result;switch (elf_header.e_machine){case EM_AARCH64:result = get_aarch64_segment_type (p_type);break;case EM_ARM:result = get_arm_segment_type (p_type);break;case EM_MIPS:case EM_MIPS_RS3_LE:result = get_mips_segment_type (p_type);break;case EM_PARISC:result = get_parisc_segment_type (p_type);break;case EM_IA_64:result = get_ia64_segment_type (p_type);break;case EM_TI_C6000:result = get_tic6x_segment_type (p_type);break;default:result = NULL;break;}if (result != NULL)return result;sprintf (buff, "LOPROC+%x", p_type - PT_LOPROC);}else if ((p_type >= PT_LOOS) && (p_type <= PT_HIOS)){const char * result;switch (elf_header.e_machine){case EM_PARISC:result = get_parisc_segment_type (p_type);break;case EM_IA_64:result = get_ia64_segment_type (p_type);break;default:result = NULL;break;}if (result != NULL)return result;sprintf (buff, "LOOS+%x", p_type - PT_LOOS);}elsesnprintf (buff, sizeof (buff), ("<unknown>: %x"), p_type);return buff;}}int ELF_process::process_program_headers(FILE *file) {Elf32_Phdr* segment;unsigned long dynamic_addr;if(elf_header.e_phnum == 0){if(elf_header.e_phoff!=0){printf ("possibly corrupt ELF header - it has a non-zero program"" header offset, but no program headers");} else{printf ("\nThere are no program headers in this file.\n");return 0;}}else{printf ("\nProgram Headers:\n");if(is_32bit_elf)printf(" Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align\n");elseprintf(" Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align\n");}if (! get_program_headers (file))return 0;unsigned int i;for (i = 0, segment = program_headers;i < elf_header.e_phnum;i++, segment++){printf (" %-14.14s ", get_segment_type (segment->p_type));if(is_32bit_elf){printf ("0x%6.6x ", (unsigned int) segment->p_offset);printf ("0x%8.8x ", (unsigned int) segment->p_vaddr);printf ("0x%8.8x ", (unsigned int) segment->p_paddr);printf ("0x%5.5x ", (unsigned int) segment->p_filesz);printf ("0x%5.5x ", (unsigned int) segment->p_memsz);printf ("%c%c%c ",(segment->p_flags & PF_R ? 'R' : ' '),(segment->p_flags & PF_W ? 'W' : ' '),(segment->p_flags & PF_X ? 'E' : ' '));printf ("%#x", (unsigned int) segment->p_align);}printf("\n");}return 0; }const char *ELF_process::get_aarch64_segment_type(unsigned long type) {switch (type){case PT_AARCH64_ARCHEXT:return "AARCH64_ARCHEXT";default:break;}return NULL;}const char *ELF_process::get_arm_segment_type(unsigned long type) {switch (type){case PT_ARM_EXIDX:return "EXIDX";default:break;}return NULL;}const char *ELF_process::get_mips_segment_type(unsigned long type) {switch (type){case PT_MIPS_REGINFO:return "REGINFO";case PT_MIPS_RTPROC:return "RTPROC";case PT_MIPS_OPTIONS:return "OPTIONS";default:break;}return NULL; }const char *ELF_process::get_parisc_segment_type(unsigned long type) {switch (type){case PT_HP_TLS: return "HP_TLS";case PT_HP_CORE_NONE: return "HP_CORE_NONE";case PT_HP_CORE_VERSION: return "HP_CORE_VERSION";case PT_HP_CORE_KERNEL: return "HP_CORE_KERNEL";case PT_HP_CORE_COMM: return "HP_CORE_COMM";case PT_HP_CORE_PROC: return "HP_CORE_PROC";case PT_HP_CORE_LOADABLE: return "HP_CORE_LOADABLE";case PT_HP_CORE_STACK: return "HP_CORE_STACK";case PT_HP_CORE_SHM: return "HP_CORE_SHM";case PT_HP_CORE_MMF: return "HP_CORE_MMF";case PT_HP_PARALLEL: return "HP_PARALLEL";case PT_HP_FASTBIND: return "HP_FASTBIND";case PT_HP_OPT_ANNOT: return "HP_OPT_ANNOT";case PT_HP_HSL_ANNOT: return "HP_HSL_ANNOT";case PT_HP_STACK: return "HP_STACK";case PT_HP_CORE_UTSNAME: return "HP_CORE_UTSNAME";case PT_PARISC_ARCHEXT: return "PARISC_ARCHEXT";case PT_PARISC_UNWIND: return "PARISC_UNWIND";case PT_PARISC_WEAKORDER: return "PARISC_WEAKORDER";default:break;}return NULL;}const char *ELF_process::get_ia64_segment_type(unsigned long type) {switch (type){case PT_IA_64_ARCHEXT: return "IA_64_ARCHEXT";case PT_IA_64_UNWIND: return "IA_64_UNWIND";case PT_HP_TLS: return "HP_TLS";case PT_IA_64_HP_OPT_ANOT: return "HP_OPT_ANNOT";case PT_IA_64_HP_HSL_ANOT: return "HP_HSL_ANNOT";case PT_IA_64_HP_STACK: return "HP_STACK";default:break;}return NULL; } #define PT_C6000_PHATTR 0x70000000const char *ELF_process::get_tic6x_segment_type(unsigned long type) {switch (type){case PT_C6000_PHATTR: return "C6000_PHATTR";default:break;}return NULL;}int ELF_process::get_program_headers(FILE *file) {Elf32_Phdr* phdrs;Elf64_Phdr* phdrs64;/* Check cache of prior read. */if (program_headers != NULL)return 1;phdrs = (Elf32_Phdr *) cmalloc (elf_header.e_phnum,sizeof (Elf32_Phdr));if (phdrs == NULL){printf("Out of memory\n");return 0;}if (is_32bit_elf? get_32bit_program_headers (file, phdrs): get_64bit_program_headers (file, phdrs64)){program_headers = phdrs;return 1;}free (phdrs);return 0;}int ELF_process::get_32bit_program_headers(FILE *file, Elf32_Phdr *pheaders) {Elf32_External_Phdr* phdrs;Elf32_External_Phdr* external;Elf32_Phdr* internal;unsigned int i;phdrs = (Elf32_External_Phdr *) get_data (NULL, file, elf_header.e_phoff,elf_header.e_phentsize,elf_header.e_phnum,("program headers"));if (!phdrs)return 0;for (i = 0, internal = pheaders, external = phdrs;i < elf_header.e_phnum;i++, internal++, external++){internal->p_type = BYTE_GET (external->p_type);internal->p_offset = BYTE_GET (external->p_offset);internal->p_vaddr = BYTE_GET (external->p_vaddr);internal->p_paddr = BYTE_GET (external->p_paddr);internal->p_filesz = BYTE_GET (external->p_filesz);internal->p_memsz = BYTE_GET (external->p_memsz);internal->p_flags = BYTE_GET (external->p_flags);internal->p_align = BYTE_GET (external->p_align);}free (phdrs);return 1; }int ELF_process::get_64bit_program_headers(FILE *file, Elf64_Phdr *pheaders) {return 0; }int ELF_process::process_dynamic_section(FILE *file) {Elf32_Dyn * entry;if (is_32bit_elf){if (! get_32bit_dynamic_section (file))return 0;} else if (! get_64bit_dynamic_section (file))return 0;if(dynamic_addr){printf ("\nDynamic section at offset 0x%x contains %u entries:\n",dynamic_addr, dynamic_nent);printf (" Tag Type Name/Value\n");}for (entry = dynamic_section;entry < dynamic_section + dynamic_nent;entry++){const char * dtype;putchar (' ');printf("0x%2.8x ",entry->d_tag);dtype = get_dynamic_type(entry->d_tag);printf("(%s)%*s",dtype,(27-strlen(dtype))," ");switch (entry->d_tag){case DT_FLAGS:print_dynamic_flags (entry->d_un.d_val);break;case DT_AUXILIARY:case DT_FILTER:case DT_CONFIG:case DT_DEPAUDIT:case DT_AUDIT:switch (entry->d_tag){case DT_AUXILIARY:printf ("Auxiliary library");break;case DT_FILTER:printf ("Filter library");break;case DT_CONFIG:printf ("Configuration file");break;case DT_DEPAUDIT:printf ("Dependency audit library");break;case DT_AUDIT:printf ("Audit library");break;}break;default:printf("0x%x",entry->d_un.d_val);}printf("\n");}}int ELF_process::get_32bit_dynamic_section(FILE *file) {Elf32_External_Dyn * edyn = (Elf32_External_Dyn *) malloc(dynamic_size);Elf32_External_Dyn * ext;Elf32_Dyn * entry;fseek(file,dynamic_addr,SEEK_SET);fread(edyn,dynamic_size,1,file);if(edyn==NULL)return 0;for (ext = edyn, dynamic_nent = 0;(char *) ext < (char *) edyn + dynamic_size;ext++){dynamic_nent++;if (BYTE_GET (ext->d_tag) == DT_NULL)break;}dynamic_section = (Elf32_Dyn *) cmalloc (dynamic_nent,sizeof (* entry));if (dynamic_section == NULL){printf("Out of memory\n");free (edyn);return 0;}for (ext = edyn, entry = dynamic_section;entry < dynamic_section + dynamic_nent;ext++, entry++){entry->d_tag = BYTE_GET (ext->d_tag);entry->d_un.d_val = BYTE_GET (ext->d_un.d_val);}free(edyn);return 1;}int ELF_process::get_64bit_dynamic_section(FILE *file) {return 0; }void ELF_process::print_dynamic_flags(Elf32_Word flags) {int first = 1;while (flags){Elf32_Word flag;flag = flags & - flags;flags &= ~ flag;if (first)first = 0;elseputc (' ', stdout);switch (flag){case DF_ORIGIN: fputs ("ORIGIN", stdout); break;case DF_SYMBOLIC: fputs ("SYMBOLIC", stdout); break;case DF_TEXTREL: fputs ("TEXTREL", stdout); break;case DF_BIND_NOW: fputs ("BIND_NOW", stdout); break;case DF_STATIC_TLS: fputs ("STATIC_TLS", stdout); break;default: fputs (("unknown"), stdout); break;}}} #define DT_FEATURE 0x6ffffdfc #define DT_USED 0x7ffffffe const char *ELF_process::get_dynamic_type(unsigned long type) {static char buff[64];switch (type){case DT_NULL: return "NULL";case DT_NEEDED: return "NEEDED";case DT_PLTRELSZ: return "PLTRELSZ";case DT_PLTGOT: return "PLTGOT";case DT_HASH: return "HASH";case DT_STRTAB: return "STRTAB";case DT_SYMTAB: return "SYMTAB";case DT_RELA: return "RELA";case DT_RELASZ: return "RELASZ";case DT_RELAENT: return "RELAENT";case DT_STRSZ: return "STRSZ";case DT_SYMENT: return "SYMENT";case DT_INIT: return "INIT";case DT_FINI: return "FINI";case DT_SONAME: return "SONAME";case DT_RPATH: return "RPATH";case DT_SYMBOLIC: return "SYMBOLIC";case DT_REL: return "REL";case DT_RELSZ: return "RELSZ";case DT_RELENT: return "RELENT";case DT_PLTREL: return "PLTREL";case DT_DEBUG: return "DEBUG";case DT_TEXTREL: return "TEXTREL";case DT_JMPREL: return "JMPREL";case DT_BIND_NOW: return "BIND_NOW";case DT_INIT_ARRAY: return "INIT_ARRAY";case DT_FINI_ARRAY: return "FINI_ARRAY";case DT_INIT_ARRAYSZ: return "INIT_ARRAYSZ";case DT_FINI_ARRAYSZ: return "FINI_ARRAYSZ";case DT_RUNPATH: return "RUNPATH";case DT_FLAGS: return "FLAGS";case DT_PREINIT_ARRAY: return "PREINIT_ARRAY";case DT_PREINIT_ARRAYSZ: return "PREINIT_ARRAYSZ";case DT_CHECKSUM: return "CHECKSUM";case DT_PLTPADSZ: return "PLTPADSZ";case DT_MOVEENT: return "MOVEENT";case DT_MOVESZ: return "MOVESZ";case DT_FEATURE: return "FEATURE";case DT_POSFLAG_1: return "POSFLAG_1";case DT_SYMINSZ: return "SYMINSZ";case DT_SYMINENT: return "SYMINENT"; /* aka VALRNGHI */case DT_ADDRRNGLO: return "ADDRRNGLO";case DT_CONFIG: return "CONFIG";case DT_DEPAUDIT: return "DEPAUDIT";case DT_AUDIT: return "AUDIT";case DT_PLTPAD: return "PLTPAD";case DT_MOVETAB: return "MOVETAB";case DT_SYMINFO: return "SYMINFO"; /* aka ADDRRNGHI */case DT_VERSYM: return "VERSYM";case DT_TLSDESC_GOT: return "TLSDESC_GOT";case DT_TLSDESC_PLT: return "TLSDESC_PLT";case DT_RELACOUNT: return "RELACOUNT";case DT_RELCOUNT: return "RELCOUNT";case DT_FLAGS_1: return "FLAGS_1";case DT_VERDEF: return "VERDEF";case DT_VERDEFNUM: return "VERDEFNUM";case DT_VERNEED: return "VERNEED";case DT_VERNEEDNUM: return "VERNEEDNUM";case DT_AUXILIARY: return "AUXILIARY";case DT_USED: return "USED";case DT_FILTER: return "FILTER";case DT_GNU_PRELINKED: return "GNU_PRELINKED";case DT_GNU_CONFLICT: return "GNU_CONFLICT";case DT_GNU_CONFLICTSZ: return "GNU_CONFLICTSZ";case DT_GNU_LIBLIST: return "GNU_LIBLIST";case DT_GNU_LIBLISTSZ: return "GNU_LIBLISTSZ";case DT_GNU_HASH: return "GNU_HASH";}return nullptr; }#define ARRAY_SIZE(a) (sizeof (a) / sizeof ((a)[0])) #define FALSE 0 #define TRUE 1 #define UNKNOWN -1 static struct {const char * name;int reloc;int size;int rela; } dynamic_relocations [] ={{ "REL", DT_REL, DT_RELSZ, FALSE },{ "RELA", DT_RELA, DT_RELASZ, TRUE },{ "PLT", DT_JMPREL, DT_PLTRELSZ, UNKNOWN }}; Elf32_Rel* elf32_rel; int ELF_process::process_relocs(FILE *file) {Elf32_Rel* entry_rel;if(is_32bit_elf){get_32bit_rel(file,rel_dyn_offset);}else{//64位... }printf (" \nat offset 0x%2.2x contains %u entries:\n",rel_dyn_offset, rel_nent);printf (" Offset Info Type Sym. Value Sym. Name\n");for (entry_rel = elf32_rel;entry_rel < elf32_rel + rel_nent;entry_rel++){printf("%10.8x ",entry_rel->r_offset);printf("%15.8x\n",entry_rel->r_info);}return 0; }void ELF_process::get_32bit_rel(FILE *pFILE, unsigned int offset) {Elf32_External_Rel* rel= (Elf32_External_Rel *) malloc(rel_dyn_size);Elf32_External_Rel* ext;Elf32_Rel* relt;fseek(pFILE,offset,SEEK_SET);fread(rel,rel_dyn_size,1,pFILE);if(rel==NULL)return;for (ext = rel, rel_nent = 0;(char *) ext < (char *) rel + rel_dyn_size;ext++){rel_nent++;if (BYTE_GET (rel->r_offset) == DT_NULL)break;}elf32_rel = (Elf32_Rel *) cmalloc (dynamic_nent,sizeof (* relt));for (ext = rel, relt = elf32_rel;relt < elf32_rel + rel_nent;ext++, relt++){relt->r_offset = BYTE_GET (ext->r_offset);relt->r_info = BYTE_GET (ext->r_info);}free(rel);return; }void ELF_process::process_symbol_table(FILE *pFILE) {Elf32_Sym* sym;get_32bit_symbol(pFILE);printf("\n");unsigned int i;for ( i=0, sym = sym_dyn;sym<sym_dyn+sym_nent;sym++,i++){printf("%2d: ",i);printf("%2.8x ",sym->st_value);printf("%-2.2x",sym->st_shndx);printf("%-12.2x ",sym->st_other);printf("%-12.2x ",sym->st_info);printf("%-12.2x ",sym->st_size);get_32bit_strdyn(pFILE,sym->st_name);}}void ELF_process::get_32bit_symbol(FILE *pFILE) {Elf32_External_Sym* exty = (Elf32_External_Sym *) malloc(sym_dyn_size);Elf32_External_Sym* ext;Elf32_Sym* symbool;fseek(pFILE,sym_dyn_offset,SEEK_SET);fread(exty,sym_dyn_size,1,pFILE);if (!exty)return;for (ext = exty, sym_nent = 0;(char *) ext < (char *) exty + sym_dyn_size;ext++){sym_nent++;}sym_dyn = (Elf32_Sym *) cmalloc (sym_nent,sizeof (* exty));for (ext = exty, symbool = sym_dyn ;symbool < sym_dyn + sym_nent;ext++, symbool++){symbool->st_name = BYTE_GET(ext->st_name);symbool->st_info = BYTE_GET(ext->st_info);symbool->st_other = BYTE_GET(ext->st_other);symbool->st_shndx = BYTE_GET(ext->st_shndx);symbool->st_size = BYTE_GET(ext->st_size);symbool->st_value = BYTE_GET(ext->st_value);//printf("%2.2x ",sym_dyn->st_name); }free(exty);return;}void ELF_process::get_32bit_strdyn(FILE *pFILE, Elf32_Word name) {unsigned char sym_name[1024];fseek(pFILE,(str_dyn_offset+name),SEEK_SET);fread(sym_name,1024,1,pFILE);printf("%s\n",sym_name); }?
轉載于:https://www.cnblogs.com/NigelX/p/6522001.html
總結
以上是生活随笔為你收集整理的readelf源码学习的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: C# WinForm程序中强制退出程序以
- 下一篇: cms-幻灯片的实现