SlideShare una empresa de Scribd logo

Program Structure in GNU/Linux (ELF Format)

Varun Mahajan
Varun Mahajan
Educación
1 de 29
Program Structure In GNU/Linux Author: Varun Mahajan <varunmahajan06@gmail.com>
Contents  $gcc *.c -o Program – Processing of a User Program • Preprocessing • Compilation • Assembly • Linking – ELF Format The content is specific to a GNU/Linux system running on Intel Architecture
Processing of a User Program .c .h (C code) cpp main.c main.i cpp OR (C pre-processor) gcc -E main.c -o main.i .i (Preprocessed C code) /usr/lib/gcc/i486-linux-gnu/4.3.2/cc1 -fpreprocessed cc1 main.i -o main.s -quiet (C compiler) OR gcc -S main.i -o main.s .s (Assembly code) as main.s -o main.o as (Assembler) OR gcc main.s -o main.o .o (Object code)
Program
ELF Format: Object Files ELF Header Program Header Table (optional) Section Header Table Section 1 ... ... ... ... Section n Except the ELF Header, which is in the beginning of the file, rest of the components may be in any order
ELF Header (.o) $readelf -h main.o ELF Identification Relocation is the process of connecting symbolic references with symbolic definitions. For example, when a program calls a function, the associated call instruction must transfer control to the proper destination address at execution Relocatable files must have information that describes how to modify their section contents, thus allowing executable and shared object files to hold the right information for a process's program image An ELF header resides at the beginning and holds a 'road map' describing the file's organization ● ELF Identification: (16 bytes) ● Magic no: Identifies the file as ELF object file [0x7f, 'E', 'L', 'F'] ● Class: Identifies file's class or capacity. ELF32 supports machines with files and virtual address spaces up to 4 gigabytes ● Data: Data encoding for processor-specific data in the object file ● Version: ELF header version number ● OS/ABI: Operating system ● ABI Version: Application Binary Interface version (low-level interface between an application program and the OS) ● Type: Type of the object file (Relocatable, Executable, Shared object, etc) ● Machine: The required architecture for the file ● Entry point address: The virtual address to which the system first transfers the control thus starting the process. If the file has no associated entry point then it holds 0 ● Start of program headers: Program header table's file offset in bytes. If the file has no program header table then it holds 0 ● Start of section headers: Section header table's file offset in bytes. If the file has no section header table then it holds 0 ● Flags: Processor specific flags ● Section header string table index: The section header table index of the entry associated with the section name string table (This section holds section names)
Section Header Table (.o) #Section Header Table (executable) $readelf -S main.o A Section Header Table is an array of Section Headers $readelf -p '.shstrtab' main.o ● Name: Name of the section ● Type: Type of the section ● PROGBITS: Holds information whose format and meaning are determined solely by the program ● REL: Holds relocation entries without explicit addends ● NOBITS: Occupies no space in the file but otherwise resembles PROGBITS ● STRTAB: Holds a string table ● SYMTAB: Holds a symbol table ● Addr: If this section will appear in the memory image of a process, this member gives the address at which section's first byte should reside. Otherwise it contains 0 ● Off (Offset): The byte offset from the beginning of the file to the first byte in the section ● Size: Section's size in bytes ● ES (Entry Size): Size in bytes of each entry (For the sections which hold a table of fixed-size entries) ● Flg (Flags): Miscellaneous attributes ● W: Contains data that should be writable during process execution ● X: Contains executable machine instructions ● A: Occupies memory during process execution ● Lk (Link), Inf (info): Interpretation depends on section type ● AL (Address Align): Some sections have address alignment constraints. (0, 1 : no constraints)
.symtab Section: Symbol Table (.o) #.symtab & .dynsym Sections: Symbol Tables (executable) $readelf -s main.o $readelf -p '.strtab' main.o Symbol Table holds the information needed to locate and relocate a program's symbolic definitions and references ● Name: Symbol name ● Size: Size in bytes (for symbols which have associated size, e.g. for ● Type: Symbol type data objects). 0 if symbol has no size or unknown size ● NOTYPE: Type not specified ● Ndx (Index): ● OBJECT: Symbol is associated with a data object ● Relevant section header table's index ● FUNC: Symbol is associated with a function or other ● UND: undefined, missing, irrelevant or otherwise executable code meaningless section reference ● SECTION: Symbol is associated with a section ● COM: Unallocated C external variables ● FILE: File symbol ● ABS: Specifies absolute value for the corresponding ● Bind: reference ● LOCAL: Symbol not visible outside the object file in which ● Value: For relocatable files: is defined ● Alignment constraints for a symbol whose Ndx is COM ● GLOBAL: Symbol is visible to all object files being ● Section offset for a defined symbol combined
.data & .bss Sections (.o) #.data & .bss Sections (executable) $objdump -DxtT main.o ● .data: Holds initialized data that contribute towards the program's memory image ● .bss: Holds uninitialized data that contribute to the program's memory image. By definition the system initializes the data with zeros when the program begins to run. The section occupies no file space
.rodata Section (.o) $objdump -s main.o $readelf -p '.rodata' main.o .rodata Section holds read-only data that typically contribute to a non-writable segment in the process image
.text Section (.o) #.text Section (executable) $objdump -DxtT main.o .text Section holds the executable instructions of the program
.rel.text Section (.o) rel.text holds the Relocation Entries for the .text $readelf -r main.o section Relocation entries serve two functions. When a section of code is relocated to a different base address, relocation entries mark the places in the code that have to be modified. In a linkable file, there are also relocation entries that mark references to undefined symbols, so the linker knows where to patch in the symbol's value when the symbol is finally defined Section header table: ● Lk (link): Section header index of the associated symbol table ● Inf (Info): Section header index to which the relocation applies Relocation section: Section Header table entries: ● Offset: The location at which to apply the relocation action. For Relocatable file: ● The byte offset from the beginning of the section to the storage unit affected by the relocation ● Info: ● ((info) >> 8) is the symbol table index w.r.t. which the relocation should be made E.g.: A call instruction's entry would hold symbol table index of the function being called efunc ((0x1302 >> 8)) = 0x13 = 19 ● ((info) & 0xff) is the Relocation Type (processor specific) E.g.: efunc ((0x1302) & 0xff) = 0x02 (R_386_PC32) gei ((0xf01) & 0xff) = 0x01 (R_386_32) The Link Editor merges one or more relocatable files to for the output (executable or shared object file). It first decides how to combine and locate the input files, then updates the symbol values, and finally performs relocation
Linking with External Libraries A Library is a collection of precompiled object files which can be linked into programs E.g. C Math library, etc Two types: ● Static Library: Archive file (.a). A collection of ordinary object files created using the GNU archiver (ar) When a program is linked against a static library, the machine code from the object files for any external functions used by the program is copied from the library into the final executable (Static Linking) ● Shared Library: Shared Object (.so). It is created from the object files using the -shared option of gcc An executable file linked against a shared library contains only a small table of the functions it requires, instead of the complete machine code from the object files for the external functions. Before the executable file starts running, the machine code for the external functions is copied into memory from the shared library file on disk by the operating system (Dynamic Linking) The standard system libraries are usually found in the directories ‘/usr/lib’ and ‘/lib’
Types of Object Files ● Relocatable File: Holds code and data suitable for linking with other object files to create an executable or shared object file ● Executable File: Holds a program suitable for execution ● Shared Object File: Holds code and data suitable for linking in two contexts: ● The Link Editor may process it with other relocatable and shared object files to create another object file ● The Dynamic Linker combines it with an executable file and other shared objects to create a process image
Processing of a User Program contd... main.o *.a *.so *.o edf.o (Static (Shared (Relocatable) (Relocatable) Libraries) Libraries) ld (Link Editor) Program (Executable) ld -dynamic-linker /lib/ld-linux.so.2 /usr/lib/crt1.o /usr/lib/crti.o /usr/lib/gcc/i486-linux-gnu/4.3.2/crtbegin.o -L/usr/lib/gcc/i486- linux-gnu/4.3.2/ main.o edf.o -lgcc -lgcc_eh -lc -lgcc_eh /usr/lib/gcc/i486-linux-gnu/4.3.2/crtend.o /usr/lib/crtn.o -o Program
ELF Header (.o, executable, .so) $readelf -h main.o $readelf -h Program $readelf -h /lib/libc.so.6
Section Header Table (executable) #Section Header Table (.o) $readelf -S Program ● Type: ● NOTE: Holds information that marks the file in some way ● HASH: Holds symbol hash table ● DYNSYM: Holds a symbol table ● DYNAMIC: Holds information for dynamic linking
.symtab & .dynsym Sections: Symbol Tables (executable) #.symtab Section: Symbol Table (.o) $readelf -s Program
.data & .bss Sections (executable) #.data & .bss Sections (.o) $objdump -DxtT Program
.text Section (executable) #.text Section (.o) $objdump -d Program
.Program Header Table (executable) $readelf -l Program An Object File Segment contains one or more Sections Program Header Table is an array of structures, each describing a Segment or other information the system needs to prepare the program for execution ● Offset: Offset from the beginning of the file at which the first byte of the segment resides ● VirtAddr: The virtual address at which the first byte of the segment resides in the memory ● FileSiz: Number of bytes in the file image of the segment ● MemSiz: Number of bytes in the memory image of the segment ● Flg: Permissions (R W E) ● Type: ● PHDR: Specifies the location size of the program header table itself both in file and memory image of the program ● INTERP: Specifies the location and size of a null-terminated path name to invoke as an interpreter ● LOAD: Loadable segment ● DYNAMIC: Specifies dynamic linking information ● Align: Gives the value to which the segments are aligned in memory and in the file
Brief description of some Sections ● Following sections provide information for dynamic linking: ● .dynsym: Holds dynamic linking symbol table ● .dynstr: Holds strings needed for dynamic linking, most commonly the strings that represent the names associated with symbol table entries ● .interp: Holds the pathname of program interpreter ● .hash: Holds a symbol hash table ● .dynamic: Holds dynamic linking information ● .rel & .relname: Holds relocation information ● .got & .plt: Global offset table, Procedure linkage table (Content is processor specific) ● .rela & relaname ● Initialization and termination: ● .init: Holds executable instructions that contribute to the process initialization code. When a program starts to run, the system executes the code in this section before calling the main program entry point ● .fini: Holds executable instructions that contribute to the process termination code. When a program exits normally, the system executes the code in this section
Segment Loading ● Executable File Segments typically contain absolute code. To let the process execute correctly, the segments must reside at the virtual addresses used to build the executable ● Shared Object Segments typically contain position-independent code. This lets a segment's virtual address change from one process to another, without invalidating the execution behavior
An Example of Dynamic Linking
An Example of Dynamic Linking
An Example of Dynamic Linking Dynamic linker updates this with the Virtual address of printf function GNU/LinuxOffline
An Example of Dynamic Linking Dynamic linker updates this with the Virtual address of printf function
References ● http://www.network-theory.co.uk/docs/gccintro/index.html : Introduction to gcc ● Manuals: gcc, ld, ldd, objdump, nm, readelf ● http://www.iecc.com/linker/ : linkers & loaders ● Tool Interface Standard (TIS) Executable and Linking Format (ELF) Specification Version 1.2 ● http://tldp.org/HOWTO/Program-Library-HOWTO/static-libraries.html ● http://www.tldp.org/HOWTO/Program-Library-HOWTO/shared-libraries.html ● http://www.yolinux.com/TUTORIALS/LibraryArchives-StaticAndDynamic.html ● http://www.tenouk.com/Bufferoverflowc/Bufferoverflow1c.html ● http://www.tenouk.com/Bufferoverflowc/Bufferoverflow1b.html
END...

Recomendados

Compilation and Execution
Compilation and ExecutionCompilation and Execution
Compilation and ExecutionChong-Kuan Chen
 
ELF
ELFELF
ELFKoganti Ravikumar
 
06 - ELF format, knowing your friend
06 - ELF format, knowing your friend06 - ELF format, knowing your friend
06 - ELF format, knowing your friendAlexandre Moneger
 
FISL XIV - The ELF File Format and the Linux Loader
FISL XIV - The ELF File Format and the Linux LoaderFISL XIV - The ELF File Format and the Linux Loader
FISL XIV - The ELF File Format and the Linux LoaderJohn Tortugo
 
A hands-on introduction to the ELF Object file format
A hands-on introduction to the ELF Object file formatA hands-on introduction to the ELF Object file format
A hands-on introduction to the ELF Object file formatrety61
 
Something About Dynamic Linking
Something About Dynamic LinkingSomething About Dynamic Linking
Something About Dynamic LinkingWang Hsiangkai
 
Dynamic Linker
Dynamic LinkerDynamic Linker
Dynamic LinkerSanjiv Malik
 
LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723Iftach Ian Amit
 

Recomendados

Compilation and Execution
Compilation and ExecutionCompilation and Execution
Compilation and ExecutionChong-Kuan Chen
 
ELF
ELFELF
ELFKoganti Ravikumar
 
06 - ELF format, knowing your friend
06 - ELF format, knowing your friend06 - ELF format, knowing your friend
06 - ELF format, knowing your friendAlexandre Moneger
 
FISL XIV - The ELF File Format and the Linux Loader
FISL XIV - The ELF File Format and the Linux LoaderFISL XIV - The ELF File Format and the Linux Loader
FISL XIV - The ELF File Format and the Linux LoaderJohn Tortugo
 
A hands-on introduction to the ELF Object file format
A hands-on introduction to the ELF Object file formatA hands-on introduction to the ELF Object file format
A hands-on introduction to the ELF Object file formatrety61
 
Something About Dynamic Linking
Something About Dynamic LinkingSomething About Dynamic Linking
Something About Dynamic LinkingWang Hsiangkai
 
Dynamic Linker
Dynamic LinkerDynamic Linker
Dynamic LinkerSanjiv Malik
 
LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723Iftach Ian Amit
 
Linker and loader upload
Linker and loader uploadLinker and loader upload
Linker and loader uploadBin Yang
 
Loaders
LoadersLoaders
LoadersMohd Arif
 
Linking in MS-Dos System
Linking in MS-Dos SystemLinking in MS-Dos System
Linking in MS-Dos SystemSatyamevjayte Haxor
 
Introduction to loaders
Introduction to loadersIntroduction to loaders
Introduction to loadersTech_MX
 
The Internals of "Hello World" Program
The Internals of "Hello World" ProgramThe Internals of "Hello World" Program
The Internals of "Hello World" ProgramNational Cheng Kung University
 
Assembler
AssemblerAssembler
Assemblerrahulmnnit_cs
 
Linkers And Loaders
Linkers And LoadersLinkers And Loaders
Linkers And LoadersSatpal Parmar
 
Compilation
CompilationCompilation
CompilationDavid Halliday
 
Linkers in compiler
Linkers in compilerLinkers in compiler
Linkers in compilerAsaad Al-nour
 
Embedded Systems: Lecture 11: Introduction to Git & GitHub (Part 2)
Embedded Systems: Lecture 11: Introduction to Git & GitHub (Part 2)Embedded Systems: Lecture 11: Introduction to Git & GitHub (Part 2)
Embedded Systems: Lecture 11: Introduction to Git & GitHub (Part 2)Ahmed El-Arabawy
 
Loaders ( system programming )
Loaders ( system programming ) Loaders ( system programming )
Loaders ( system programming ) Adarsh Patel
 
loaders and linkers
loaders and linkers loaders and linkers
loaders and linkersTemesgen Molla
 
Loaders and Linkers
Loaders and LinkersLoaders and Linkers
Loaders and Linkerskunj desai
 
Python reading and writing files
Python reading and writing filesPython reading and writing files
Python reading and writing filesMukesh Tekwani
 
Creating user-mode debuggers for Windows
Creating user-mode debuggers for WindowsCreating user-mode debuggers for Windows
Creating user-mode debuggers for WindowsMithun Shanbhag
 
Linux programming - Getting self started
Linux programming - Getting self started Linux programming - Getting self started
Linux programming - Getting self started Emertxe Information Technologies Pvt Ltd
 
Spsl unit1
Spsl unit1Spsl unit1
Spsl unit1Sasidhar Kothuru
 
Loader and Its types
Loader and Its typesLoader and Its types
Loader and Its typesParth Dodiya
 
intro unix/linux 08
intro unix/linux 08intro unix/linux 08
intro unix/linux 08duquoi
 
PE File Format
PE File FormatPE File Format
PE File Formatn|u - The Open Security Community
 
Intro reverse engineering
Intro reverse engineeringIntro reverse engineering
Intro reverse engineeringNitin kumar Gupta
 
ELF(executable and linkable format)
ELF(executable and linkable format)ELF(executable and linkable format)
ELF(executable and linkable format)Seungha Son
 

Más contenido relacionado

La actualidad más candente

Linker and loader upload
Linker and loader uploadLinker and loader upload
Linker and loader uploadBin Yang
 
Introduction to loaders
Introduction to loadersIntroduction to loaders
Introduction to loadersTech_MX
 
Embedded Systems: Lecture 11: Introduction to Git & GitHub (Part 2)
Embedded Systems: Lecture 11: Introduction to Git & GitHub (Part 2)Embedded Systems: Lecture 11: Introduction to Git & GitHub (Part 2)
Embedded Systems: Lecture 11: Introduction to Git & GitHub (Part 2)Ahmed El-Arabawy
 
Loaders ( system programming )
Loaders ( system programming ) Loaders ( system programming )
Loaders ( system programming ) Adarsh Patel
 
Loaders and Linkers
Loaders and LinkersLoaders and Linkers
Loaders and Linkerskunj desai
 
Python reading and writing files
Python reading and writing filesPython reading and writing files
Python reading and writing filesMukesh Tekwani
 
Creating user-mode debuggers for Windows
Creating user-mode debuggers for WindowsCreating user-mode debuggers for Windows
Creating user-mode debuggers for WindowsMithun Shanbhag
 
Loader and Its types
Loader and Its typesLoader and Its types
Loader and Its typesParth Dodiya
 
intro unix/linux 08
intro unix/linux 08intro unix/linux 08
intro unix/linux 08duquoi
 

La actualidad más candente (20)

Linker and loader upload
Linker and loader uploadLinker and loader upload
Linker and loader upload
 
Loaders
LoadersLoaders
Loaders
 
Linking in MS-Dos System
Linking in MS-Dos SystemLinking in MS-Dos System
Linking in MS-Dos System
 
Introduction to loaders
Introduction to loadersIntroduction to loaders
Introduction to loaders
 
The Internals of "Hello World" Program
The Internals of "Hello World" ProgramThe Internals of "Hello World" Program
The Internals of "Hello World" Program
 
Assembler
AssemblerAssembler
Assembler
 
Linkers And Loaders
Linkers And LoadersLinkers And Loaders
Linkers And Loaders
 
Compilation
CompilationCompilation
Compilation
 
Linkers in compiler
Linkers in compilerLinkers in compiler
Linkers in compiler
 
Embedded Systems: Lecture 11: Introduction to Git & GitHub (Part 2)
Embedded Systems: Lecture 11: Introduction to Git & GitHub (Part 2)Embedded Systems: Lecture 11: Introduction to Git & GitHub (Part 2)
Embedded Systems: Lecture 11: Introduction to Git & GitHub (Part 2)
 
Loaders ( system programming )
Loaders ( system programming ) Loaders ( system programming )
Loaders ( system programming )
 
loaders and linkers
loaders and linkers loaders and linkers
loaders and linkers
 
Loaders and Linkers
Loaders and LinkersLoaders and Linkers
Loaders and Linkers
 
Python reading and writing files
Python reading and writing filesPython reading and writing files
Python reading and writing files
 
Creating user-mode debuggers for Windows
Creating user-mode debuggers for WindowsCreating user-mode debuggers for Windows
Creating user-mode debuggers for Windows
 
Linux programming - Getting self started
Linux programming - Getting self started Linux programming - Getting self started
Linux programming - Getting self started
 
Spsl unit1
Spsl unit1Spsl unit1
Spsl unit1
 
Loader and Its types
Loader and Its typesLoader and Its types
Loader and Its types
 
intro unix/linux 08
intro unix/linux 08intro unix/linux 08
intro unix/linux 08
 
PE File Format
PE File FormatPE File Format
PE File Format
 

Similar a Program Structure in GNU/Linux (ELF Format)

ELF(executable and linkable format)
ELF(executable and linkable format)ELF(executable and linkable format)
ELF(executable and linkable format)Seungha Son
 
bh-europe-01-clowes
bh-europe-01-clowesbh-europe-01-clowes
bh-europe-01-clowesguest3e5046
 
Build process ppt.pptx
Build process ppt.pptxBuild process ppt.pptx
Build process ppt.pptxSHIVANISRECECE
 
C++ shared libraries and loading
C++ shared libraries and loadingC++ shared libraries and loading
C++ shared libraries and loadingRahul Jamwal
 
DEF CON 23 - Ryan o'neil - advances in linux forensics with ecfs
DEF CON 23 - Ryan o'neil - advances in linux forensics with ecfsDEF CON 23 - Ryan o'neil - advances in linux forensics with ecfs
DEF CON 23 - Ryan o'neil - advances in linux forensics with ecfsFelipe Prado
 
嵌入式Linux課程-GNU Toolchain
嵌入式Linux課程-GNU Toolchain嵌入式Linux課程-GNU Toolchain
嵌入式Linux課程-GNU Toolchain艾鍗科技
 
C-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptx
C-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptxC-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptx
C-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptxSKUP1
 
C-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptx
C-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptxC-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptx
C-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptxLECO9
 
Embedded Systems: Lecture 14: Introduction to GNU Toolchain (Binary Utilities)
Embedded Systems: Lecture 14: Introduction to GNU Toolchain (Binary Utilities)Embedded Systems: Lecture 14: Introduction to GNU Toolchain (Binary Utilities)
Embedded Systems: Lecture 14: Introduction to GNU Toolchain (Binary Utilities)Ahmed El-Arabawy
 
Input and output in c
Input and output in cInput and output in c
Input and output in cRachana Joshi
 
Embedded Systems: Lecture 13: Introduction to GNU Toolchain (Build Tools)
Embedded Systems: Lecture 13: Introduction to GNU Toolchain (Build Tools)Embedded Systems: Lecture 13: Introduction to GNU Toolchain (Build Tools)
Embedded Systems: Lecture 13: Introduction to GNU Toolchain (Build Tools)Ahmed El-Arabawy
 
2023-02-22_Tiberti_CyberX.pdf
2023-02-22_Tiberti_CyberX.pdf2023-02-22_Tiberti_CyberX.pdf
2023-02-22_Tiberti_CyberX.pdfcifoxo
 
VTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERS
VTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERSVTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERS
VTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERSvtunotesbysree
 
Consuming and Creating Libraries in C++
Consuming and Creating Libraries in C++Consuming and Creating Libraries in C++
Consuming and Creating Libraries in C++Richard Thomson
 
Understanding how C program works
Understanding how C program worksUnderstanding how C program works
Understanding how C program worksMindBridgeTech
 

Similar a Program Structure in GNU/Linux (ELF Format) (20)

Intro reverse engineering
Intro reverse engineeringIntro reverse engineering
Intro reverse engineering
 
ELF(executable and linkable format)
ELF(executable and linkable format)ELF(executable and linkable format)
ELF(executable and linkable format)
 
bh-europe-01-clowes
bh-europe-01-clowesbh-europe-01-clowes
bh-europe-01-clowes
 
Unit V.pptx
Unit V.pptxUnit V.pptx
Unit V.pptx
 
Technical Interview
Technical InterviewTechnical Interview
Technical Interview
 
Build process ppt.pptx
Build process ppt.pptxBuild process ppt.pptx
Build process ppt.pptx
 
C++ shared libraries and loading
C++ shared libraries and loadingC++ shared libraries and loading
C++ shared libraries and loading
 
DEF CON 23 - Ryan o'neil - advances in linux forensics with ecfs
DEF CON 23 - Ryan o'neil - advances in linux forensics with ecfsDEF CON 23 - Ryan o'neil - advances in linux forensics with ecfs
DEF CON 23 - Ryan o'neil - advances in linux forensics with ecfs
 
嵌入式Linux課程-GNU Toolchain
嵌入式Linux課程-GNU Toolchain嵌入式Linux課程-GNU Toolchain
嵌入式Linux課程-GNU Toolchain
 
C-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptx
C-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptxC-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptx
C-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptx
 
C-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptx
C-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptxC-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptx
C-Programming C LIBRARIES AND USER DEFINED LIBRARIES.pptx
 
Embedded Systems: Lecture 14: Introduction to GNU Toolchain (Binary Utilities)
Embedded Systems: Lecture 14: Introduction to GNU Toolchain (Binary Utilities)Embedded Systems: Lecture 14: Introduction to GNU Toolchain (Binary Utilities)
Embedded Systems: Lecture 14: Introduction to GNU Toolchain (Binary Utilities)
 
Input and output in c
Input and output in cInput and output in c
Input and output in c
 
Embedded Systems: Lecture 13: Introduction to GNU Toolchain (Build Tools)
Embedded Systems: Lecture 13: Introduction to GNU Toolchain (Build Tools)Embedded Systems: Lecture 13: Introduction to GNU Toolchain (Build Tools)
Embedded Systems: Lecture 13: Introduction to GNU Toolchain (Build Tools)
 
2023-02-22_Tiberti_CyberX.pdf
2023-02-22_Tiberti_CyberX.pdf2023-02-22_Tiberti_CyberX.pdf
2023-02-22_Tiberti_CyberX.pdf
 
VTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERS
VTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERSVTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERS
VTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERS
 
Consuming and Creating Libraries in C++
Consuming and Creating Libraries in C++Consuming and Creating Libraries in C++
Consuming and Creating Libraries in C++
 
Unit v
Unit vUnit v
Unit v
 
File Handling
File HandlingFile Handling
File Handling
 
Understanding how C program works
Understanding how C program worksUnderstanding how C program works
Understanding how C program works
 

Más de Varun Mahajan

I2C Bus (Inter-Integrated Circuit)
I2C Bus (Inter-Integrated Circuit)I2C Bus (Inter-Integrated Circuit)
I2C Bus (Inter-Integrated Circuit)Varun Mahajan
 
I2C Subsystem In Linux-2.6.24
I2C Subsystem In Linux-2.6.24I2C Subsystem In Linux-2.6.24
I2C Subsystem In Linux-2.6.24Varun Mahajan
 
Hibernation in Linux 2.6.29
Hibernation in Linux 2.6.29Hibernation in Linux 2.6.29
Hibernation in Linux 2.6.29Varun Mahajan
 
Process' Virtual Address Space in GNU/Linux
Process' Virtual Address Space in GNU/LinuxProcess' Virtual Address Space in GNU/Linux
Process' Virtual Address Space in GNU/LinuxVarun Mahajan
 
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSIIntroduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSIVarun Mahajan
 

Más de Varun Mahajan (6)

Red Black Trees
Red Black TreesRed Black Trees
Red Black Trees
 
I2C Bus (Inter-Integrated Circuit)
I2C Bus (Inter-Integrated Circuit)I2C Bus (Inter-Integrated Circuit)
I2C Bus (Inter-Integrated Circuit)
 
I2C Subsystem In Linux-2.6.24
I2C Subsystem In Linux-2.6.24I2C Subsystem In Linux-2.6.24
I2C Subsystem In Linux-2.6.24
 
Hibernation in Linux 2.6.29
Hibernation in Linux 2.6.29Hibernation in Linux 2.6.29
Hibernation in Linux 2.6.29
 
Process' Virtual Address Space in GNU/Linux
Process' Virtual Address Space in GNU/LinuxProcess' Virtual Address Space in GNU/Linux
Process' Virtual Address Space in GNU/Linux
 
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSIIntroduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
 

Último

Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024Janet Corral
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 

Último (20)

Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 

Program Structure in GNU/Linux (ELF Format)

  • 1. Program Structure In GNU/Linux Author: Varun Mahajan <varunmahajan06@gmail.com>
  • 2. Contents  $gcc *.c -o Program – Processing of a User Program • Preprocessing • Compilation • Assembly • Linking – ELF Format The content is specific to a GNU/Linux system running on Intel Architecture
  • 3. Processing of a User Program .c .h (C code) cpp main.c main.i cpp OR (C pre-processor) gcc -E main.c -o main.i .i (Preprocessed C code) /usr/lib/gcc/i486-linux-gnu/4.3.2/cc1 -fpreprocessed cc1 main.i -o main.s -quiet (C compiler) OR gcc -S main.i -o main.s .s (Assembly code) as main.s -o main.o as (Assembler) OR gcc main.s -o main.o .o (Object code)
  • 5. ELF Format: Object Files ELF Header Program Header Table (optional) Section Header Table Section 1 ... ... ... ... Section n Except the ELF Header, which is in the beginning of the file, rest of the components may be in any order
  • 6. ELF Header (.o) $readelf -h main.o ELF Identification Relocation is the process of connecting symbolic references with symbolic definitions. For example, when a program calls a function, the associated call instruction must transfer control to the proper destination address at execution Relocatable files must have information that describes how to modify their section contents, thus allowing executable and shared object files to hold the right information for a process's program image An ELF header resides at the beginning and holds a 'road map' describing the file's organization ● ELF Identification: (16 bytes) ● Magic no: Identifies the file as ELF object file [0x7f, 'E', 'L', 'F'] ● Class: Identifies file's class or capacity. ELF32 supports machines with files and virtual address spaces up to 4 gigabytes ● Data: Data encoding for processor-specific data in the object file ● Version: ELF header version number ● OS/ABI: Operating system ● ABI Version: Application Binary Interface version (low-level interface between an application program and the OS) ● Type: Type of the object file (Relocatable, Executable, Shared object, etc) ● Machine: The required architecture for the file ● Entry point address: The virtual address to which the system first transfers the control thus starting the process. If the file has no associated entry point then it holds 0 ● Start of program headers: Program header table's file offset in bytes. If the file has no program header table then it holds 0 ● Start of section headers: Section header table's file offset in bytes. If the file has no section header table then it holds 0 ● Flags: Processor specific flags ● Section header string table index: The section header table index of the entry associated with the section name string table (This section holds section names)
  • 7. Section Header Table (.o) #Section Header Table (executable) $readelf -S main.o A Section Header Table is an array of Section Headers $readelf -p '.shstrtab' main.o ● Name: Name of the section ● Type: Type of the section ● PROGBITS: Holds information whose format and meaning are determined solely by the program ● REL: Holds relocation entries without explicit addends ● NOBITS: Occupies no space in the file but otherwise resembles PROGBITS ● STRTAB: Holds a string table ● SYMTAB: Holds a symbol table ● Addr: If this section will appear in the memory image of a process, this member gives the address at which section's first byte should reside. Otherwise it contains 0 ● Off (Offset): The byte offset from the beginning of the file to the first byte in the section ● Size: Section's size in bytes ● ES (Entry Size): Size in bytes of each entry (For the sections which hold a table of fixed-size entries) ● Flg (Flags): Miscellaneous attributes ● W: Contains data that should be writable during process execution ● X: Contains executable machine instructions ● A: Occupies memory during process execution ● Lk (Link), Inf (info): Interpretation depends on section type ● AL (Address Align): Some sections have address alignment constraints. (0, 1 : no constraints)
  • 8. .symtab Section: Symbol Table (.o) #.symtab & .dynsym Sections: Symbol Tables (executable) $readelf -s main.o $readelf -p '.strtab' main.o Symbol Table holds the information needed to locate and relocate a program's symbolic definitions and references ● Name: Symbol name ● Size: Size in bytes (for symbols which have associated size, e.g. for ● Type: Symbol type data objects). 0 if symbol has no size or unknown size ● NOTYPE: Type not specified ● Ndx (Index): ● OBJECT: Symbol is associated with a data object ● Relevant section header table's index ● FUNC: Symbol is associated with a function or other ● UND: undefined, missing, irrelevant or otherwise executable code meaningless section reference ● SECTION: Symbol is associated with a section ● COM: Unallocated C external variables ● FILE: File symbol ● ABS: Specifies absolute value for the corresponding ● Bind: reference ● LOCAL: Symbol not visible outside the object file in which ● Value: For relocatable files: is defined ● Alignment constraints for a symbol whose Ndx is COM ● GLOBAL: Symbol is visible to all object files being ● Section offset for a defined symbol combined
  • 9. .data & .bss Sections (.o) #.data & .bss Sections (executable) $objdump -DxtT main.o ● .data: Holds initialized data that contribute towards the program's memory image ● .bss: Holds uninitialized data that contribute to the program's memory image. By definition the system initializes the data with zeros when the program begins to run. The section occupies no file space
  • 10. .rodata Section (.o) $objdump -s main.o $readelf -p '.rodata' main.o .rodata Section holds read-only data that typically contribute to a non-writable segment in the process image
  • 11. .text Section (.o) #.text Section (executable) $objdump -DxtT main.o .text Section holds the executable instructions of the program
  • 12. .rel.text Section (.o) rel.text holds the Relocation Entries for the .text $readelf -r main.o section Relocation entries serve two functions. When a section of code is relocated to a different base address, relocation entries mark the places in the code that have to be modified. In a linkable file, there are also relocation entries that mark references to undefined symbols, so the linker knows where to patch in the symbol's value when the symbol is finally defined Section header table: ● Lk (link): Section header index of the associated symbol table ● Inf (Info): Section header index to which the relocation applies Relocation section: Section Header table entries: ● Offset: The location at which to apply the relocation action. For Relocatable file: ● The byte offset from the beginning of the section to the storage unit affected by the relocation ● Info: ● ((info) >> 8) is the symbol table index w.r.t. which the relocation should be made E.g.: A call instruction's entry would hold symbol table index of the function being called efunc ((0x1302 >> 8)) = 0x13 = 19 ● ((info) & 0xff) is the Relocation Type (processor specific) E.g.: efunc ((0x1302) & 0xff) = 0x02 (R_386_PC32) gei ((0xf01) & 0xff) = 0x01 (R_386_32) The Link Editor merges one or more relocatable files to for the output (executable or shared object file). It first decides how to combine and locate the input files, then updates the symbol values, and finally performs relocation
  • 13. Linking with External Libraries A Library is a collection of precompiled object files which can be linked into programs E.g. C Math library, etc Two types: ● Static Library: Archive file (.a). A collection of ordinary object files created using the GNU archiver (ar) When a program is linked against a static library, the machine code from the object files for any external functions used by the program is copied from the library into the final executable (Static Linking) ● Shared Library: Shared Object (.so). It is created from the object files using the -shared option of gcc An executable file linked against a shared library contains only a small table of the functions it requires, instead of the complete machine code from the object files for the external functions. Before the executable file starts running, the machine code for the external functions is copied into memory from the shared library file on disk by the operating system (Dynamic Linking) The standard system libraries are usually found in the directories ‘/usr/lib’ and ‘/lib’
  • 14. Types of Object Files ● Relocatable File: Holds code and data suitable for linking with other object files to create an executable or shared object file ● Executable File: Holds a program suitable for execution ● Shared Object File: Holds code and data suitable for linking in two contexts: ● The Link Editor may process it with other relocatable and shared object files to create another object file ● The Dynamic Linker combines it with an executable file and other shared objects to create a process image
  • 15. Processing of a User Program contd... main.o *.a *.so *.o edf.o (Static (Shared (Relocatable) (Relocatable) Libraries) Libraries) ld (Link Editor) Program (Executable) ld -dynamic-linker /lib/ld-linux.so.2 /usr/lib/crt1.o /usr/lib/crti.o /usr/lib/gcc/i486-linux-gnu/4.3.2/crtbegin.o -L/usr/lib/gcc/i486- linux-gnu/4.3.2/ main.o edf.o -lgcc -lgcc_eh -lc -lgcc_eh /usr/lib/gcc/i486-linux-gnu/4.3.2/crtend.o /usr/lib/crtn.o -o Program
  • 16. ELF Header (.o, executable, .so) $readelf -h main.o $readelf -h Program $readelf -h /lib/libc.so.6
  • 17. Section Header Table (executable) #Section Header Table (.o) $readelf -S Program ● Type: ● NOTE: Holds information that marks the file in some way ● HASH: Holds symbol hash table ● DYNSYM: Holds a symbol table ● DYNAMIC: Holds information for dynamic linking
  • 18. .symtab & .dynsym Sections: Symbol Tables (executable) #.symtab Section: Symbol Table (.o) $readelf -s Program
  • 19. .data & .bss Sections (executable) #.data & .bss Sections (.o) $objdump -DxtT Program
  • 20. .text Section (executable) #.text Section (.o) $objdump -d Program
  • 21. .Program Header Table (executable) $readelf -l Program An Object File Segment contains one or more Sections Program Header Table is an array of structures, each describing a Segment or other information the system needs to prepare the program for execution ● Offset: Offset from the beginning of the file at which the first byte of the segment resides ● VirtAddr: The virtual address at which the first byte of the segment resides in the memory ● FileSiz: Number of bytes in the file image of the segment ● MemSiz: Number of bytes in the memory image of the segment ● Flg: Permissions (R W E) ● Type: ● PHDR: Specifies the location size of the program header table itself both in file and memory image of the program ● INTERP: Specifies the location and size of a null-terminated path name to invoke as an interpreter ● LOAD: Loadable segment ● DYNAMIC: Specifies dynamic linking information ● Align: Gives the value to which the segments are aligned in memory and in the file
  • 22. Brief description of some Sections ● Following sections provide information for dynamic linking: ● .dynsym: Holds dynamic linking symbol table ● .dynstr: Holds strings needed for dynamic linking, most commonly the strings that represent the names associated with symbol table entries ● .interp: Holds the pathname of program interpreter ● .hash: Holds a symbol hash table ● .dynamic: Holds dynamic linking information ● .rel & .relname: Holds relocation information ● .got & .plt: Global offset table, Procedure linkage table (Content is processor specific) ● .rela & relaname ● Initialization and termination: ● .init: Holds executable instructions that contribute to the process initialization code. When a program starts to run, the system executes the code in this section before calling the main program entry point ● .fini: Holds executable instructions that contribute to the process termination code. When a program exits normally, the system executes the code in this section
  • 23. Segment Loading ● Executable File Segments typically contain absolute code. To let the process execute correctly, the segments must reside at the virtual addresses used to build the executable ● Shared Object Segments typically contain position-independent code. This lets a segment's virtual address change from one process to another, without invalidating the execution behavior
  • 24. An Example of Dynamic Linking
  • 25. An Example of Dynamic Linking
  • 26. An Example of Dynamic Linking Dynamic linker updates this with the Virtual address of printf function GNU/LinuxOffline
  • 27. An Example of Dynamic Linking Dynamic linker updates this with the Virtual address of printf function
  • 28. References ● http://www.network-theory.co.uk/docs/gccintro/index.html : Introduction to gcc ● Manuals: gcc, ld, ldd, objdump, nm, readelf ● http://www.iecc.com/linker/ : linkers & loaders ● Tool Interface Standard (TIS) Executable and Linking Format (ELF) Specification Version 1.2 ● http://tldp.org/HOWTO/Program-Library-HOWTO/static-libraries.html ● http://www.tldp.org/HOWTO/Program-Library-HOWTO/shared-libraries.html ● http://www.yolinux.com/TUTORIALS/LibraryArchives-StaticAndDynamic.html ● http://www.tenouk.com/Bufferoverflowc/Bufferoverflow1c.html ● http://www.tenouk.com/Bufferoverflowc/Bufferoverflow1b.html