C 读取给定零值的elf结构
我有一个简单的cprogram来读取elf执行文件C 读取给定零值的elf结构,c,linker,elf,C,Linker,Elf,我有一个简单的cprogram来读取elf执行文件 #include <stdint.h> #include <inttypes.h> #include <elf.h> #include <stdio.h> #include <stdlib.h> #pragma pack(push,1) typedef uint32_t uint32; typedef uint16_t uint16; typedef uint8_t uint8;
#include <stdint.h>
#include <inttypes.h>
#include <elf.h>
#include <stdio.h>
#include <stdlib.h>
#pragma pack(push,1)
typedef uint32_t uint32;
typedef uint16_t uint16;
typedef uint8_t uint8;
typedef struct
{
uint8 e_ident[16];
uint16 e_type;
uint16 e_machine;
uint32 e_version;
uint32 e_entry;
uint32 e_phoff;
uint32 e_shoff;
uint32 e_flags;
uint16 e_ehsize;
uint16 e_phentsize;
uint16 e_phnum;
uint16 e_shentsize;
uint16 e_shnum;
uint16 e_shstrndx;
} Elf32Hdr;
typedef struct
{
uint32 sh_name;
uint32 sh_type;
uint32 sh_flags;
uint32 sh_addr;
uint32 sh_offset;
uint32 sh_size;
uint32 sh_link;
uint32 sh_info;
uint32 sh_addralign;
uint32 sh_entsize;
} Elf32SectHdr;
#pragma pack(pop)
main()
{
printf ("Main()");
char mystring [100];
FILE* ElfFile = NULL;
FILE* ofile = NULL;
char* SectNames = NULL;
Elf32Hdr hdr;
Elf32SectHdr shdr;
uint idx;
ElfFile = fopen ( "test.o" , "rb" );
if (ElfFile==NULL)
{
printf ("\nFile error");
exit (1);
}
if (1 != fread(&hdr, sizeof(hdr), 1, ElfFile))
{
printf("failed to read elf header\n");
exit(1);
}
int i;
printf("\nMagic :");
for(i=0;i<15;++i)
printf(" %x",hdr.e_ident[i]);
char *class;
if(hdr.e_ident[4]==2)
class = "64";
if(hdr.e_ident[4]==1)
class = "32";
if(hdr.e_ident[4]==0)
class = "Inavalid Class";
printf("\nClass :\t\t\t%c%c%c%s",hdr.e_ident[1],hdr.e_ident[2],hdr.e_ident[3],class);
printf("\nType :\t\t\t ");
if(hdr.e_type == 1)
printf("Relocatable\n");
else if(hdr.e_type == 2)
printf("Executable\n");
else if(hdr.e_type == 3)
printf("Shared Object\n");
else
printf("Unknown\n");
printf("\nVersion :\t\t\tt%"PRIu32,hdr.e_version);
if(hdr.e_machine==62)
printf("\nMachine :\t\t\t AMD x86-64 architecture");
printf("\nEntry point address :\t\t\t %"PRIu32,hdr.e_entry);
printf("\nStart of program headers :\t\t\t %"PRIu32,hdr.e_phoff);
printf("\nStart of section headers :\t\t\t %"PRIu32,hdr.e_shoff);
printf("\nNumber of program headers :\t\t\t %d\n", hdr.e_phnum);
fseek(ElfFile, hdr.e_shoff + hdr.e_shstrndx * sizeof shdr, SEEK_SET);
if (1 != fread(&shdr, 1, sizeof shdr, ElfFile))
{
printf("failed to read elf section header\n");
exit(1);
}
}
#包括
#包括
#包括
#包括
#包括
#pragma包(推送,1)
类型定义uint32\u t uint32;
类型定义uint16\u t uint16;
类型定义单元8_t单元8;
类型定义结构
{
uint8 e_ident[16];
uint16 e_型;
uint16电子设备;
uint32电子版;
uint32 e_条目;
uint32 e_phoff;
uint32 e_shoff;
uint32 e_旗;
uint16 e_ehsize;
uint16 e_phentsize;
uint16 e_phnum;
uint16 e_shentsize;
uint16 e_shnum;
uint16 e_shstrndx;
}Elf32Hdr;
类型定义结构
{
uint32 sh_名称;
uint32 sh_型;
uint32 sh_旗;
uint32上海地址;
uint32 sh_偏移量;
uint32 sh_尺寸;
uint32 sh_链路;
uint32上海大学信息;
uint32 sh_addralign;
uint32 sh_入口尺寸;
}ELF32HDR;
#布拉格语包(流行语)
main()
{
printf(“Main()”);
char mystring[100];
FILE*ElfFile=NULL;
FILE*ofile=NULL;
char*SectNames=NULL;
Elf32Hdr-hdr;
ELF32HDR shdr;
uint-idx;
ElfFile=fopen(“test.o”、“rb”);
if(ElfFile==NULL)
{
printf(“\n文件错误”);
出口(1);
}
if(1!=fread(&hdr,sizeof(hdr),1,elf文件))
{
printf(“读取elf头失败\n”);
出口(1);
}
int i;
printf(“\n语法:”);
对于(i=0;i您正试图将64位elf头读取到32位头,从而导致问题。
试着用这个,
typedef struct elf64_hdr {
unsigned char e_ident[16]; /* ELF "magic number" */
Elf64_Half e_type;
Elf64_Half e_machine;
Elf64_Word e_version;
Elf64_Addr e_entry; /* Entry point virtual address */
Elf64_Off e_phoff; /* Program header table file offset */
Elf64_Off e_shoff; /* Section header table file offset */
Elf64_Word e_flags;
Elf64_Half e_ehsize;
Elf64_Half e_phentsize;
Elf64_Half e_phnum;
Elf64_Half e_shentsize;
Elf64_Half e_shnum;
Elf64_Half e_shstrndx;
} Elf64_Ehdr;
或
只用
Elf64_Ehdr hdr;
在main中,而不是重新声明整个结构。希望这对您有所帮助在此'if(hdr.e_machine==62)'之后,有三个格式不好的printf。它只有'printf(“…%”,args),并且缺少类型“d”、“c”或“x”等。否。它适用于数据类型uint32,也适用于使用d c时,或者x不起作用。我看到了。我不知道PRIu32的这个功能。可能是因为对于64位ELF文件,头长为64字节,这3个字段应该存储在更大的类型中。谢谢,我现在检查一下