提供对ELF文件的一些解析,仅支持32位,出版,进行了部分测试(并不保证完全正确,只是一个帮助作用吧,相互学习借鉴)
最外层的头文件
#ifndef UTIL_H
#define UTIL_H
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <time.h>
#include <fcntl.h>
#include <sys/elf.h>
#include<sys/stat.h>
#include "Types.h"
#include "Helper.h"
#define GET_SIZE(n) (sizeof(n))
#define PRINT_PRE_FIVE_BYTE(p) printf("0x%.8x 0x%.8x 0x%.8x 0x%.8x 0x%.8x \n", \
*(u1*)p,*(u1*)(p+4),*(u1*)(p+8),*(u1*)(p+12),*(u1*)(p+16)) \
#ifndef PT_ARM_EXIDX
#define PT_ARM_EXIDX 0X70000001
#endif
#ifndef SHT_MIPS_MSYM
#define SHT_MIPS_MSYM 0X70000001
#endif
#ifndef SHT_MIPS_GPTAB
#define SHT_MIPS_GPTAB 0x70000003
#endif
#ifndef DT_GNU_PRELINKED
#define DT_GNU_PRELINKED 0x6ffffdf5
#endif
#ifndef DT_GNU_LIBLIST
#define DT_GNU_LIBLIST 0x6ffffef9 /* Library list */
#endif
#ifndef DT_GNU_LIBLISTSZ
#define DT_GNU_LIBLISTSZ 0x6ffffdf7 /* Size of library list */
#endif
#ifndef DT_GNU_CONFLICT
#define DT_GNU_CONFLICT 0x6ffffef8 /* Start of conflict section */
#endif
#ifndef DT_GNU_CONFLICTSZ
#define DT_GNU_CONFLICTSZ 0x6ffffdf6 /* Size of conflict section */
#endif
/* Flags for the feature selection in DT_FEATURE_1. */
#ifndef DTF_1_PARINIT
#define DTF_1_PARINIT 0x00000001
#endif
#ifndef DTF_1_CONFEXP
#define DTF_1_CONFEXP 0x00000002
#endif
/* Flags in the DT_POSFLAG_1 entry effecting only the next DT_* entry. */
#ifndef DF_P1_LAZYLOAD
#define DF_P1_LAZYLOAD 0x00000001 /* Lazyload following object. */
#endif
#ifndef DF_P1_GROUPPERM
#define DF_P1_GROUPPERM 0x00000002 /* Symbols from next object are not
#endif
#ifdef FIND_ELF_MARCO
//State flags selectable in the `d_un.d_val' element of the DT_FLAGS_1 entry in the dynamic section. */
#define DF_1_GROUP 0x00000004 /* Set RTLD_GROUP for this object. */
#define DF_1_INITFIRST 0x00000020 /* Set RTLD_INITFIRST for this object*/
#define DF_1_DIRECT 0x00000100 /* Direct binding enabled. */
#define DF_1_TRANS 0x00000200
#define DF_1_INTERPOSE 0x00000400 /* Object is used to interpose. */
#define DF_1_NODUMP 0x00001000 /* Object can't be dldump'ed. */
#define DF_1_CONFALT 0x00002000 /* Configuration alternative created.*/
#define DF_1_ENDFILTEE 0x00004000 /* Filtee terminates filters search. */
#define DF_1_DISPRELDNE 0x00008000 /* Disp reloc applied at build time. */
#define DF_1_DISPRELPND 0x00010000 /* Disp reloc applied at run-time. */ generally available. */
#endif
#ifdef __cplusplus
extern "C" {
#endif
typedef struct {
u4 nSize;
u1* base;
}MemMapping;
typedef struct{
u4 type;
u4 link;
u4 info;
u4 nSize;
u4 nEntSize;
u1 name[256];
u1* base;
}LookupSection;
int init_mem_mapping(const char* elf_path,MemMapping* mem);
Elf32_Ehdr* get_elf_header(MemMapping* mem);
void print_elf_header(MemMapping* mem,Elf32_Ehdr* pHeader);
Elf32_Phdr* get_elf_program_header_table(MemMapping* mem,Elf32_Ehdr* pHeader);
void print_elf_program_header_table(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Phdr* pPheader);
Elf32_Shdr* get_elf_section_header_table(MemMapping* mem,Elf32_Ehdr* pHeader);
u1* get_elf_section_of_shstr_table(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader);
void print_elf_section_header_table(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader);
void print_elf_string_table(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader);
void print_elf_interpreter(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader);
void print_elf_dynamic_string_table(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader);
void print_elf_section_of_dynamic(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader);
LookupSection* get_section_by_index(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader,u1 index);
Elf32_Sym* get_elf_section_of_sym_table(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader);
void print_elf_section_of_sym_table(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader);
Elf32_Sym* get_elf_section_of_dynsym_table(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader);
void print_elf_section_of_dyn_sym_table(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader);
void print_elf_section_of_reldyn(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader);
void print_elf_section_of_relplt(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader);
void print_elf_section_of_allrela(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader);
#ifdef __cplusplus
}
#endif
#endif /* UTIL_H */
/*
* ElfParser.c
*
* Created on: 2014年7月19日
* Author: angel-toms
*/
#include "ElfParser.h"
int init_mem_mapping(const char* elf_path,MemMapping* mem){
int nRet = -1;
int fd = -1;
printf("elf path : %s\n",elf_path);
fd = open(elf_path,O_RDONLY);
if(fd < 0){
perror("Error,open elf file\n");
goto bail;
}
mem->nSize = get_file_size(elf_path);
if(mem->nSize == 0)
goto bail;
mem->base = malloc(mem->nSize);
if(NULL == mem->base){
perror("Error,malloc mem mapping faild\n");
goto bail;
}
memset(mem->base,0,mem->nSize);
if(read(fd,mem->base,mem->nSize) <= 0){
perror("Error,read mem mapping faild\n");
free(mem->base);
mem->base = NULL;
goto bail;
}
nRet = 0;
bail:
if(fd)
close(fd);
return nRet;
}
LookupSection* get_section_by_index(MemMapping* mem,Elf32_Ehdr* pHeader,Elf32_Shdr* pSheader,u1 index){
LookupSection* pLookupSection = NULL;
u1* pStringTable = get_elf_section_of_shstr_table(mem,pHeader,pSheader);
if(NULL == pStringTable){
printf("Error,get string table failed !\n");
return NULL;
}
if(index > pHeader->e_shnum){
printf("Error,out of the sections bound !\n");
return NULL;
}
pLookupSection = calloc(1,GET_SIZE(LookupSection));
if(NULL == pLookupSection){
perror("Error,calloc LookupSection failed");
return NULL;
}
pLookupSection->type = pSheader[index].sh_type;
pLookupSection->link = pSheader[index].sh_link;
pLookupSection->info = pSheader[index].sh_info;
pLookupSection->nSize = pSheader[index].sh_size;
pLookupSection->nEntSize = pSheader[index].sh_entsize;
const char* inxName = (char*)(pStringTable + pSheader[index].sh_name);
memcpy(pLookupSection->name,inxName,strlen(inxName));
pLookupSection->base = (u1*)(mem->base + pSheader[index].sh_offset);
return pLookupSection;
}