ELF格式:
节条目可以存储在任何位置,按偏移量指定
所以我想把一个节条目(.dynsym)移到另一个位置,而且,仅适用于ELF32
实用程序下载链接: http://www10.zippyshare.com/v/25037401/file.html
The Process:
1. ModifyElf.exe
I write a utility called ModifyElf.exe, it can move a section entry of elf file. Usage:
ModifyElf.exe <srcfile> <dstfile> <sectionname> <mov2fileend:0|1> <clearold:0|1>
args:
<srcfile> -> src so file path
<dstfile> -> dst so file path
<sectionname> -> section name, just support ".dynsym " currently
<mov2fileend:0|1> -> mov2fileend:0 move section entry to the unused zero zone of so file, don't increase file size
mov2fileend:1 move section entry to the end of so file,will increase file size
<clearold:0|1> -> clearold:0 don't clear the original section entry
clearold:1 set all bytes of original section entry to 0xFF
for example:
ModifyElf.exe e:\test\libfoo_ori.so e:\test\libfoo.so .dynsym mov2fileend:0 clearold:1
2. libfoo.so and linux_hello
linux_hello call dlopen to load libfoo.so,and call myfn from libfoo.so, myfn just printf a string
neil0@vm32:~/share/test$ sudo chmod a+x linux_hello
neil0@vm32:~/share/test$ export LD_LIBRARY_PATH=~/share/test:$LD_LIBRARY_PATH
neil0@vm32:~/share/test$ ./linux_hello
dlopen ok!
call myfn...!
3. modify and exec
run ModifyElf.exe e:\test\libfoo_ori.so e:\test\libfoo.so .dynsym mov2fileend:0 clearold:1
move section entry to zero zone, get a new so file, replace it in linux,and exec linux_hello, it's OK!You can use file compare tool to see diff between libfoo.so and libfoo_ori.so
run ModifyElf.exe e:\test\libfoo_ori.so e:\test\libfoo.so .dynsym mov2fileend:1 clearold:1
move section entry to file end,get a new so file, replace it in linux,and exec linux_hello, it's said "Segmentation fault"
所以你能告诉我为什么我不能把它移到文件结束,如果我想这样做我该怎么办?谢谢!