diff --git a/README.md b/README.md index eb4c292..8cfbbec 100644 --- a/README.md +++ b/README.md @@ -94,125 +94,131 @@ ELF File Section Headers: --------------------------------------------------------------------- [0] NULL 0 0 - 0 0 0 0 0 0 + 0 0 0 0 0 --------------------------------------------------------------------- [1] .interp PROGBITS 0x318 792 - 28 0 0x2 0 0 1 + 28 0 A 0 0 1 --------------------------------------------------------------------- [2] .note.gnu.property NOTE 0x338 824 - 48 0 0x2 0 0 8 + 48 0 A 0 0 8 --------------------------------------------------------------------- [3] .note.gnu.build-id NOTE 0x368 872 - 36 0 0x2 0 0 4 + 36 0 A 0 0 4 --------------------------------------------------------------------- [4] .note.ABI-tag NOTE 0x38c 908 - 32 0 0x2 0 0 4 + 32 0 A 0 0 4 --------------------------------------------------------------------- [5] .gnu.hash 0x6ffffff6 0x3b0 944 - 240 0 0x2 6 0 8 + 240 0 A 6 0 8 --------------------------------------------------------------------- [6] .dynsym DYNSYM 0x4a0 1184 - 8568 24 0x2 7 1 8 + 8568 24 A 7 1 8 --------------------------------------------------------------------- [7] .dynstr STRTAB 0x2618 9752 - 4267 0 0x2 0 0 1 + 4267 0 A 0 0 1 --------------------------------------------------------------------- [8] .gnu.version 0x6fffffff 0x36c4 14020 - 714 2 0x2 6 0 2 + 714 2 A 6 0 2 --------------------------------------------------------------------- [9] .gnu.version_r 0x6ffffffe 0x3990 14736 - 320 0 0x2 7 5 8 + 320 0 A 7 5 8 --------------------------------------------------------------------- [10] .rela.dyn RELA 0x3ad0 15056 - 202464 24 0x2 6 0 8 + 202464 24 A 6 0 8 --------------------------------------------------------------------- [11] .rela.plt RELA 0x351b0 217520 - 7704 24 0x42 6 25 8 + 7704 24 IA 6 25 8 --------------------------------------------------------------------- [12] .init PROGBITS 0x37000 225280 - 27 0 0x6 0 0 4 + 27 0 XA 0 0 4 --------------------------------------------------------------------- [13] .plt PROGBITS 0x37020 225312 - 5152 16 0x6 0 0 16 + 5152 16 XA 0 0 16 --------------------------------------------------------------------- [14] .plt.got PROGBITS 0x38440 230464 - 48 16 0x6 0 0 16 + 48 16 XA 0 0 16 --------------------------------------------------------------------- [15] .plt.sec PROGBITS 0x38470 230512 - 5136 16 0x6 0 0 16 + 5136 16 XA 0 0 16 --------------------------------------------------------------------- [16] .text PROGBITS 0x39880 235648 - 2845383 0 0x6 0 0 16 + 2845383 0 XA 0 0 16 --------------------------------------------------------------------- [17] .fini PROGBITS 0x2f0348 3081032 - 13 0 0x6 0 0 4 + 13 0 XA 0 0 4 --------------------------------------------------------------------- [18] .rodata PROGBITS 0x2f1000 3084288 - 166822 0 0x2 0 0 32 + 166822 0 A 0 0 32 --------------------------------------------------------------------- [19] .eh_frame_hdr PROGBITS 0x319ba8 3251112 - 37684 0 0x2 0 0 4 + 37684 0 A 0 0 4 --------------------------------------------------------------------- [20] .eh_frame PROGBITS 0x322ee0 3288800 - 265108 0 0x2 0 0 8 + 265108 0 A 0 0 8 --------------------------------------------------------------------- [21] .init_array INIT_ARRAY 0x365230 3555888 - 8 8 0x3 0 0 8 + 8 8 AW 0 0 8 --------------------------------------------------------------------- [22] .fini_array FINI_ARRAY 0x365238 3555896 - 8 8 0x3 0 0 8 + 8 8 AW 0 0 8 --------------------------------------------------------------------- [23] .data.rel.ro PROGBITS 0x365240 3555904 - 65792 0 0x3 0 0 32 + 65792 0 AW 0 0 32 --------------------------------------------------------------------- [24] .dynamic DYNAMIC 0x375340 3621696 - 608 16 0x3 7 0 8 + 608 16 AW 7 0 8 --------------------------------------------------------------------- [25] .got PROGBITS 0x3755a0 3622304 - 2648 8 0x3 0 0 8 + 2648 8 AW 0 0 8 --------------------------------------------------------------------- [26] .data PROGBITS 0x376000 3624960 - 160601 0 0x3 0 0 32 + 160601 0 AW 0 0 32 --------------------------------------------------------------------- [27] .bss NOBITS 0x39d360 3785561 - 58176 0 0x3 0 0 32 + 58176 0 AW 0 0 32 --------------------------------------------------------------------- [28] .gnu_debuglink PROGBITS 0 3785564 - 52 0 0 0 0 4 + 52 0 0 0 4 --------------------------------------------------------------------- [29] .shstrtab STRTAB 0 3785616 - 285 0 0 0 0 1 + 285 0 0 0 1 --------------------------------------------------------------------- +Section Header flag legend: +W (write), A (alloc), X (execute), M (merge), S (strings), +I (info), L (link order), O (extra OS processing required), +G (group), T (TLS), o (OS specific), P (processor specific), +R (ordered), E (exclude) + ELF File Segment (Program) Headers: @@ -220,45 +226,48 @@ Type Offset VirtAddr PhysAddr FileSiz MemSiz Flags Align --------------------------------------------------------------------- PHDR 0x40 0x40 0x40 - 0x2d8 0x2d8 0x4 0x8 + 0x2d8 0x2d8 R 0x8 --------------------------------------------------------------------- INTERP 0x318 0x318 0x318 - 0x1c 0x1c 0x4 0x1 + 0x1c 0x1c R 0x1 --------------------------------------------------------------------- LOAD 0 0 0 - 0x36fc8 0x36fc8 0x4 0x1000 + 0x36fc8 0x36fc8 R 0x1000 --------------------------------------------------------------------- LOAD 0x37000 0x37000 0x37000 - 0x2b9355 0x2b9355 0x5 0x1000 + 0x2b9355 0x2b9355 RX 0x1000 --------------------------------------------------------------------- LOAD 0x2f1000 0x2f1000 0x2f1000 - 0x72a74 0x72a74 0x4 0x1000 + 0x72a74 0x72a74 R 0x1000 --------------------------------------------------------------------- LOAD 0x364230 0x365230 0x365230 - 0x38129 0x46470 0x6 0x1000 + 0x38129 0x46470 RW 0x1000 --------------------------------------------------------------------- DYNAMIC 0x374340 0x375340 0x375340 - 0x260 0x260 0x6 0x8 + 0x260 0x260 RW 0x8 --------------------------------------------------------------------- NOTE 0x338 0x338 0x338 - 0x30 0x30 0x4 0x8 + 0x30 0x30 R 0x8 --------------------------------------------------------------------- NOTE 0x368 0x368 0x368 - 0x44 0x44 0x4 0x4 + 0x44 0x44 R 0x4 --------------------------------------------------------------------- 0x6474e553 0x338 0x338 0x338 - 0x30 0x30 0x4 0x8 + 0x30 0x30 R 0x8 --------------------------------------------------------------------- 0x6474e550 0x319ba8 0x319ba8 0x319ba8 - 0x9334 0x9334 0x4 0x4 + 0x9334 0x9334 R 0x4 --------------------------------------------------------------------- 0x6474e551 0 0 0 - 0 0 0x6 0x10 + 0 0 RW 0x10 --------------------------------------------------------------------- 0x6474e552 0x364230 0x365230 0x365230 - 0x10dd0 0x10dd0 0x4 0x1 + 0x10dd0 0x10dd0 R 0x1 --------------------------------------------------------------------- +Program (Segment) Header flag legend: +X (execute), W (write), R (read) + Dynamic dependencies listed in the ELF file: -> libm.so.6 diff --git a/include/pelf.h b/include/pelf.h index 71e4f03..8b8dee7 100644 --- a/include/pelf.h +++ b/include/pelf.h @@ -9,8 +9,23 @@ #define MAGIC_BYTE_COUNT 4 #define SHN_UNDEF 0 #define SHN_XINDEX 0xffff +#define NUM_SEC_FLAGS 14 +#define NUM_SEG_FLAGS 3 const char *ELF_MAGIC_BYTES = "\x7F" "ELF"; +const uint64_t SEC_FLAG_VAL[14] = {0x1, 0x2, 0x4, 0x10, + 0x20, 0x40, 0x80, 0x100, + 0x200, 0x400, 0x0FF00000, 0xF0000000, + 0x4000000, 0x8000000}; // Maintain ascending + // order +const char *SEC_FLAG_STR[14] = { + "W", "A", "X", "M", "S", "I", "L", + "O", "G", "T", "o", "P", "R", "E"}; // Values correspond to the values in + // SEC_FLAG_VAL +const uint64_t SEG_FLAG_VAL[3] = {0x1, 0x2, 0x4}; // Maintain ascending + // order +const char *SEG_FLAG_STR[3] = {"X", "W", "R"}; // Values correspond to the + // values in SEG_FLAG_VAL // Structure definitions // 64-bit ELF (file) header @@ -85,6 +100,8 @@ void print_elf64_phdrs(const elf64_phdr *prog_hdr_arr, void get_magic_bytes(FILE *file, unsigned char *magic_bytes); uint8_t get_elf_class(FILE *file); bool is_magic_bytes_elf(const unsigned char *magic_bytes); +char *get_flag_str(uint64_t target_total, const uint64_t flag_val_arr[], + const char *flag_str_arr[], int num_flags); char *get_sec_type_name(uint32_t sec_type); char *get_seg_type_name(uint32_t p_type); diff --git a/src/pelf.c b/src/pelf.c index 9a9bac8..52d6941 100644 --- a/src/pelf.c +++ b/src/pelf.c @@ -381,6 +381,8 @@ void print_elf64_shdrs(const elf64_shdr *sec_hdr_arr, uint16_t num_sec, for (int i = 0; i < num_sec; i++) { const elf64_shdr sec_hdr = sec_hdr_arr[i]; char *sec_type_name = get_sec_type_name(sec_hdr.sh_type); + char *sec_flag_str = get_flag_str(sec_hdr.sh_flags, SEC_FLAG_VAL, + SEC_FLAG_STR, NUM_SEC_FLAGS); printf("[%d]\t", i); printf("%s", (shstrtab + sec_hdr.sh_name)); @@ -392,6 +394,7 @@ void print_elf64_shdrs(const elf64_shdr *sec_hdr_arr, uint16_t num_sec, } else { printf("%s\t\t", sec_type_name); } + printf("%#lx\t\t", sec_hdr.sh_addr); printf("%lu", sec_hdr.sh_offset); @@ -399,15 +402,29 @@ void print_elf64_shdrs(const elf64_shdr *sec_hdr_arr, uint16_t num_sec, printf("%lu\t\t", sec_hdr.sh_size); printf("%lu\t\t", sec_hdr.sh_entsize); - printf("%#lx ", sec_hdr.sh_flags); + + if (sec_flag_str == NULL) { + printf("%#lx ", sec_hdr.sh_flags); + } else { + printf("%s ", sec_flag_str); + } + printf("%d \t", sec_hdr.sh_link); printf("%d ", sec_hdr.sh_info); printf("%lu", sec_hdr.sh_addralign); printf("\n---------------------------------------------------------" "------------\n"); + + free(sec_flag_str); } + printf("\nSection Header flag legend:\n" + "W (write), A (alloc), X (execute), M (merge), S (strings),\n" + "I (info), L (link order), O (extra OS processing required),\n" + "G (group), T (TLS), o (OS specific), P (processor specific),\n" + "R (ordered), E (exclude)\n"); + printf("\n\n"); } @@ -429,12 +446,15 @@ void print_elf64_phdrs(const elf64_phdr *prog_hdr_arr, for (int i = 0; i < file_hdr->e_phnum; i++) { const elf64_phdr prog_hdr = prog_hdr_arr[i]; char *seg_type_name = get_seg_type_name(prog_hdr.p_type); + char *seg_flag_str = get_flag_str(prog_hdr.p_flags, SEG_FLAG_VAL, + SEG_FLAG_STR, NUM_SEG_FLAGS); if (seg_type_name == NULL) { printf("%#x\t\t", prog_hdr.p_type); } else { printf("%s\t\t", seg_type_name); } + printf("%#lx\t\t", prog_hdr.p_offset); printf("%#lx\t\t", prog_hdr.p_vaddr); printf("%#lx", prog_hdr.p_paddr); @@ -443,16 +463,62 @@ void print_elf64_phdrs(const elf64_phdr *prog_hdr_arr, printf("%#lx\t\t", prog_hdr.p_filesz); printf("%#lx\t\t", prog_hdr.p_memsz); - printf("%#x ", prog_hdr.p_flags); + + if (seg_flag_str == NULL) { + printf("%#x ", prog_hdr.p_flags); + } else { + printf("%s ", seg_flag_str); + } + printf("%#lx", prog_hdr.p_align); printf("\n---------------------------------------------------------" "------------\n"); + + free(seg_flag_str); } + printf("\nProgram (Segment) Header flag legend:\n" + "X (execute), W (write), R (read) \n"); + printf("\n\n"); } +// Get flag combination string +char *get_flag_str(uint64_t target_total, const uint64_t flag_val_arr[], + const char *flag_str_arr[], int num_flags) { + char *flag_str = (char *)malloc(20 * sizeof(char)); + char *flag_str_ptr = flag_str; + + if (flag_str == NULL) { + return NULL; + } + + for (int i = num_flags - 1; i >= 0; i--) { + const uint64_t flag_val = flag_val_arr[i]; + + if (flag_val <= target_total) { + *flag_str_ptr = *flag_str_arr[i]; + flag_str_ptr++; + + target_total = target_total - flag_val; + + if (target_total == 0) { + break; + } + } + } + + if (target_total == 0) { + *flag_str_ptr = '\0'; + + return flag_str; + } else { + free(flag_str); + return NULL; + } +} + // Get the name of the section type from its numeric representation char *get_sec_type_name(uint32_t sec_type) { switch (sec_type) {