Feature request: Listing texts in given sections

[diffstorm]

Hello,
Is it possible to add listing texts in some given sections for example .rodata or .strtab.
A function which reads a section would be very useful. Something like readelf -x .rodata <binary>

[TheCodeArtist]

Something like readelf -x .rodata

Sounds like a great idea!

Would you like to take a stab at it?...
(let me know if you get any doubts)

[diffstorm]

Thank you! Unfortunately I have very limited knowledge about ELF format, I can help if you redirect me. I don't know the theory.

[diffstorm]

Hello, I have changed print_symbols function to print some other types too, but I see segmentation fault when it runs. Why it cannot print other types?

void print_symbols(int32_t fd, Elf32_Ehdr eh, Elf32_Shdr sh_table[])
{
	uint32_t i;

	for(i=0; i<eh.e_shnum; i++) {
		if ((sh_table[i].sh_type==SHT_SYMTAB)
				|| (sh_table[i].sh_type==SHT_STRTAB)
				|| (sh_table[i].sh_type==SHT_DYNSYM)
				|| (sh_table[i].sh_type==SHT_PROGBITS)
				|| (sh_table[i].sh_type==SHT_NOTE)
			)
		 {
			printf("\n[Section %03d]", i);
			printf("\n[Type %d]", sh_table[i].sh_type);
			print_symbol_table(fd, eh, sh_table, i);
		}
	}
}

[TheCodeArtist]

Thank you! Unfortunately I have very limited knowledge about ELF format,
I can help if you redirect me. I don't know the theory.

Think of ELF as a pretty simple (but large) data-structure.

Check this out for a quick intro...
https://en.wikipedia.org/wiki/Executable_and_Linkable_Format#File_layout

...and a detailed reference
http://www.skyfree.org/linux/references/ELF_Format.pdf

[TheCodeArtist]

I have changed print_symbols function to print some other types too,
but I see segmentation fault when it runs.

Why it cannot print other types?

The segmentation fault is the updated print_symbols() in the above comment is seen within
print_symbol_table(fd, eh, sh_table, i);

This is because print_symbol_table() attempts to interpret the contents of the section as a symbol-table
wheres these other sections (SHT_STRTAB, SHT_PROGBITS, SHT_NOTE) do not contain symbol tables.

Reference: Page 16(of 60) of ELF_format.pdf

[TheCodeArtist]

How about this -

1. Call print_strings(fd, eh, sh_tbl); from main()
2. Implement print_strings() such that it reads a section that is a string-table
   and prints either the string Table or all the individual strings in it.

Look for SHT_STRTAB and the chapter 1.4 String Table in ELF_format.pdf.

[diffstorm]

Second option looks better and easier to me. I guess currently print_strings() function prints only string-table, how the other sections hold individual strings? With null terminate character?
Does the strings <file> command read elf sections or it has other method? I need the equivalent behavior of strings command.

[TheCodeArtist]

in my previous comment i meant that as step1 and step2.
Basically implement a new function print_strings() and call it from main()

Look for SHT_STRTAB and the chapter 1.4 String Table in ELF_format.pdf.

Please :-) search and do read the above to understand the byte format of the string table in an ELF file.

Then its a matter of writing C code to:

• determine the start offset of a string table
• go over the each byte and print it on screen
• stop once we reach the end of a string table (how to identify we have reached the end of a string table?)

Does the strings command read elf sections or it has other method?
I need the equivalent behavior of strings command.

Not sure how strings does it.
Based on the results it shows,
i would guess it simply looks for sequences of bytes with values in the printable ASCII range.