【发布时间】:2016-10-12 05:53:53
【问题描述】:
我正在尝试从 elf 获取动态和静态符号表信息。
这是我写的代码:
void symbols(){
int i;
Elf32_Ehdr *header; /* this will point to the header structure */
header = (Elf32_Ehdr *) map_start;
Elf32_Shdr *shdr = (Elf32_Shdr *)(map_start + header->e_shoff);
int shnum = header->e_shnum;
const char * str_p =NULL;
Elf32_Shdr *sh_strtab = &shdr[header->e_shstrndx];
const char *const sh_strtab_p = map_start + sh_strtab->sh_offset;
int j;
int k;
for (i = 0; i < shnum; ++i) {
if ((shdr[i].sh_type == SHT_SYMTAB)||(shdr[i].sh_type==SHT_DYNSYM)){
str_p =(char *) shdr[shdr[i].sh_link].sh_offset;
Elf32_Sym *symboler =(Elf32_Sym *)(map_start + shdr[i].sh_offset);
for(j=0;j<(shdr[i].sh_size/shdr[i].sh_entsize);j++){
printf("%u ", symboler->st_size);
printf("%x ", symboler->st_value);
printf("%u ", symboler->st_shndx);
printf("%s\n",(char *) ((int)map_start+ (int)str_p + symboler->st_name));
symboler++;
}
}
}
}
问题出在动态符号表上,例如:
0 0 0
0 0 0 __gmon_start__
0 0 0 __libc_start_main
0 0 0 fopen
0 0 0 fgetc
0 0 0 printf
0 0 0 atoi
4 80485dc 15 _IO_stdin_used
当我使用 readelf 时,我得到了这个名字:
0: 00000000 0 NOTYPE LOCAL DEFAULT UND
1: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__
2: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (2)
3: 00000000 0 FUNC GLOBAL DEFAULT UND fopen@GLIBC_2.1 (3)
4: 00000000 0 FUNC GLOBAL DEFAULT UND fgetc@GLIBC_2.0 (2)
5: 00000000 0 FUNC GLOBAL DEFAULT UND printf@GLIBC_2.0 (2)
6: 00000000 0 FUNC GLOBAL DEFAULT UND atoi@GLIBC_2.0 (2)
7: 080485dc 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used
为什么我在我的版本中得到atoi 而在readelf 中得到atoi@GLIBC_2.0 (2)?我该如何解决这个问题?
【问题讨论】: