本节分析R_386_GOTPC,R_386_GOT32,R_386_GLOB_DAT和R_386_PLT32
PIC位置无关代码,使用-fPIC参数就可以编译得到
>>>>>>>>>>>>>>>>>R_386_GOTPC
看看第一个重定位符号的重定位信息
call .L3 //.L3地址压栈
.L3:
popl %ebx //.L3地址弹到ebx中
addl $_GLOBAL_OFFSET_TABLE_+[.-.L3], %ebx //计算got的地址到ebx中
7: e8 00 00 00 00 call c
c: 5b pop %ebx
d: 81 c3 03 00 00 00 add $0x3,%ebx
0000000f 00c0a R_386_GOTPC 00000000 _GLOBAL_OFFSET_TABLE_
查看ld后的结果4.c.txt中
[19] .got PROGBITS 080495b8 0005b8 00002c 04 WA 0 0 4
got地址是080495b8
80484a7: e8 00 00 00 00 call 80484ac
80484ac: 5b pop %ebx //0x80484ac
80484ad: 81 c3 0c 11 00 00 add $0x110c,%ebx //ebx为got地址
80484b3: 83 ec 0c sub $0xc,%esp
80484b6: 8b 83 24 00 00 00 mov 0x24(%ebx),%eax
80484bc: ff 30 pushl (%eax)
执行pop %ebx,ebx中的值为80484ac
执行add $0x110c,%ebx后,ebx中的值是80495B8,正是got的地址
那么0x110c是怎么来的呢?
0x110c-3=0x1109,修正处的偏移是0x80484af,0x80484af+0x1109=0x80495b8,正是.got地址(0x80495b8)
所以0x110c=0x80495b8-0x0x80484af+3,即修正值为got-Offset+[.-.L3].
因此R_386_GOTPC的重定位方法是:指示连接器将GOT的地址和Offset的差加上原值写入Offset处。
前面的[.-.L3]=3,即5b 81 c3这几个字节的长度,因此[.-.L3]代表指令中操作数所在地址和.L3差值,而
一般的.代表指令的地址.
>>>>>>>>>>>>R_386_GOT32和R_386_GLOB_DAT
movl ), %eax
pushl (%eax)
16: 8b 83 00 00 00 00 mov 0x0(%ebx),%eax
1c: ff 30 pushl (%eax)
00000018 00903 R_386_GOT32 00000000 s
查看ld后的结果4.c.txt中
80484b6: 8b 83 24 00 00 00 mov 0x24(%ebx),%eax
80484bc: ff 30 pushl (%eax)
got+0x24=0x80495DC
[root@proxy ~/3]# objdump -sj .got 4
4: file format elf32-i386
Contents of section .got:
80495b8 e4950408 00000000 00000000 52830408 ............R...
80495c8 62830408 72830408 82830408 92830408 b...r...........
80495d8 00000000 00000000 00000000 ............
可见该地址在got中,这里该地址的值为全0.
查看4.c.txt的重定位节
080495dc 00606 R_386_GLOB_DAT 0804959c s
重定位0x080495dc处的值为0804959c,应该在.data中
[root@proxy ~/3]# objdump -sj .data 4
4: file format elf32-i386
Contents of section .data:
804958c 00000000 00000000 b4950408 00000000 ................
804959c 78850408 86850408 x.......
值为08045878,即为变量s的值,应该指向.rodata
[root@proxy ~/3]# objdump -sj .rodata 4
4: file format elf32-i386
Contents of section .rodata:
8048570 03000000 01000200 68656c6c 6f20576f ........hello Wo
8048580 726c6421 0a006162 630a00 rld!..abc..
果然,08045878出的值就是字符串hello world!
因此R_386_GOT32的重定位方法是:指示连接器将符号在GOT中的地址和GOT的地址差值写入Offset处。
R_386_GLOB_DAT的重定位方法是:指示连接器将符号的值写入Offset处。
>>>R_386_PLT32
call
1e: e8 fc ff ff ff call 1f
0000001f 00d04 R_386_PLT32 00000000 printf
查看4.c.txt
80484be: e8 b9 fe ff ff call 804837c <_init+0x58>
填入的值是0xfffffeb9,相对跳转,为0x804837c处,在.plt节中
[root@proxy ~/3]# objdump -dj .plt 4
4: file format elf32-i386
Disassembly of section .plt:
0804833c <.plt>:
804833c: ff 35 bc 95 04 08 pushl 0x80495bc
8048342: ff 25 c0 95 04 08 jmp *0x80495c0
8048348: 00 00 add %al,(%eax)
804834a: 00 00 add %al,(%eax)
804834c: ff 25 c4 95 04 08 jmp *0x80495c4
8048352: 68 00 00 00 00 push $0x0
8048357: e9 e0 ff ff ff jmp 804833c <_init+0x18>
804835c: ff 25 c8 95 04 08 jmp *0x80495c8
8048362: 68 08 00 00 00 push $0x8
8048367: e9 d0 ff ff ff jmp 804833c <_init+0x18>
804836c: ff 25 cc 95 04 08 jmp *0x80495cc
8048372: 68 10 00 00 00 push $0x10
8048377: e9 c0 ff ff ff jmp 804833c <_init+0x18>
804837c: ff 25 d0 95 04 08 jmp *0x80495d0 //<<指向这里
8048382: 68 18 00 00 00 push $0x18
8048387: e9 b0 ff ff ff jmp 804833c <_init+0x18>
804838c: ff 25 d4 95 04 08 jmp *0x80495d4
8048392: 68 20 00 00 00 push $0x20
8048397: e9 a0 ff ff ff jmp 804833c <_init+0x18>
说明R_386_PLT32的重定位方法是:将符号在.plt节中的地址和Offset差值填入Offset.
不难理解下面的意思
R_386_GOTPC 10 word32 GOT + A - P //GOT即GOT地址,A为Offset处值,P为Offset.
R_386_GOT32 3 word32 G + A - P //G为符号在GOT中地址,A为Offset处值,P为Offset
R_386_GLOB_DAT 6 word32 S //S为调整后的符号值
R_386_PLT32 4 word32 L + A - P //L为符号在plt中的地址,A为Offset处值,P为Offset
附件1
1.c.txt
[root@proxy ~/3]# cat 1.c
#include
char *s="hello World!\n";
char *t="abc\n";
void f()
{
printf(s);
}
void g()
{
printf(t);
}
[root@proxy ~/3]# gcc -fPIC -S 1.c
[root@proxy ~/3]# cat 1.s
.file "1.c"
.version "01.01"
gcc2_compiled.:
.globl s
.section .rodata
.LC0:
.string "hello World!\n"
.data
.align 4
.type s,@object
.size s,4
s:
.long .LC0
.globl t
.section .rodata
.LC1:
.string "abc\n"
.data
.align 4
.type t,@object
.size t,4
t:
.long .LC1
.text
.align 4
.globl f
.type f,@function
f:
pushl %ebp
movl %esp, %ebp
pushl %ebx
subl $4, %esp
call .L3
.L3:
popl %ebx
addl $_GLOBAL_OFFSET_TABLE_+[.-.L3], %ebx
subl $12, %esp
movl ), %eax
pushl (%eax)
call
addl $16, %esp
movl -4(%ebp), %ebx
leave
ret
.Lfe1:
.size f,.Lfe1-f
.align 4
.globl g
.type g,@function
g:
pushl %ebp
movl %esp, %ebp
pushl %ebx
subl $4, %esp
call .L5
.L5:
popl %ebx
addl $_GLOBAL_OFFSET_TABLE_+[.-.L5], %ebx
subl $12, %esp
movl ), %eax
pushl (%eax)
call
addl $16, %esp
movl -4(%ebp), %ebx
leave
ret
.Lfe2:
.size g,.Lfe2-g
.ident "GCC: (GNU) 2.96 20000731 (Red Hat Linux 7.1 2.96-98)"
[root@proxy ~/3]# gcc -fPIC -c 1.c -o 1.o
[root@proxy ~/3]# objdump -dj .text 1.o
1.o: file format elf32-i386
Disassembly of section .text:
00000000 :
0: 55 push %ebp
1: 89 e5 mov %esp,%ebp
3: 53 push %ebx
4: 83 ec 04 sub $0x4,%esp
7: e8 00 00 00 00 call c
c: 5b pop %ebx
d: 81 c3 03 00 00 00 add $0x3,%ebx
13: 83 ec 0c sub $0xc,%esp
16: 8b 83 00 00 00 00 mov 0x0(%ebx),%eax
1c: ff 30 pushl (%eax)
1e: e8 fc ff ff ff call 1f
23: 83 c4 10 add $0x10,%esp
26: 8b 5d fc mov 0xfffffffc(%ebp),%ebx
29: c9 leave
2a: c3 ret
2b: 90 nop
0000002c :
2c: 55 push %ebp
2d: 89 e5 mov %esp,%ebp
2f: 53 push %ebx
30: 83 ec 04 sub $0x4,%esp
33: e8 00 00 00 00 call 38
38: 5b pop %ebx
39: 81 c3 03 00 00 00 add $0x3,%ebx
3f: 83 ec 0c sub $0xc,%esp
42: 8b 83 00 00 00 00 mov 0x0(%ebx),%eax
48: ff 30 pushl (%eax)
4a: e8 fc ff ff ff call 4b
4f: 83 c4 10 add $0x10,%esp
52: 8b 5d fc mov 0xfffffffc(%ebp),%ebx
55: c9 leave
56: c3 ret
57: 90 nop
[root@proxy ~/3]# readelf -a 1.o
ELF Header:
Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
Class: ELF32
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: REL (Relocatable file)
Machine: Intel 80386
Version: 0x1
Entry point address: 0x0
Start of program headers: 0 (bytes into file)
Start of section headers: 328 (bytes into file)
Flags: 0x0
Size of this header: 52 (bytes)
Size of program headers: 0 (bytes)
Number of program headers: 0
Size of section headers: 40 (bytes)
Number of section headers: 12
Section header string table index: 9
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[ 0] NULL 00000000 000000 000000 00 0 0 0
[ 1] .text PROGBITS 00000000 000034 000058 00 AX 0 0 4
[ 2] .rel.text REL 00000000 000454 000030 08 10 1 4
[ 3] .data PROGBITS 00000000 00008c 000008 00 WA 0 0 4
[ 4] .rel.data REL 00000000 000484 000010 08 10 3 4
[ 5] .bss NOBITS 00000000 000094 000000 00 WA 0 0 4
[ 6] .note NOTE 00000000 000094 000014 00 0 0 1
[ 7] .rodata PROGBITS 00000000 0000a8 000013 00 A 0 0 1
[ 8] .comment PROGBITS 00000000 0000bb 000036 00 0 0 1
[ 9] .shstrtab STRTAB 00000000 0000f1 000057 00 0 0 1
[10] .symtab SYMTAB 00000000 000328 0000f0 10 11 9 4
[11] .strtab STRTAB 00000000 000418 000039 00 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings)
I (info), L (link order), G (group), x (unknown)
O (extra OS processing required) o (OS specific), p (processor specific)
There are no program headers in this file.
There is no dynamic segment in this file.
Relocation section '.rel.text' at offset 0x454 contains 6 entries:
Offset Info Type Symbol's Value Symbol's Name
0000000f 00c0a R_386_GOTPC 00000000 _GLOBAL_OFFSET_TABLE_
00000018 00903 R_386_GOT32 00000000 s
0000001f 00d04 R_386_PLT32 00000000 printf
0000003b 00c0a R_386_GOTPC 00000000 _GLOBAL_OFFSET_TABLE_
00000044 00a03 R_386_GOT32 00000004 t
0000004b 00d04 R_386_PLT32 00000000 printf
Relocation section '.rel.data' at offset 0x484 contains 2 entries:
Offset Info Type Symbol's Value Symbol's Name
00000000 00601 R_386_32 00000000 .rodata
00000004 00601 R_386_32 00000000 .rodata
There are no unwind sections in this file.
Symbol table '.symtab' contains 15 entries:
Num: Value Size Type Bind Vis Ndx Name
0: 00000000 0 NOTYPE LOCAL DEFAULT UND
1: 00000000 0 FILE LOCAL DEFAULT ABS 1.c
2: 00000000 0 SECTION LOCAL DEFAULT 1
3: 00000000 0 SECTION LOCAL DEFAULT 3
4: 00000000 0 SECTION LOCAL DEFAULT 5
5: 00000000 0 NOTYPE LOCAL DEFAULT 1 gcc2_compiled.
6: 00000000 0 SECTION LOCAL DEFAULT 7
7: 00000000 0 SECTION LOCAL DEFAULT 6
8: 00000000 0 SECTION LOCAL DEFAULT 8
9: 00000000 4 OBJECT GLOBAL DEFAULT 3 s
10: 00000004 4 OBJECT GLOBAL DEFAULT 3 t
11: 00000000 43 FUNC GLOBAL DEFAULT 1 f
12: 00000000 0 NOTYPE GLOBAL DEFAULT UND _GLOBAL_OFFSET_TABLE_
13: 00000000 0 NOTYPE GLOBAL DEFAULT UND printf
14: 0000002c 43 FUNC GLOBAL DEFAULT 1 g
No version information found in this file.
附件2
4.c.txt
[root@proxy ~/3]# gcc 1.o 3.o -o 4
[root@proxy ~/3]# ./4
hello World!
abc
[root@proxy ~/3]# objdump -dj .text 4
4: file format elf32-i386
Disassembly of section .text:
080483a0 <_start>:
80483a0: 31 ed xor %ebp,%ebp
80483a2: 5e pop %esi
80483a3: 89 e1 mov %esp,%ecx
80483a5: 83 e4 f0 and $0xfffffff0,%esp
80483a8: 50 push %eax
80483a9: 54 push %esp
80483aa: 52 push %edx
80483ab: 68 50 85 04 08 push $0x8048550
80483b0: 68 24 83 04 08 push $0x8048324
80483b5: 51 push %ecx
80483b6: 56 push %esi
80483b7: 68 f8 84 04 08 push $0x80484f8
80483bc: e8 ab ff ff ff call 804836c <_init+0x48>
80483c1: f4 hlt
80483c2: 89 f6 mov %esi,%esi
080483c4 :
80483c4: 55 push %ebp
80483c5: 89 e5 mov %esp,%ebp
80483c7: 53 push %ebx
80483c8: 50 push %eax
80483c9: e8 00 00 00 00 call 80483ce
80483ce: 5b pop %ebx
80483cf: 81 c3 ea 11 00 00 add $0x11ea,%ebx
80483d5: 8b 83 28 00 00 00 mov 0x28(%ebx),%eax
80483db: 85 c0 test %eax,%eax
80483dd: 74 02 je 80483e1
80483df: ff d0 call *%eax
80483e1: 8b 5d fc mov 0xfffffffc(%ebp),%ebx
80483e4: c9 leave
80483e5: c3 ret
80483e6: 89 f6 mov %esi,%esi
80483e8: 90 nop
80483e9: 90 nop
80483ea: 90 nop
80483eb: 90 nop
80483ec: 90 nop
80483ed: 90 nop
80483ee: 90 nop
80483ef: 90 nop
080483f0 <__do_global_dtors_aux>:
80483f0: 55 push %ebp
80483f1: 89 e5 mov %esp,%ebp
80483f3: 83 ec 08 sub $0x8,%esp
80483f6: 8b 15 98 95 04 08 mov 0x8049598,%edx
80483fc: 85 d2 test %edx,%edx
80483fe: 75 49 jne 8048449 <__do_global_dtors_aux+0x59>
8048400: 8b 15 94 95 04 08 mov 0x8049594,%edx
8048406: 8b 02 mov (%edx),%eax
8048408: 85 c0 test %eax,%eax
804840a: 74 1a je 8048426 <__do_global_dtors_aux+0x36>
804840c: 8d 74 26 00 lea 0x0(%esi,1),%esi
8048410: 8d 42 04 lea 0x4(%edx),%eax
8048413: a3 94 95 04 08 mov %eax,0x8049594
8048418: ff 12 call *(%edx)
804841a: 8b 15 94 95 04 08 mov 0x8049594,%edx
8048420: 8b 0a mov (%edx),%ecx
8048422: 85 c9 test %ecx,%ecx
8048424: 75 ea jne 8048410 <__do_global_dtors_aux+0x20>
8048426: b8 5c 83 04 08 mov $0x804835c,%eax
804842b: 85 c0 test %eax,%eax
804842d: 74 10 je 804843f <__do_global_dtors_aux+0x4f>
804842f: 83 ec 0c sub $0xc,%esp
8048432: 68 a4 95 04 08 push $0x80495a4
8048437: e8 20 ff ff ff call 804835c <_init+0x38>
804843c: 83 c4 10 add $0x10,%esp
804843f: b8 01 00 00 00 mov $0x1,%eax
8048444: a3 98 95 04 08 mov %eax,0x8049598
8048449: 89 ec mov %ebp,%esp
804844b: 5d pop %ebp
804844c: c3 ret
804844d: 8d 76 00 lea 0x0(%esi),%esi
08048450 :
8048450: 55 push %ebp
8048451: 89 e5 mov %esp,%ebp
8048453: 83 ec 08 sub $0x8,%esp
8048456: 89 ec mov %ebp,%esp
8048458: 5d pop %ebp
8048459: c3 ret
804845a: 8d b6 00 00 00 00 lea 0x0(%esi),%esi
08048460 :
8048460: 55 push %ebp
8048461: b8 4c 83 04 08 mov $0x804834c,%eax
8048466: 89 e5 mov %esp,%ebp
8048468: 83 ec 08 sub $0x8,%esp
804846b: 85 c0 test %eax,%eax
804846d: 74 15 je 8048484
804846f: 83 ec 08 sub $0x8,%esp
8048472: 68 ac 96 04 08 push $0x80496ac
8048477: 68 a4 95 04 08 push $0x80495a4
804847c: e8 cb fe ff ff call 804834c <_init+0x28>
8048481: 83 c4 10 add $0x10,%esp
8048484: 89 ec mov %ebp,%esp
8048486: 5d pop %ebp
8048487: c3 ret
8048488: 90 nop
8048489: 8d b4 26 00 00 00 00 lea 0x0(%esi,1),%esi
08048490 :
8048490: 55 push %ebp
8048491: 89 e5 mov %esp,%ebp
8048493: 83 ec 08 sub $0x8,%esp
8048496: 89 ec mov %ebp,%esp
8048498: 5d pop %ebp
8048499: c3 ret
804849a: 8d b6 00 00 00 00 lea 0x0(%esi),%esi
080484a0 :
80484a0: 55 push %ebp
80484a1: 89 e5 mov %esp,%ebp
80484a3: 53 push %ebx
80484a4: 83 ec 04 sub $0x4,%esp
80484a7: e8 00 00 00 00 call 80484ac
80484ac: 5b pop %ebx
80484ad: 81 c3 0c 11 00 00 add $0x110c,%ebx
80484b3: 83 ec 0c sub $0xc,%esp
80484b6: 8b 83 24 00 00 00 mov 0x24(%ebx),%eax
80484bc: ff 30 pushl (%eax)
80484be: e8 b9 fe ff ff call 804837c <_init+0x58>
80484c3: 83 c4 10 add $0x10,%esp
80484c6: 8b 5d fc mov 0xfffffffc(%ebp),%ebx
80484c9: c9 leave
80484ca: c3 ret
80484cb: 90 nop
080484cc :
80484cc: 55 push %ebp
80484cd: 89 e5 mov %esp,%ebp
80484cf: 53 push %ebx
80484d0: 83 ec 04 sub $0x4,%esp
80484d3: e8 00 00 00 00 call 80484d8
80484d8: 5b pop %ebx
80484d9: 81 c3 e0 10 00 00 add $0x10e0,%ebx
80484df: 83 ec 0c sub $0xc,%esp
80484e2: 8b 83 20 00 00 00 mov 0x20(%ebx),%eax
80484e8: ff 30 pushl (%eax)
80484ea: e8 8d fe ff ff call 804837c <_init+0x58>
80484ef: 83 c4 10 add $0x10,%esp
80484f2: 8b 5d fc mov 0xfffffffc(%ebp),%ebx
80484f5: c9 leave
80484f6: c3 ret
80484f7: 90 nop
080484f8 :
80484f8: 55 push %ebp
80484f9: 89 e5 mov %esp,%ebp
80484fb: 83 ec 08 sub $0x8,%esp
80484fe: e8 9d ff ff ff call 80484a0
8048503: e8 c4 ff ff ff call 80484cc
8048508: b8 00 00 00 00 mov $0x0,%eax
804850d: c9 leave
804850e: c3 ret
804850f: 90 nop
08048510 <__do_global_ctors_aux>:
8048510: 55 push %ebp
8048511: 89 e5 mov %esp,%ebp
8048513: 53 push %ebx
8048514: 83 ec 04 sub $0x4,%esp
8048517: a1 a8 95 04 08 mov 0x80495a8,%eax
804851c: bb a8 95 04 08 mov $0x80495a8,%ebx
8048521: 83 f8 ff cmp $0xffffffff,%eax
8048524: 74 16 je 804853c <__do_global_ctors_aux+0x2c>
8048526: 8d 76 00 lea 0x0(%esi),%esi
8048529: 8d bc 27 00 00 00 00 lea 0x0(%edi,1),%edi
8048530: 83 eb 04 sub $0x4,%ebx
8048533: ff d0 call *%eax
8048535: 8b 03 mov (%ebx),%eax
8048537: 83 f8 ff cmp $0xffffffff,%eax
804853a: 75 f4 jne 8048530 <__do_global_ctors_aux+0x20>
804853c: 58 pop %eax
804853d: 5b pop %ebx
804853e: 5d pop %ebp
804853f: c3 ret
08048540 :
8048540: 55 push %ebp
8048541: 89 e5 mov %esp,%ebp
8048543: 83 ec 08 sub $0x8,%esp
8048546: 89 ec mov %ebp,%esp
8048548: 5d pop %ebp
8048549: c3 ret
804854a: 8d b6 00 00 00 00 lea 0x0(%esi),%esi
[root@proxy ~/3]# readelf -a 4
ELF Header:
Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
Class: ELF32
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: EXEC (Executable file)
Machine: Intel 80386
Version: 0x1
Entry point address: 0x80483a0
Start of program headers: 52 (bytes into file)
Start of section headers: 10948 (bytes into file)
Flags: 0x0
Size of this header: 52 (bytes)
Size of program headers: 32 (bytes)
Number of program headers: 6
Size of section headers: 40 (bytes)
Number of section headers: 30
Section header string table index: 27
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[ 0] NULL 00000000 000000 000000 00 0 0 0
[ 1] .interp PROGBITS 080480f4 0000f4 000013 00 A 0 0 1
[ 2] .note.ABI-tag NOTE 08048108 000108 000020 00 A 0 0 4
[ 3] .hash HASH 08048128 000128 00003c 04 A 4 0 4
[ 4] .dynsym DYNSYM 08048164 000164 0000a0 10 A 5 1 4
[ 5] .dynstr STRTAB 08048204 000204 000099 00 A 0 0 1
[ 6] .gnu.version VERSYM 0804829e 00029e 000014 02 A 4 0 2
[ 7] .gnu.version_r VERNEED 080482b4 0002b4 000030 00 A 5 1 4
[ 8] .rel.dyn REL 080482e4 0002e4 000018 08 A 4 0 4
[ 9] .rel.plt REL 080482fc 0002fc 000028 08 A 4 b 4
[10] .init PROGBITS 08048324 000324 000018 00 AX 0 0 4
[11] .plt PROGBITS 0804833c 00033c 000060 04 AX 0 0 4
[12] .text PROGBITS 080483a0 0003a0 0001b0 00 AX 0 0 16
[13] .fini PROGBITS 08048550 000550 00001e 00 AX 0 0 4
[14] .rodata PROGBITS 08048570 000570 00001b 00 A 0 0 4
[15] .data PROGBITS 0804958c 00058c 000018 00 WA 0 0 4
[16] .eh_frame PROGBITS 080495a4 0005a4 000004 00 WA 0 0 4
[17] .ctors PROGBITS 080495a8 0005a8 000008 00 WA 0 0 4
[18] .dtors PROGBITS 080495b0 0005b0 000008 00 WA 0 0 4
[19] .got PROGBITS 080495b8 0005b8 00002c 04 WA 0 0 4
[20] .dynamic DYNAMIC 080495e4 0005e4 0000c8 08 WA 5 0 4
[21] .sbss PROGBITS 080496ac 0006ac 000000 00 W 0 0 1
[22] .bss NOBITS 080496ac 0006ac 000018 00 WA 0 0 4
[23] .stab PROGBITS 00000000 0006ac 0007a4 0c 24 0 4
[24] .stabstr STRTAB 00000000 000e50 001983 00 0 0 1
[25] .comment PROGBITS 00000000 0027d3 00017a 00 0 0 1
[26] .note NOTE 00000000 00294d 00008c 00 0 0 1
[27] .shstrtab STRTAB 00000000 0029d9 0000e9 00 0 0 1
[28] .symtab SYMTAB 00000000 002f74 000540 10 29 3d 4
[29] .strtab STRTAB 00000000 0034b4 000234 00 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings)
I (info), L (link order), G (group), x (unknown)
O (extra OS processing required) o (OS specific), p (processor specific)
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
PHDR 0x000034 0x08048034 0x08048034 0x000c0 0x000c0 R E 0x4
INTERP 0x0000f4 0x080480f4 0x080480f4 0x00013 0x00013 R 0x1
[Requesting program interpreter: /lib/ld-linux.so.2]
LOAD 0x000000 0x08048000 0x08048000 0x0058b 0x0058b R E 0x1000
LOAD 0x00058c 0x0804958c 0x0804958c 0x00120 0x00138 RW 0x1000
DYNAMIC 0x0005e4 0x080495e4 0x080495e4 0x000c8 0x000c8 RW 0x4
NOTE 0x000108 0x08048108 0x08048108 0x00020 0x00020 R 0x4
Section to Segment mapping:
Segment Sections...
00
01 .interp
02 .interp .note.ABI-tag .hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata
03 .data .eh_frame .ctors .dtors .got .dynamic .bss
04 .dynamic
05 .note.ABI-tag
Dynamic segment at offset 0x5e4 contains 20 entries:
Tag Type Name/Value
0x00000001 (NEEDED) Shared library: [libc.so.6]
0x0000000c (INIT) 0x8048324
0x0000000d (FINI) 0x8048550
0x00000004 (HASH) 0x8048128
0x00000005 (STRTAB) 0x8048204
0x00000006 (SYMTAB) 0x8048164
0x0000000a (STRSZ) 131 (bytes)
0x0000000b (SYMENT) 16 (bytes)
0x00000015 (DEBUG) 0x0
0x00000003 (PLTGOT) 0x80495b8
0x00000002 (PLTRELSZ) 40 (bytes)
0x00000014 (PLTREL) REL
0x00000017 (JMPREL) 0x80482fc
0x00000011 (REL) 0x80482e4
0x00000012 (RELSZ) 24 (bytes)
0x00000013 (RELENT) 8 (bytes)
0x6ffffffe (VERNEED) 0x80482b4
0x6fffffff (VERNEEDNUM) 1
0x6ffffff0 (VERSYM) 0x804829e
0x00000000 (NULL) 0x0
Relocation section '.rel.dyn' at offset 0x2e4 contains 3 entries:
Offset Info Type Symbol's Value Symbol's Name
080495d8 00106 R_386_GLOB_DAT 080495a0 t
080495dc 00606 R_386_GLOB_DAT 0804959c s
080495e0 00906 R_386_GLOB_DAT 00000000 __gmon_start__
Relocation section '.rel.plt' at offset 0x2fc contains 5 entries:
Offset Info Type Symbol's Value Symbol's Name
080495c4 00207 R_386_JUMP_SLOT 0804834c __register_frame_info
080495c8 00307 R_386_JUMP_SLOT 0804835c __deregister_frame_info
080495cc 00407 R_386_JUMP_SLOT 0804836c __libc_start_main
080495d0 00507 R_386_JUMP_SLOT 0804837c printf
080495d4 00707 R_386_JUMP_SLOT 0804838c __cxa_finalize
There are no unwind sections in this file.
Symbol table '.dynsym' contains 10 entries:
Num: Value Size Type Bind Vis Ndx Name
0: 00000000 0 NOTYPE LOCAL DEFAULT UND
1: 080495a0 4 OBJECT GLOBAL DEFAULT 15 t
2: 0804834c 129 FUNC WEAK DEFAULT UND (2)
3: 0804835c 172 FUNC WEAK DEFAULT UND (2)
4: 0804836c 202 FUNC GLOBAL DEFAULT UND (2)
5: 0804837c 50 FUNC GLOBAL DEFAULT UND (2)
6: 0804959c 4 OBJECT GLOBAL DEFAULT 15 s
7: 0804838c 157 FUNC WEAK DEFAULT UND (3)
8: 08048574 4 OBJECT GLOBAL DEFAULT 14 _IO_stdin_used
9: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__
Symbol table '.symtab' contains 84 entries:
Num: Value Size Type Bind Vis Ndx Name
0: 00000000 0 NOTYPE LOCAL DEFAULT UND
1: 080480f4 0 SECTION LOCAL DEFAULT 1
2: 08048108 0 SECTION LOCAL DEFAULT 2
3: 08048128 0 SECTION LOCAL DEFAULT 3
4: 08048164 0 SECTION LOCAL DEFAULT 4
5: 08048204 0 SECTION LOCAL DEFAULT 5
6: 0804829e 0 SECTION LOCAL DEFAULT 6
7: 080482b4 0 SECTION LOCAL DEFAULT 7
8: 080482e4 0 SECTION LOCAL DEFAULT 8
9: 080482fc 0 SECTION LOCAL DEFAULT 9
10: 08048324 0 SECTION LOCAL DEFAULT 10
11: 0804833c 0 SECTION LOCAL DEFAULT 11
12: 080483a0 0 SECTION LOCAL DEFAULT 12
13: 08048550 0 SECTION LOCAL DEFAULT 13
14: 08048570 0 SECTION LOCAL DEFAULT 14
15: 0804958c 0 SECTION LOCAL DEFAULT 15
16: 080495a4 0 SECTION LOCAL DEFAULT 16
17: 080495a8 0 SECTION LOCAL DEFAULT 17
18: 080495b0 0 SECTION LOCAL DEFAULT 18
19: 080495b8 0 SECTION LOCAL DEFAULT 19
20: 080495e4 0 SECTION LOCAL DEFAULT 20
21: 080496ac 0 SECTION LOCAL DEFAULT 21
22: 080496ac 0 SECTION LOCAL DEFAULT 22
23: 00000000 0 SECTION LOCAL DEFAULT 23
24: 00000000 0 SECTION LOCAL DEFAULT 24
25: 00000000 0 SECTION LOCAL DEFAULT 25
26: 00000000 0 SECTION LOCAL DEFAULT 26
27: 00000000 0 SECTION LOCAL DEFAULT 27
28: 00000000 0 SECTION LOCAL DEFAULT 28
29: 00000000 0 SECTION LOCAL DEFAULT 29
30: 00000000 0 FILE LOCAL DEFAULT ABS initfini.c
31: 080483c4 0 NOTYPE LOCAL DEFAULT 12 gcc2_compiled.
32: 080483c4 0 FUNC LOCAL DEFAULT 12 call_gmon_start
33: 00000000 0 FILE LOCAL DEFAULT ABS init.c
34: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c
35: 080483f0 0 NOTYPE LOCAL DEFAULT 12 gcc2_compiled.
36: 08049594 0 OBJECT LOCAL DEFAULT 15 p.0
37: 080495b0 0 OBJECT LOCAL DEFAULT 18 __DTOR_LIST__
38: 08049598 0 OBJECT LOCAL DEFAULT 15 completed.1
39: 080483f0 0 FUNC LOCAL DEFAULT 12 __do_global_dtors_aux
40: 080495a4 0 OBJECT LOCAL DEFAULT 16 __EH_FRAME_BEGIN__
41: 08048450 0 FUNC LOCAL DEFAULT 12 fini_dummy
42: 080496ac 24 OBJECT LOCAL DEFAULT 22 object.2
43: 08048460 0 FUNC LOCAL DEFAULT 12 frame_dummy
44: 08048490 0 FUNC LOCAL DEFAULT 12 init_dummy
45: 0804959c 0 OBJECT LOCAL DEFAULT 15 force_to_data
46: 080495a8 0 OBJECT LOCAL DEFAULT 17 __CTOR_LIST__
47: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c
48: 08048510 0 NOTYPE LOCAL DEFAULT 12 gcc2_compiled.
49: 08048510 0 FUNC LOCAL DEFAULT 12 __do_global_ctors_aux
50: 080495ac 0 OBJECT LOCAL DEFAULT 17 __CTOR_END__
51: 08048540 0 FUNC LOCAL DEFAULT 12 init_dummy
52: 080495a4 0 OBJECT LOCAL DEFAULT 15 force_to_data
53: 080495b4 0 OBJECT LOCAL DEFAULT 18 __DTOR_END__
54: 080495a4 0 OBJECT LOCAL DEFAULT 16 __FRAME_END__
55: 00000000 0 FILE LOCAL DEFAULT ABS initfini.c
56: 08048550 0 NOTYPE LOCAL DEFAULT 12 gcc2_compiled.
57: 00000000 0 FILE LOCAL DEFAULT ABS 1.c
58: 080484a0 0 NOTYPE LOCAL DEFAULT 12 gcc2_compiled.
59: 00000000 0 FILE LOCAL DEFAULT ABS 3.c
60: 080484f8 0 NOTYPE LOCAL DEFAULT 12 gcc2_compiled.
61: 080495a0 4 OBJECT GLOBAL DEFAULT 15 t
62: 080495e4 0 OBJECT GLOBAL DEFAULT 20 _DYNAMIC
63: 080484a0 43 FUNC GLOBAL DEFAULT 12 f
64: 0804834c 129 FUNC WEAK DEFAULT UND
65: 08048570 4 NOTYPE GLOBAL DEFAULT 14 _fp_hw
66: 080484cc 43 FUNC GLOBAL DEFAULT 12 g
67: 08048324 0 FUNC GLOBAL DEFAULT 10 _init
68: 0804835c 172 FUNC WEAK DEFAULT UND
69: 080483a0 0 FUNC GLOBAL DEFAULT 12 _start
70: 080496ac 0 OBJECT GLOBAL DEFAULT ABS __bss_start
71: 080484f8 23 FUNC GLOBAL DEFAULT 12 main
72: 0804836c 202 FUNC GLOBAL DEFAULT UND
73: 0804958c 0 NOTYPE WEAK DEFAULT 15 data_start
74: 0804837c 50 FUNC GLOBAL DEFAULT UND
75: 08048550 0 FUNC GLOBAL DEFAULT 13 _fini
76: 0804959c 4 OBJECT GLOBAL DEFAULT 15 s
77: 0804838c 157 FUNC WEAK DEFAULT UND
78: 080496ac 0 OBJECT GLOBAL DEFAULT ABS _edata
79: 080495b8 0 OBJECT GLOBAL DEFAULT 19 _GLOBAL_OFFSET_TABLE_
80: 080496c4 0 OBJECT GLOBAL DEFAULT ABS _end
81: 08048574 4 OBJECT GLOBAL DEFAULT 14 _IO_stdin_used
82: 0804958c 0 NOTYPE GLOBAL DEFAULT 15 __data_start
83: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__
Histogram for bucket list length (total of 3 buckets):
Length Number % of total Coverage
0 0 ( 0.0%)
1 1 ( 33.3%) 11.1%
2 0 ( 0.0%) 11.1%
3 0 ( 0.0%) 11.1%
4 2 ( 66.7%) 100.0%
Version symbols section '.gnu.version' contains 10 entries:
Addr: 000000000804829e Offset: 0x00029e Link: 4 (.dynsym)
000: 0 (*local*) 1 (*global*) 2 (GLIBC_2.0) 2 (GLIBC_2.0)
004: 2 (GLIBC_2.0) 2 (GLIBC_2.0) 1 (*global*) 3 (GLIBC_2.1.3)
008: 1 (*global*) 0 (*local*)
Version needs section '.gnu.version_r' contains 1 entries:
Addr: 0x00000000080482b4 Offset: 0x0002b4 Link to section: 5 (.dynstr)
000000: Version: 1 File: libc.so.6 Cnt: 2
0x0010: Name: GLIBC_2.1.3 Flags: none Version: 3
0x0020: Name: GLIBC_2.0 Flags: none Version: 2
