A Deep Dive into the ELF File Format

Debugging a Handmade ELF Image

Writing ELF files by hand is error prone, and the readelf utility is useful for checking the validity of ELF files. A corrupted ELF file will often crash readelf, but it usually provides some helpful information before crashing. Table 2 shows some important switches when using readelf.

Table 2

readelf Switches

Option

Description

-h

Prints the ELF header.

-l

Prints the program headers and the relationships between sections and segments.

-t

Prints detailed information about the sections.

-s

Prints the symbol tables.

-r

Prints the relocations.

-x

Prints a section's contents in hexadecimal.

-d

Prints the contents of the .dynamic section.

Conclusion

I can now build and run the ELF file to confirm that it works (Figure 2).

Figure 2: Building and running an ELF file.

You could easily expand the ELF image I've just described with more handwritten assembly code placed in its .text section. All that's needed is to add references to any extra shared libraries and functions to the relevant sections (although certain features, such as thread-local storage (TLS), and accessing the program's arguments may require additional boilerplate code). The main use case, however, might be to combine the ~500 lines of assembler code with the output of a compiler for a higher level language. Fasm gives you ultimate control over the contents of the final binary without having to resort to a blunt instrument such as a hex editor.

Infos

  1. FreeBSD: https://www.freebsd.org
  2. flat assembler: https://www.flatassembler.net
  3. Git repository for this article: https://github.com/SanctaMaria1997/elf.git
  4. GNU Hash ELF Sections: https://blogs.oracle.com/solaris/post/gnu-hash-elf-sections

The Author

Alan Pilbeam is a programmer and writer from Oxfordshire, England. His passion for computers began when he was gifted a Commodore 64 (together with the legendary Simons' BASIC cartridge) in 1987. He has an endless fascination for compilers (especially BASIC-flavored), assemblers, debuggers, software, and hardware synths, and the history of Unix and Linux. He also likes vegan food and cats.

« Previous 1 2 3

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Qmake for Qt

    Qt’s own build system Qmake is often overlooked for larger projects, but many experienced developers appreciate Qmake support for shadow builds and pre- or post-build dependencies.

    more »
  • Jasonette

    Jasonette makes it supremely easy to build simple and advanced Android apps with a minimum of coding.

    more »
  • ARM64 Assembly and GPIO

    Reading, writing, and arithmetic with the Raspberry Pi in ARM64 assembly language.

    more »
  • 01000010

    Talk to your Raspberry Pi in its native assembler language.

    more »
  • Programming with QCanvas

    The Qt toolkit from Trolltech sports features that appeal to any developer’s needs, but one of the most fascinating and powerful parts of the toolkit is the QCanvas class.

    more »
comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News

Tag Cloud

Administration Community Events Hardware Linux Linux Pro Magazine Mobile Programming Security Software Ubuntu Web Development Windows free software open source