Linux??????????????
???????????? ???????[ 2014/12/16 14:47:17 ] ????????Linux ??????
?????????????(PIC?? position independent code)
???????????????????????????λ?????????
????????????????????????????
???????????????????????????λ??????????????????????????????
???????????Щ????ELF ???????????????????????????????y?????????????????????????????????????????????
????1.??????????????
??????????????????????????static ??????????????????????????????????? static ?????????????????????????????????????????????????? x86 ??????????????????????????????????λ??????????У????????????????????鷳????????????????????????????????????????δ???????????????????????????????
????ELF ??????????????С??????????? IP ???????????????????????????????????????????????е?????Σ?????ε????λ?????????????????????????????????????????????ε???????????????????????????????????????????????????????ù????λ???????????????????????????????????????????????£?
int g_share = 1;
static int g_share2 = 2;
int g_func(int a)
{
g_share += a;
return a * 2;
}
int g_func2()
{
int a = 2;
int b = g_func(3);
return a + b;
}
static int g_fun3()
{
g_share2 += 3;
return g_share2 - 1;
}
static int g_func4()
{
int a = g_fun3();
a + 2;
return a;
}
?????????????x86 linux ?±??????????????????????
????-bash-3.00$ gcc -o liba.so -fPIC -shared a.c
????-bash-3.00$ objdump -S liba.so
????//skip some of the output
????00000564 <g_fun3>:
????564: 55 push %ebp
????565: 89 e5 mov %esp??%ebp
????567: e8 00 00 00 00 call 56c <g_fun3+0x8>
????56c: 59 pop %ecx
????56d: 81 c1 60 11 00 00 add $0x1160??%ecx
????573: 83 81 20 00 00 00 03 addl $0x3??0x20(%ecx)
????57a: 8b 81 20 00 00 00 mov 0x20(%ecx)??%eax
????580: 48 dec %eax
????581: c9 leave
????582: c3 ret
????//skip some of the output
???????????????????????£????????? 567 ???????Щ???????????????????x86 ??????????????? ip ??????????????????????????????????? ip ?(x86_64?2???????鷳)???????????????????к????????????????????????????????????????????????????????????????????????????? 56c ??к?%ecx ?а?????????????????? 0x56c????? 56d ?? 573 ?????????? %ecx + 0x1160 + 0x20 = 0x16ec ?? 573 ???????????????????????????????????
????-bash-3.00$ objdump -s liba.so
????Contents of section .data:
????16e0 e0160000 f4150000 01000000 02000000 ................
????????????????????? int????? g_share2!
????2.???????????
??????????????????????????????鷳?????????????????????????????δ????????????????????????????????????????????????????????????ELF ?????????????????????м???????????? GOT(global offset table)?? GOT ????з????????????????????????????????????????????????г????????????????ж??????????????????????????????????????????????????????????????????????????????????????????????????????????
????????????????????????????? g_func ????????? g_share ???????
00000504 <g_func>:
504: 55 push %ebp
505: 89 e5 mov %esp??%ebp
507: 53 push %ebx
508: e8 00 00 00 00 call 50d <g_func+0x9>
50d: 5b pop %ebx
50e: 81 c3 bf 11 00 00 add $0x11bf??%ebx
514: 8b 8b f0 ff ff ff mov 0xfffffff0(%ebx)??%ecx
51a: 8b 93 f0 ff ff ff mov 0xfffffff0(%ebx)??%edx
520: 8b 45 08 mov 0x8(%ebp)??%eax
523: 03 02 add (%edx)??%eax
525: 89 01 mov %eax??(%ecx)
527: 8b 45 08 mov 0x8(%ebp)??%eax
52a: d1 e0 shl %eax
52c: 5b pop %ebx
52d: c9 leave
52e: c3 ret
?????????????У?508 ?? 50d ????????????? ip ??? ????? 50d ?? %ebx ?з???? 0x50d?? ??? 50e ??????? g_share ?? GOT ?е??? 0x50d + 0x11bf + 0xfffffff0 = 0x16bc?? ????????????????? GOT??
????-bash-3.00$ objdump -h liba.so
????liba.so: file format elf32-i386
????Sections:
????Idx Name Size VMA LMA File off Algn
????//skip some of the output
????16 .got 00000010 000016bc 000016bc 000006bc 2**2
????CONTENTS?? ALLOC?? LOAD?? DATA
?????????0x16bc ?? GOT ??????
??????????ELF ????л?????????????λ?Σ???????????Щ??????????????λ?????????????????????????????????????
????-bash-3.00$ objdump -R liba.so
????liba.so: file format elf32-i386
????DYNAMIC RELOCATION RECORDS
????OFFSET TYPE VALUE
????000016e0 R_386_RELATIVE *ABS*
????000016e4 R_386_RELATIVE *ABS*
????000016bc R_386_GLOB_DAT g_share
????000016c0 R_386_GLOB_DAT __cxa_finalize
????000016c4 R_386_GLOB_DAT _Jv_RegisterClasses
????000016c8 R_386_GLOB_DAT __gmon_start__
????000016d8 R_386_JUMP_SLOT g_func
????000016dc R_386_JUMP_SLOT __cxa_finalize
????????????? g_share ?????? 0x16bc??????????????????
?????′??????????????????????????????????????????????????????????????????? GOT ?????????????????????????ELF ????????ν????????????????????????????????
??????
???·???
??????????????????
2023/3/23 14:23:39???д?ò??????????
2023/3/22 16:17:39????????????????????Щ??
2022/6/14 16:14:27??????????????????????????
2021/10/18 15:37:44???????????????
2021/9/17 15:19:29???·???????·
2021/9/14 15:42:25?????????????
2021/5/28 17:25:47??????APP??????????
2021/5/8 17:01:11