Thread: Almost there, just need help with names

  1. #1
    Registered User awsdert's Avatar
    Join Date
    Jan 2015

    Almost there, just need help with names

    I finally found some decent documentation on the elf format (, got almost all the expected output from readelf, but I still get corrupted text no matter what I try.
    The output after running my program:
    misty alpha
    Creating test.elf
    Writing Elf Header...
    Writing Program Headers...
    Writing Segment Headers...
    Writing Symbols...
    Writing Symbol Pool...
    Writing Coded Area...
    Flushing file...
    Segmentation fault
    readelf -all test.elf
    ELF Header:
      Magic:   7f 45 4c 46 02 01 01 ff 00 00 00 00 00 00 00 00 
      Class:                             ELF64
      Data:                              2's complement, little endian
      Version:                           1 (current)
      OS/ABI:                            <unknown: ff>
      ABI Version:                       0
      Type:                              EXEC (Executable file)
      Machine:                           Advanced Micro Devices X86-64
      Version:                           0x1
      Entry point address:               0x280
      Start of program headers:          64 (bytes into file)
      Start of section headers:          176 (bytes into file)
      Flags:                             0x0
      Size of this header:               64 (bytes)
      Size of program headers:           56 (bytes)
      Number of program headers:         2
      Size of section headers:           64 (bytes)
      Number of section headers:         4
      Section header string table index: 2
    Section Headers:
      [Nr] Name              Type             Address           Offset
           Size              EntSize          Flags  Link  Info  Align
      [ 0] <corrupt>         NULL             0000000000000000  00000000
           0000000000000000  0000000000000000           0     0     0
      [ 1] >                 SYMTAB           00000000000001b0  00000000
           0000000000000090  0000000000000018   A       2     6     0
      [ 2] ^�ELF^B^A^A�      STRTAB           0000000000000240  00000000
           0000000000000040  0000000000000001           0     0     1
      [ 3]                   PROGBITS         0000000000000280  00000000
           0000000000000006  0000000000000001 WAXlp       0     0     0
    Key to Flags:
      W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
      L (link order), O (extra OS processing required), G (group), T (TLS),
      C (compressed), x (unknown), o (OS specific), E (exclude),
      l (large), p (processor specific)
    There are no section groups in this file.
    Program Headers:
      Type           Offset             VirtAddr           PhysAddr
                     FileSiz            MemSiz              Flags  Align
      NULL           0x0000000000000000 0x0000000000000000 0x0000000000000000
                     0x0000000000000000 0x0000000000000000         0x0
      LOAD           0x0000000000000000 0x0000000000000280 0x0000000000000280
                     0x0000000000000006 0x0000000000000006  RWE    0x0
     Section to Segment mapping:
      Segment Sections...
    There is no dynamic section in this file.
    There are no relocations in this file.
    The decoding of unwind sections for machine type Advanced Micro Devices X86-64 is not currently supported.
    Symbol table '>' contains 6 entries:
       Num:    Value          Size Type    Bind   Vis      Ndx Name
         0: 0000000000000000 0x1003e0002 FUNC    LOCAL  INTERNAL PRC[0xff01] <corrupt>
         1: 0000000000000040   176 NOTYPE  LOCAL  DEFAULT  UND <corrupt>
         2: 0002000400400002     0 NOTYPE  <unknown>: 4 DEFAULT bad section index[ 56] ^�ELF^B^A^A�
         3: 0000000000000000     0 NOTYPE  LOCAL  DEFAULT  UND ^�ELF^B^A^A�
         4: 0000000000000000     0 NOTYPE  LOCAL  DEFAULT  UND ^�ELF^B^A^A�
         5: 0000000000000000   640 <unknown>: 7 LOCAL  DEFAULT  UND ELF^B^A^A�
    No version information found in this file.
    (program exited with code: 0)
    Press return to continue
    //#define name_is_pointer
    #define name_from_pool
    //#define name_from_top
    //#define name_from_self
    //#define open_wxhexeditor
    d32 Named( segment_t *this, segment_t *segv, d16 n, d16 Tsize, char const *txt ) {
    	segment_t *cpool_seg = &segv[SEG_CPOOL];
    	shead64_t entry = {0};
    	u16 off = 0;
    	u16 pos = IndexOfSymbol(segv,txt,&off);
    	u16 abs = cpool_seg->pos + off;
    	d32 top = (abs > this->pos) ? abs - this->pos :
    		-((d32)(this->pos - abs));
    	if ( n < 0 || Tsize < 1 ) return 0;
    #if defined(name_is_pointer)
    	return abs;
    #elif defined(name_from_top)
    	return top;
    #elif defined(name_from_self)
    	return top - (Tsize * n);
    #elif defined(name_from_pool)
    	return off - 1;
    	return pos;
    void SetSegAndSym(
    	segment_t *this, segment_t *segv,
    	shead64_t *shent, named64_t *named,
    	u16 s, u16 n, char const *txt ) {
    	shent->sh_type = SHEAD_TYPE_NULL;
    	shent->sh_name = Named( &segv[SEG_SHEAD], segv, s, sizeof(shead64_t), txt );
    	shent->sh_addr = this->pos;
    	shent->sh_size = this->mem.size;
    	shent->sh_link = 0;
    	shent->sh_info = 0;
    	shent->sh_flags = 0;
    	shent->sh_offset = 0;
    	shent->sh_adralign = 0;
    	shent->sh_entsize = 1;
    	named->st_name = Named( &segv[SEG_NAMES], segv, n, sizeof(named64_t), txt );
    	named->st_value = this->pos;
    	named->st_size = this->mem.size;
    	named->st_info = NAMED_BIND_GLOBAL | NAMED_TYPE_NORM;
    	named->st_other = 0;
    	named->st_shndx = SYM_NORM;

  2. #2
    Registered User awsdert's Avatar
    Join Date
    Jan 2015
    Think I fixed the corrupt symbol info now (well almost), still trying to figure out the name bit though
    u16 shent_pos = seg_shead->pos + (sizeof(shead64_t) * s) + 24;
    memset( shent, 0, sizeof(shead64_t) );
    shent->sh_type = SHEAD_TYPE_NULL;
    shent->sh_name = OffsetOfSymbol( segv, txt );
    shent->sh_addr = this->pos;
    shent->sh_size = this->mem.size;
    shent->sh_offset = (this->pos > shent_pos) ? (this->pos - shent_pos) : -(shent_pos - this->pos);
    memset( named, 0, sizeof(named64_t) );
    named->st_name = OffsetOfSymbol( segv, txt );
    Symbol table '' contains 6 entries:
       Num:    Value          Size Type    Bind   Vis      Ndx Name
         0: 0000000000000000     0 NOTYPE  LOCAL  DEFAULT  UND 
         1: 0000000000000022   256 SECTION LOCAL  DEFAULT  UND 
         2: 0000000000000040     0 NOTYPE  LOCAL  DEFAULT  UND <corrupt>
         3: 0000000000000001 0x200000013 NOTYPE  LOCAL  DEFAULT  UND 
         4: 0000000000000140   104 NOTYPE  LOCAL  DEFAULT  UND <corrupt>
         5: 0000000600000001     0 NOTYPE  LOCAL  DEFAULT  UND <corrupt>
    Last edited by awsdert; 04-10-2019 at 03:48 AM. Reason: Forgot to copy & paste a line

  3. #3
    Registered User awsdert's Avatar
    Join Date
    Jan 2015
    Is or is this not the correct point to be calculating the offset to fill the sh_offset parameter of section headers from? I believe this to be why I'm not getting the expected strings show up in readelf.
    // ->pos is the address given to the elf header parameter e_shoff
    // shead64_t is my typedef for my section header struct (followed defined sizes)
    u16 shent_pos = seg_shead->pos + (sizeof(shead64_t) * (s));
    u16 param_pos = shent_pos + 32;
    Never mind, finally noticed a comment in the documentation I mentioned, tried this:
    shent->sh_offset = this->pos;
    and finally got my expected strings.
    Last edited by awsdert; 04-11-2019 at 03:50 AM.

  4. #4
    Registered User awsdert's Avatar
    Join Date
    Jan 2015
    At last my first correctly formatted executable, albeit non-functional:
    misty alpha
    Creating test.elf
    Writing Elf Header...
    Writing Program Headers...
    Writing Segment Headers...
    Writing Symbol Pool...
    Writing Symbols...
    Writing Coded Area...
    Flushing file...
    Segmentation fault
    readelf -all test.elf
    ELF Header:
      Magic:   7f 45 4c 46 02 01 01 ff 00 00 00 00 00 00 00 00 
      Class:                             ELF64
      Data:                              2's complement, little endian
      Version:                           1 (current)
      OS/ABI:                            <unknown: ff>
      ABI Version:                       0
      Type:                              EXEC (Executable file)
      Machine:                           Advanced Micro Devices X86-64
      Version:                           0x1
      Entry point address:               0x278
      Start of program headers:          64 (bytes into file)
      Start of section headers:          232 (bytes into file)
      Flags:                             0x0
      Size of this header:               64 (bytes)
      Size of program headers:           56 (bytes)
      Number of program headers:         3
      Size of section headers:           64 (bytes)
      Number of section headers:         3
      Section header string table index: 1
    readelf: Warning: Section 2 has an out of range sh_info value of 6
    Section Headers:
      [Nr] Name              Type             Address           Offset
           Size              EntSize          Flags  Link  Info  Align
      [ 0]                   NULL             0000000000000000  00000000
           0000000000000000  0000000000000000           0     0     0
      [ 1] .shstrtab         STRTAB           00000000000001a8  000001a8
           0000000000000040  0000000000000001  AS       0     0     0
      [ 2] .symtab           SYMTAB           00000000000001e8  000001e8
           0000000000000090  0000000000000018 WAI       1     6     0
    Key to Flags:
      W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
      L (link order), O (extra OS processing required), G (group), T (TLS),
      C (compressed), x (unknown), o (OS specific), E (exclude),
      l (large), p (processor specific)
    There are no section groups in this file.
    Program Headers:
      Type           Offset             VirtAddr           PhysAddr
                     FileSiz            MemSiz              Flags  Align
      NULL           0x0000000000000000 0x0000000000000000 0x0000000000000000
                     0x0000000000000000 0x0000000000000000         0x0
      PHDR           0x0000000000000000 0x0000000000000040 0x0000000000000040
                     0x00000000000000a8 0x00000000000000a8  R      0x0
      LOAD           0x0000000000000000 0x0000000000000278 0x0000000000000278
                     0x0000000000000006 0x0000000000000006  RWE    0x0
     Section to Segment mapping:
      Segment Sections...
    There is no dynamic section in this file.
    There are no relocations in this file.
    The decoding of unwind sections for machine type Advanced Micro Devices X86-64 is not currently supported.
    Symbol table '.symtab' contains 6 entries:
       Num:    Value          Size Type    Bind   Vis      Ndx Name
         0: 0000000000000000     0 NOTYPE  LOCAL  DEFAULT  UND 
         1: 00000000000001a8    64 COMMON  WEAK   DEFAULT  COM .shstrtab
         2: 00000000000001e8   144 COMMON  WEAK   DEFAULT  COM .symtab
         3: 0000000000000278     6 FILE    LOCAL  DEFAULT  ABS mitsy.c
         4: 0000000000000278     2 FUNC    GLOBAL DEFAULT  COM _start
         5: 000000000000027a     4 FUNC    GLOBAL DEFAULT  COM main
    No version information found in this file.
    (program exited with code: 0)
    Press return to continue
    Last edited by awsdert; 04-11-2019 at 04:01 AM. Reason: Copied from wrong console instance

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Names
    By BretFlorida in forum C Programming
    Replies: 1
    Last Post: 04-15-2013, 05:16 PM
  2. C++ lexigraphical names?
    By studentCmpsc in forum C++ Programming
    Replies: 3
    Last Post: 12-16-2011, 08:42 AM
  3. Help with Names
    By big146 in forum C++ Programming
    Replies: 13
    Last Post: 06-07-2004, 01:26 PM
  4. Old names?
    By Fordy in forum A Brief History of
    Replies: 80
    Last Post: 10-28-2001, 07:39 PM
  5. former names...
    By doubleanti in forum A Brief History of
    Replies: 2
    Last Post: 08-17-2001, 05:03 AM

Tags for this Thread