-
I got somewhere! :)
I got a segfault which means I finally managed to execute my byte code ¦), for everyone's reference this is what I used:
Code:
/* Fill remaining init header information */
fill_elf64_header:
init64.e_ident[EI_MAG0] = 0x7F;
init64.e_ident[EI_MAG1] = 'E';
init64.e_ident[EI_MAG2] = 'L';
init64.e_ident[EI_MAG3] = 'F';
init64.e_ident[EI_CLASS] = ELFCLASS64;
init64.e_ident[EI_DATA] = ELFDATA2LSB;
init64.e_ident[EI_VERSION] = EV_CURRENT;
init64.e_ident[EI_OSABI] = ELFOSABI_NONE;
init64.e_ehsize = sizeof(elf64_init_header_t);
init64.e_type = ET_DYN;
init64.e_machine = EM_X86_64;
init64.e_version = EV_CURRENT;
Offsets & counts are unimportant for using this as a reference.
Now for the bit I actually need help with, resolving my segfault, since the original thread I posted the byte code in requires clicking to get too I'll add it to this post:
Code:
unsigned char txt_exit[] = {
0xB8, __NR_exit, 0, 0, 0,
0x0F, 5,
0xC3
};
unsigned char txt_start[] = {
0xBF, 0, 0, 0, 0,
0xE8, 0, 0, 0, 0
};
data_t test_c[] = {
{ 0,"test.c", NULL },
{ sizeof(txt_start), "_start", txt_start },
{ sizeof(txt_exit), "exit", txt_exit },
{0}};
Now for my output from start finish (I added a means of ignoring headers as much as possible so this is the result)
Code:
make check (in directory: /home/zxuiji/Desktop/mitsy)
./mitsy.elf
cd ./gede-2.14.1 && make
make[1]: Entering directory '/home/zxuiji/Desktop/mitsy/gede-2.14.1'
./build.py --verbose
make[2]: Entering directory '/home/zxuiji/Desktop/mitsy/gede-2.14.1/src'
make[2]: Nothing to be done for 'first'.
make[2]: Leaving directory '/home/zxuiji/Desktop/mitsy/gede-2.14.1/src'
Compiling (please wait)
make[1]: Leaving directory '/home/zxuiji/Desktop/mitsy/gede-2.14.1'
readelf -all test.elf
ELF Header:
Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
Class: ELF64
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: DYN (Shared object file)
Machine: Advanced Micro Devices X86-64
Version: 0x1
Entry point address: 0x78
Start of program headers: 64 (bytes into file)
Start of section headers: 0 (bytes into file)
Flags: 0x0
Size of this header: 64 (bytes)
Size of program headers: 56 (bytes)
Number of program headers: 1
Size of section headers: 0 (bytes)
Number of section headers: 0
Section header string table index: 0
There are no sections in this file.
There are no sections to group in this file.
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
NULL 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x000000000000008a 0x000000000000008a R E 0x0
There is no dynamic section in this file.
There are no relocations in this file.
The decoding of unwind sections for machine type Advanced Micro Devices X86-64 is not currently supported.
Dynamic symbol information is not available for displaying symbols.
No version information found in this file.
gdb -ex run --args ./test.elf
GNU gdb (Ubuntu 8.2-0ubuntu1~18.04) 8.2
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./test.elf...(no debugging symbols found)...done.
Starting program: /home/zxuiji/Desktop/mitsy/test.elf
Program received signal SIGSEGV, Segmentation fault.
0x0000000000000078 in ?? ()
(gdb) quit
A debugging session is active.
Inferior 1 [process 3937] will be killed.
Quit anyway? (y or n) [answered Y; input not from terminal]
./test.elf
makefile:46: recipe for target 'check' failed
make: *** [check] Segmentation fault (core dumped)
Compilation failed.
-
Ah, seems mitsy_make() was not deleting the original file as expected, any advice?
Code:
int mitsy_make( int *fd, mode_t mode, char const *path ) {
int f, flags = O_CREAT | O_RDWR;
if ( !fd ) return 1;
*fd = -1;
if ( !mode || !path ) return 1;
if ( access( path, 0 ) )
remove( path );
#ifdef _LARGEFILE64_SOURCE
flags |= O_LARGEFILE;
#endif
f = open64( path, flags, mode );
if ( f < 1 ) return EPERM;
*fd = f;
return 0;
}
Edit: Never mind, just noticed I failed to check the result of access( path, 0 ) was actually 0
-
Curious problem appeared now that the above problem was sorted.
When I compile with the flags for headers set to 0 (ie mitsy generates bare minimum) I get this:
Code:
...
Starting program: /home/zxuiji/Desktop/mitsy/test.elf
[Inferior 1 (process 4230) exited normally]
(gdb) quit
./test.elf
Compilation finished successfully.
But when I try generating the headers:
Code:
...
readelf -all test.elf
ELF Header:
Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
Class: ELF64
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: DYN (Shared object file)
Machine: Advanced Micro Devices X86-64
Version: 0x1
Entry point address: 0x2f4
Start of program headers: 64 (bytes into file)
Start of section headers: 288 (bytes into file)
Flags: 0x0
Size of this header: 64 (bytes)
Size of program headers: 56 (bytes)
Number of program headers: 4
Size of section headers: 64 (bytes)
Number of section headers: 4
Section header string table index: 1
Section Headers:
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
[ 1] .shstrtab STRTAB 0000000000000220 00000220
000000000000002c 0000000000000001 A 0 0 1
[ 2] .symtab SYMTAB 000000000000024c 0000024c
00000000000000a8 0000000000000018 A 1 7 8
[ 3] .text PROGBITS 0000000100000000 000002f4
0000000000000012 0000000000000000 WAX 0 0 18
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
L (link order), O (extra OS processing required), G (group), T (TLS),
C (compressed), x (unknown), o (OS specific), E (exclude),
l (large), p (processor specific)
There are no section groups in this file.
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
NULL 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x0000000000000000 0x0000000000000000 0x0
PHDR 0x0000000000000040 0x0000000000000040 0x0000000000000040
0x00000000000000e0 0x00000000000000e0 R 0x8
LOAD 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x00000000000002f4 0x00000000000002f4 R E 0x1
LOAD 0x00000000000002f4 0x0000000100000000 0x0000000100000000
0x0000000000000012 0x0000000000000012 RWE 0x12
Section to Segment mapping:
Segment Sections...
00
01
02 .shstrtab .symtab
03 .text
There is no dynamic section in this file.
There are no relocations in this file.
The decoding of unwind sections for machine type Advanced Micro Devices X86-64 is not currently supported.
Symbol table '.symtab' contains 7 entries:
Num: Value Size Type Bind Vis Ndx Name
0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND
1: 0000000000000220 0 SECTION GLOBAL DEFAULT 1 .shstrtab
2: 000000000000024c 0 SECTION GLOBAL DEFAULT 2 .symtab
3: 00000000000002f4 0 SECTION GLOBAL DEFAULT 3 .text
4: 00000000000002f4 0 FILE GLOBAL DEFAULT 1 test.c
5: 00000000000002f4 10 FUNC GLOBAL DEFAULT 1 _start
6: 00000000000002fe 8 FUNC GLOBAL DEFAULT 1 exit
No version information found in this file.
gdb -ex run --args ./test.elf
GNU gdb (Ubuntu 8.2-0ubuntu1~18.04) 8.2
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./test.elf...(no debugging symbols found)...done.
Starting program: /home/zxuiji/Desktop/mitsy/test.elf
During startup program terminated with signal SIGSEGV, Segmentation fault.
(gdb) quit
./test.elf
makefile:46: recipe for target 'check' failed
make: *** [check] Segmentation fault
Compilation failed.
Any ideas for why it segfaults WITH headers?
-
It seems the blocker was the attempt to set the expected base address for the execution area upon process creation (i.e. the 0x100000000 part), once I reset that to match the file offsets it executed fine, I expect the next time I return to the forums is when I'm struggling with functions, probably the shared function variety since that's where a lot of test code will begin
