1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
|
#ifndef ELF_H
#define ELF_H
#include "common.h"
/*
* ELF HEADER
*/
typedef struct {
unsigned char e_ident[16]; /* ELF identification */
uint16 e_type; /* 2 (exec file) */
uint16 e_machine; /* 3 (intel architecture) */
uint32 e_version; /* 1 */
uint32 e_entry; /* starting point */
uint32 e_phoff; /* program header table offset */
uint32 e_shoff; /* section header table offset */
uint32 e_flags; /* various flags */
uint16 e_ehsize; /* ELF header (this) size */
uint16 e_phentsize; /* program header table entry size */
uint16 e_phnum; /* number of entries */
uint16 e_shentsize; /* section header table entry size */
uint16 e_shnum; /* number of entries */
uint16 e_shstrndx; /* index of the section name string table */
} Elf32_Ehdr;
/*
* ELF identification
*/
#define EI_MAG0 0
#define EI_MAG1 1
#define EI_MAG2 2
#define EI_MAG3 3
#define EI_CLASS 4
#define EI_DATA 5
#define EI_VERSION 6
#define EI_PAD 7
/* EI_MAG */
#define ELFMAG0 0x7f
#define ELFMAG1 'E'
#define ELFMAG2 'L'
#define ELFMAG3 'F'
/* EI_CLASS */
#define ELFCLASSNONE 0 /* invalid class */
#define ELFCLASS32 1 /* 32-bit objects */
#define ELFCLASS64 2 /* 64-bit objects */
/* EI_DATA */
#define ELFDATANONE 0 /* invalide data encoding */
#define ELFDATA2LSB 1 /* least significant byte first (0x01020304 is 0x04 0x03 0x02 0x01) */
#define ELFDATA2MSB 2 /* most significant byte first (0x01020304 is 0x01 0x02 0x03 0x04) */
/* EI_VERSION */
#define EV_CURRENT 1
#define ELFVERSION EV_CURRENT
/*
* PROGRAM HEADER
*/
typedef struct {
uint32 p_type; /* type of segment */
uint32 p_offset;
uint32 p_vaddr;
uint32 p_paddr;
uint32 p_filesz;
uint32 p_memsz;
uint32 p_flags;
uint32 p_align;
} Elf32_Phdr;
/* p_type */
#define PT_NULL 0
#define PT_LOAD 1
#define PT_DYNAMIC 2
#define PT_INTERP 3
#define PT_NOTE 4
#define PT_SHLIB 5
#define PT_PHDR 6
#define PT_LOPROC 0x70000000
#define PT_HIPROC 0x7fffffff
/* p_flags */
#define PF_X 0x1
#define PF_W 0x2
#define PF_R 0x4
enum eElfSectionTypes {
SHT_NULL, //0
SHT_PROGBITS, //1
SHT_SYMTAB, //2
SHT_STRTAB, //3
SHT_RELA, //4
SHT_HASH, //5
SHT_DYNAMIC, //6
SHT_NOTE, //7
SHT_NOBITS, //8
SHT_REL, //9
SHT_SHLIB, //A
SHT_DYNSYM, //B
SHT_LAST, //C
SHT_LOPROC = 0x70000000,
SHT_HIPROC = 0x7fffffff,
SHT_LOUSER = 0x80000000,
SHT_HIUSER = 0xffffffff
};
typedef struct {
uint32 name;
uint32 type;
uint32 flags;
uint32 address;
uint32 offset;
uint32 size;
uint32 link;
uint32 info;
uint32 addralign;
uint32 entsize;
} Elf32_Scdr;
enum {
R_386_NONE=0, // none
R_386_32, // S+A
R_386_PC32, // S+A-P
R_386_GOT32, // G+A-P
R_386_PLT32, // L+A-P
R_386_COPY, // none
R_386_GLOB_DAT, // S
R_386_JMP_SLOT, // S
R_386_RELATIVE, // B+A
R_386_GOTOFF, // S+A-GOT
R_386_GOTPC, // GOT+A-P
R_386_LAST // none
};
typedef struct {
uint16 d_tag;
uint32 d_val; //Also d_ptr
} Elf32_dyn;
enum {
DT_NULL, //!< Marks End of list
DT_NEEDED, //!< Offset in strtab to needed library
DT_PLTRELSZ, //!< Size in bytes of PLT
DT_PLTGOT, //!< Address of PLT/GOT
DT_HASH, //!< Address of symbol hash table
DT_STRTAB, //!< String Table address
DT_SYMTAB, //!< Symbol Table address
DT_RELA, //!< Relocation table address
DT_RELASZ, //!< Size of relocation table
DT_RELAENT, //!< Size of entry in relocation table
DT_STRSZ, //!< Size of string table
DT_SYMENT, //!< Size of symbol table entry
DT_INIT, //!< Address of initialisation function
DT_FINI, //!< Address of termination function
DT_SONAME, //!< String table offset of so name
DT_RPATH, //!< String table offset of library path
DT_SYMBOLIC,//!< Reverse order of symbol searching for library, search libs first then executable
DT_REL, //!< Relocation Entries (Elf32_Rel instead of Elf32_Rela)
DT_RELSZ, //!< Size of above table (bytes)
DT_RELENT, //!< Size of entry in above table
DT_PLTREL, //!< Relocation entry of PLT
DT_DEBUG, //!< Debugging Entry - Unknown contents
DT_TEXTREL, //!< Indicates that modifcations to a non-writeable segment may occur
DT_JMPREL, //!< Address of PLT only relocation entries
DT_LOPROC = 0x70000000, //!< Low Definable
DT_HIPROC = 0x7FFFFFFF //!< High Definable
};
BOOL isElf(char *elfData);
uint32 loadElf(char *elfData);
#endif // ELF_H
|