linux中的readelf命令简介
来源:互联网 发布:苹果手机mac修改器 编辑:程序博客网 时间:2024/05/06 08:19
之前我们玩过file命令, 了解了ELF文件, 其实就是Executable & Linkable Format, 是一种文件格式, 我们常见的目标文件、动态库和可执行文件, 都属于这个类型。 在本文中, 我们仅仅以可执行文件为例来进行介绍readelf命令, 这个命令的作用就是读取ELF文件中信息, 也可以用man命令窥其全貌。 下面, 我们一起来看看:
main.c中的内容为:
#include <stdio.h>int add(int x, int y){return x + y;}int aaa;int bbb = 1;char szTest[] = "good";int main(){int ccc = 2;return 0;} 生成a.out文件, 用readelf文件读取一下, 得到:[taoge@localhost learn_readelf]$ gcc main.c[taoge@localhost learn_readelf]$ strip a.out [taoge@localhost learn_readelf]$ readelf -a a.out ELF Header: Magic: 7f 45 4c 46 01 01 01 03 00 00 00 00 00 00 00 00 Class: ELF32 Data: 2's complement, little endian Version: 1 (current) OS/ABI: UNIX - Linux ABI Version: 0 Type: EXEC (Executable file) Machine: Intel 80386 Version: 0x1 Entry point address: 0x80482e0 Start of program headers: 52 (bytes into file) Start of section headers: 1876 (bytes into file) Flags: 0x0 Size of this header: 52 (bytes) Size of program headers: 32 (bytes) Number of program headers: 8 Size of section headers: 40 (bytes) Number of section headers: 30 Section header string table index: 27Section Headers: [Nr] Name Type Addr Off Size ES Flg Lk Inf Al [ 0] NULL 00000000 000000 000000 00 0 0 0 [ 1] .interp PROGBITS 08048134 000134 000013 00 A 0 0 1 [ 2] .note.ABI-tag NOTE 08048148 000148 000020 00 A 0 0 4 [ 3] .note.gnu.build-i NOTE 08048168 000168 000024 00 A 0 0 4 [ 4] .gnu.hash GNU_HASH 0804818c 00018c 000020 04 A 5 0 4 [ 5] .dynsym DYNSYM 080481ac 0001ac 000040 10 A 6 1 4 [ 6] .dynstr STRTAB 080481ec 0001ec 000045 00 A 0 0 1 [ 7] .gnu.version VERSYM 08048232 000232 000008 02 A 5 0 2 [ 8] .gnu.version_r VERNEED 0804823c 00023c 000020 00 A 6 1 4 [ 9] .rel.dyn REL 0804825c 00025c 000008 08 A 5 0 4 [10] .rel.plt REL 08048264 000264 000010 08 A 5 12 4 [11] .init PROGBITS 08048274 000274 000030 00 AX 0 0 4 [12] .plt PROGBITS 080482a4 0002a4 000030 04 AX 0 0 4 [13] .text PROGBITS 080482e0 0002e0 00017c 00 AX 0 0 16 [14] .fini PROGBITS 0804845c 00045c 00001c 00 AX 0 0 4 [15] .rodata PROGBITS 08048478 000478 00000c 00 A 0 0 4 [16] .eh_frame_hdr PROGBITS 08048484 000484 000024 00 A 0 0 4 [17] .eh_frame PROGBITS 080484a8 0004a8 00007c 00 A 0 0 4 [18] .ctors PROGBITS 08049524 000524 000008 00 WA 0 0 4 [19] .dtors PROGBITS 0804952c 00052c 000008 00 WA 0 0 4 [20] .jcr PROGBITS 08049534 000534 000004 00 WA 0 0 4 [21] .dynamic DYNAMIC 08049538 000538 0000c8 08 WA 6 0 4 [22] .got PROGBITS 08049600 000600 000004 04 WA 0 0 4 [23] .got.plt PROGBITS 08049604 000604 000014 04 WA 0 0 4 [24] .data PROGBITS 08049618 000618 000010 00 WA 0 0 4 [25] .bss NOBITS 08049628 000628 00000c 00 WA 0 0 4 [26] .comment PROGBITS 00000000 000628 00002d 01 MS 0 0 1 [27] .shstrtab STRTAB 00000000 000655 0000fc 00 0 0 1 [28] .symtab SYMTAB 00000000 000c04 000440 10 29 45 4 [29] .strtab STRTAB 00000000 001044 0001fd 00 0 0 1Key to Flags: W (write), A (alloc), X (execute), M (merge), S (strings) I (info), L (link order), G (group), x (unknown) O (extra OS processing required) o (OS specific), p (processor specific)There are no section groups in this file.Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00100 0x00100 R E 0x4 INTERP 0x000134 0x08048134 0x08048134 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x00524 0x00524 R E 0x1000 LOAD 0x000524 0x08049524 0x08049524 0x00104 0x00110 RW 0x1000 DYNAMIC 0x000538 0x08049538 0x08049538 0x000c8 0x000c8 RW 0x4 NOTE 0x000148 0x08048148 0x08048148 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x000484 0x08048484 0x08048484 0x00024 0x00024 R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x4 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame 03 .ctors .dtors .jcr .dynamic .got .got.plt .data .bss 04 .dynamic 05 .note.ABI-tag .note.gnu.build-id 06 .eh_frame_hdr 07 Dynamic section at offset 0x538 contains 20 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x8048274 0x0000000d (FINI) 0x804845c 0x6ffffef5 (GNU_HASH) 0x804818c 0x00000005 (STRTAB) 0x80481ec 0x00000006 (SYMTAB) 0x80481ac 0x0000000a (STRSZ) 69 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x8049604 0x00000002 (PLTRELSZ) 16 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x8048264 0x00000011 (REL) 0x804825c 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x6ffffffe (VERNEED) 0x804823c 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x8048232 0x00000000 (NULL) 0x0Relocation section '.rel.dyn' at offset 0x25c contains 1 entries: Offset Info Type Sym.Value Sym. Name08049600 00000106 R_386_GLOB_DAT 00000000 __gmon_start__Relocation section '.rel.plt' at offset 0x264 contains 2 entries: Offset Info Type Sym.Value Sym. Name08049610 00000107 R_386_JUMP_SLOT 00000000 __gmon_start__08049614 00000207 R_386_JUMP_SLOT 00000000 __libc_start_mainThere are no unwind sections in this file.Symbol table '.dynsym' contains 4 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 2: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (2) 3: 0804847c 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_usedSymbol table '.symtab' contains 68 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 08048134 0 SECTION LOCAL DEFAULT 1 2: 08048148 0 SECTION LOCAL DEFAULT 2 3: 08048168 0 SECTION LOCAL DEFAULT 3 4: 0804818c 0 SECTION LOCAL DEFAULT 4 5: 080481ac 0 SECTION LOCAL DEFAULT 5 6: 080481ec 0 SECTION LOCAL DEFAULT 6 7: 08048232 0 SECTION LOCAL DEFAULT 7 8: 0804823c 0 SECTION LOCAL DEFAULT 8 9: 0804825c 0 SECTION LOCAL DEFAULT 9 10: 08048264 0 SECTION LOCAL DEFAULT 10 11: 08048274 0 SECTION LOCAL DEFAULT 11 12: 080482a4 0 SECTION LOCAL DEFAULT 12 13: 080482e0 0 SECTION LOCAL DEFAULT 13 14: 0804845c 0 SECTION LOCAL DEFAULT 14 15: 08048478 0 SECTION LOCAL DEFAULT 15 16: 08048484 0 SECTION LOCAL DEFAULT 16 17: 080484a8 0 SECTION LOCAL DEFAULT 17 18: 08049524 0 SECTION LOCAL DEFAULT 18 19: 0804952c 0 SECTION LOCAL DEFAULT 19 20: 08049534 0 SECTION LOCAL DEFAULT 20 21: 08049538 0 SECTION LOCAL DEFAULT 21 22: 08049600 0 SECTION LOCAL DEFAULT 22 23: 08049604 0 SECTION LOCAL DEFAULT 23 24: 08049618 0 SECTION LOCAL DEFAULT 24 25: 08049628 0 SECTION LOCAL DEFAULT 25 26: 00000000 0 SECTION LOCAL DEFAULT 26 27: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 28: 08049524 0 OBJECT LOCAL DEFAULT 18 __CTOR_LIST__ 29: 0804952c 0 OBJECT LOCAL DEFAULT 19 __DTOR_LIST__ 30: 08049534 0 OBJECT LOCAL DEFAULT 20 __JCR_LIST__ 31: 08048310 0 FUNC LOCAL DEFAULT 13 __do_global_dtors_aux 32: 08049628 1 OBJECT LOCAL DEFAULT 25 completed.5963 33: 0804962c 4 OBJECT LOCAL DEFAULT 25 dtor_idx.5965 34: 08048370 0 FUNC LOCAL DEFAULT 13 frame_dummy 35: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 36: 08049528 0 OBJECT LOCAL DEFAULT 18 __CTOR_END__ 37: 08048520 0 OBJECT LOCAL DEFAULT 17 __FRAME_END__ 38: 08049534 0 OBJECT LOCAL DEFAULT 20 __JCR_END__ 39: 08048430 0 FUNC LOCAL DEFAULT 13 __do_global_ctors_aux 40: 00000000 0 FILE LOCAL DEFAULT ABS main.c 41: 08049604 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_ 42: 08049524 0 NOTYPE LOCAL DEFAULT 18 __init_array_end 43: 08049524 0 NOTYPE LOCAL DEFAULT 18 __init_array_start 44: 08049538 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC 45: 08049618 0 NOTYPE WEAK DEFAULT 24 data_start 46: 08049630 4 OBJECT GLOBAL DEFAULT 25 aaa 47: 080483c0 5 FUNC GLOBAL DEFAULT 13 __libc_csu_fini 48: 080482e0 0 FUNC GLOBAL DEFAULT 13 _start 49: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 50: 00000000 0 NOTYPE WEAK DEFAULT UND _Jv_RegisterClasses 51: 08048478 4 OBJECT GLOBAL DEFAULT 15 _fp_hw 52: 0804845c 0 FUNC GLOBAL DEFAULT 14 _fini 53: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_ 54: 0804847c 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used 55: 08049618 0 NOTYPE GLOBAL DEFAULT 24 __data_start 56: 08048480 0 OBJECT GLOBAL HIDDEN 15 __dso_handle 57: 08049530 0 OBJECT GLOBAL HIDDEN 19 __DTOR_END__ 58: 080483d0 90 FUNC GLOBAL DEFAULT 13 __libc_csu_init 59: 08049620 5 OBJECT GLOBAL DEFAULT 24 szTest 60: 08048394 14 FUNC GLOBAL DEFAULT 13 add 61: 08049628 0 NOTYPE GLOBAL DEFAULT ABS __bss_start 62: 0804961c 4 OBJECT GLOBAL DEFAULT 24 bbb 63: 08049634 0 NOTYPE GLOBAL DEFAULT ABS _end 64: 08049628 0 NOTYPE GLOBAL DEFAULT ABS _edata 65: 0804842a 0 FUNC GLOBAL HIDDEN 13 __i686.get_pc_thunk.bx 66: 080483a2 20 FUNC GLOBAL DEFAULT 13 main 67: 08048274 0 FUNC GLOBAL DEFAULT 11 _initHistogram for `.gnu.hash' bucket list length (total of 2 buckets): Length Number % of total Coverage 0 1 ( 50.0%) 1 1 ( 50.0%) 100.0%Version symbols section '.gnu.version' contains 4 entries: Addr: 0000000008048232 Offset: 0x000232 Link: 5 (.dynsym) 000: 0 (*local*) 0 (*local*) 2 (GLIBC_2.0) 1 (*global*) Version needs section '.gnu.version_r' contains 1 entries: Addr: 0x000000000804823c Offset: 0x00023c Link: 6 (.dynstr) 000000: Version: 1 File: libc.so.6 Cnt: 1 0x0010: Name: GLIBC_2.0 Flags: none Version: 2Notes at offset 0x00000148 with length 0x00000020: OwnerData sizeDescription GNU0x00000010NT_GNU_ABI_TAG (ABI version tag)Notes at offset 0x00000168 with length 0x00000024: OwnerData sizeDescription GNU0x00000014NT_GNU_BUILD_ID (unique build ID bitstring)[taoge@localhost learn_readelf]$
可以看到文件的一些基本信息。 对了, 我们之前学过strip命令, 对a.out来strip,我们将strip前后用readelf得到的结果分别存于a.txt和b.txt中, 然后用Windows上的BeyondCompare可视化比较工具进行比较, 发现a.txt和b.txt的主要区别是:b.txt比a.txt少了如下内容:
Symbol table '.symtab' contains 68 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 08048134 0 SECTION LOCAL DEFAULT 1 2: 08048148 0 SECTION LOCAL DEFAULT 2 3: 08048168 0 SECTION LOCAL DEFAULT 3 4: 0804818c 0 SECTION LOCAL DEFAULT 4 5: 080481ac 0 SECTION LOCAL DEFAULT 5 6: 080481ec 0 SECTION LOCAL DEFAULT 6 7: 08048232 0 SECTION LOCAL DEFAULT 7 8: 0804823c 0 SECTION LOCAL DEFAULT 8 9: 0804825c 0 SECTION LOCAL DEFAULT 9 10: 08048264 0 SECTION LOCAL DEFAULT 10 11: 08048274 0 SECTION LOCAL DEFAULT 11 12: 080482a4 0 SECTION LOCAL DEFAULT 12 13: 080482e0 0 SECTION LOCAL DEFAULT 13 14: 0804845c 0 SECTION LOCAL DEFAULT 14 15: 08048478 0 SECTION LOCAL DEFAULT 15 16: 08048484 0 SECTION LOCAL DEFAULT 16 17: 080484a8 0 SECTION LOCAL DEFAULT 17 18: 08049524 0 SECTION LOCAL DEFAULT 18 19: 0804952c 0 SECTION LOCAL DEFAULT 19 20: 08049534 0 SECTION LOCAL DEFAULT 20 21: 08049538 0 SECTION LOCAL DEFAULT 21 22: 08049600 0 SECTION LOCAL DEFAULT 22 23: 08049604 0 SECTION LOCAL DEFAULT 23 24: 08049618 0 SECTION LOCAL DEFAULT 24 25: 08049628 0 SECTION LOCAL DEFAULT 25 26: 00000000 0 SECTION LOCAL DEFAULT 26 27: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 28: 08049524 0 OBJECT LOCAL DEFAULT 18 __CTOR_LIST__ 29: 0804952c 0 OBJECT LOCAL DEFAULT 19 __DTOR_LIST__ 30: 08049534 0 OBJECT LOCAL DEFAULT 20 __JCR_LIST__ 31: 08048310 0 FUNC LOCAL DEFAULT 13 __do_global_dtors_aux 32: 08049628 1 OBJECT LOCAL DEFAULT 25 completed.5963 33: 0804962c 4 OBJECT LOCAL DEFAULT 25 dtor_idx.5965 34: 08048370 0 FUNC LOCAL DEFAULT 13 frame_dummy 35: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 36: 08049528 0 OBJECT LOCAL DEFAULT 18 __CTOR_END__ 37: 08048520 0 OBJECT LOCAL DEFAULT 17 __FRAME_END__ 38: 08049534 0 OBJECT LOCAL DEFAULT 20 __JCR_END__ 39: 08048430 0 FUNC LOCAL DEFAULT 13 __do_global_ctors_aux 40: 00000000 0 FILE LOCAL DEFAULT ABS main.c 41: 08049604 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_ 42: 08049524 0 NOTYPE LOCAL DEFAULT 18 __init_array_end 43: 08049524 0 NOTYPE LOCAL DEFAULT 18 __init_array_start 44: 08049538 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC 45: 08049618 0 NOTYPE WEAK DEFAULT 24 data_start 46: 08049630 4 OBJECT GLOBAL DEFAULT 25 aaa 47: 080483c0 5 FUNC GLOBAL DEFAULT 13 __libc_csu_fini 48: 080482e0 0 FUNC GLOBAL DEFAULT 13 _start 49: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 50: 00000000 0 NOTYPE WEAK DEFAULT UND _Jv_RegisterClasses 51: 08048478 4 OBJECT GLOBAL DEFAULT 15 _fp_hw 52: 0804845c 0 FUNC GLOBAL DEFAULT 14 _fini 53: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_ 54: 0804847c 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used 55: 08049618 0 NOTYPE GLOBAL DEFAULT 24 __data_start 56: 08048480 0 OBJECT GLOBAL HIDDEN 15 __dso_handle 57: 08049530 0 OBJECT GLOBAL HIDDEN 19 __DTOR_END__ 58: 080483d0 90 FUNC GLOBAL DEFAULT 13 __libc_csu_init 59: 08049620 5 OBJECT GLOBAL DEFAULT 24 szTest 60: 08048394 14 FUNC GLOBAL DEFAULT 13 add 61: 08049628 0 NOTYPE GLOBAL DEFAULT ABS __bss_start 62: 0804961c 4 OBJECT GLOBAL DEFAULT 24 bbb 63: 08049634 0 NOTYPE GLOBAL DEFAULT ABS _end 64: 08049628 0 NOTYPE GLOBAL DEFAULT ABS _edata 65: 0804842a 0 FUNC GLOBAL HIDDEN 13 __i686.get_pc_thunk.bx 66: 080483a2 20 FUNC GLOBAL DEFAULT 13 main 67: 08048274 0 FUNC GLOBAL DEFAULT 11 _init我们看看, 这里面不就一些符号信息么? 比如add, aaa, bbb, szTest等。 也就是说, strip之后, 这些东西没有了。 恩, 没错, 你应该想起来了, 之前说过, strip之后,nm不到结果(就因为strip过)。 我们再次来验证一下:
[taoge@localhost learn_readelf]$ file a.out a.out: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped[taoge@localhost learn_readelf]$ nm a.out nm: a.out: no symbols[taoge@localhost learn_readelf]$
readelf就是为了读取ELF文件的信息, 具体每个字段的含义, 我就不细说了。
0 0
- linux中的readelf命令简介
- Linux readelf命令
- Shell之readelf命令简介
- linux下readelf程序简介
- Linux命令之readelf详解
- Linux命令学习手册-readelf命令
- Linux命令学习手册-readelf命令
- Linux命令学习手册-readelf命令
- Linux命令学习手册-readelf命令
- Linux命令学习手册-readelf命令
- readelf/arm-linux-readelf
- readelf命令
- readelf命令
- readelf命令
- readelf命令
- readelf命令
- readelf命令
- readelf命令
- 白话空间统计之:空间自相关
- caffe tools command
- TQ2440背光控制
- Java项目初学-----满汉楼111
- 【C++】关于编译器错误:error C2572 重定义默认参数 的说明
- linux中的readelf命令简介
- Tomcat中Servlet与浏览器之间传值乱码解决办法
- 单例模式
- n的全排列
- VIP FAILOVER DEMONSTRATION
- 如何打开.pkl的文件
- ACM/ICPC World Finals 2012 D Fibonacci Words
- 设计模式之单件模式
- uva1218 完美服务器问题
