flat assembler
Message board for the users of flat assembler.
Index
> Linux > What is wrong with this ELF? |
Author |
|
JohnFound 23 Dec 2011, 09:46
Here is a ELF executable that crashes miserably, not on execution, but on loading. The strange thing is that adding some empty space in the code makes it to be loaded properly. Because of this behavior I am unable to create more simple example.
One possible place of the problem is the import segment. It has been created using modified version of the macros library by Tomasz Grysztar, posted here. Unfortunately my knowledge about ELF structure is poor, so please someone to help me to understand what wrong happens. Regards
|
|||||||||||
23 Dec 2011, 09:46 |
|
MinhHung 18 Jan 2012, 05:34
"segment fault"
i think: your program try to access unavailable memory [/code] |
|||
18 Jan 2012, 05:34 |
|
Feryno 18 Jan 2012, 09:03
You didn't attach source file (only binary there).
Is the last section writable? |
|||
18 Jan 2012, 09:03 |
|
JohnFound 18 Jan 2012, 09:44
I didn't attach the source, because it is too big and probably not so important. Anyway, the source main structure is not changed from version to version, but some versions simply can't be loaded by Linux. (and adding some empty extra bytes fixes the problem)
There are 3 sections, defined in this file As a result, the simplified structure looks like: Code: format ELF executable 3 entry start ; code section segment readable executable ; data section segment readable writeable ; imports section segment interpreter readable |
|||
18 Jan 2012, 09:44 |
|
JohnFound 19 Jan 2012, 07:30
Feryno, the last segment is writeable. The order is: "code", "import", "data"
Anyway, making all segments writeable, didn't fix the things. But, when I reordered "import" and "data" segments (code, data, import) - the bug disappeared and the application runs properly. The other way to fix things is to insert somewhere in the code segment "rb 64". Without knowing what caused such behavior, I can't claim bug fixed. IMHO, the segmentation fault is generated by "ld-linux.so.2" linker during the loading of the ELF. ... BTW, I found one revision that shows that bug. Here is the zip and here is the repository check-in page. Sorry, you have to login in order to download the zip, but it is simple - just click on "Fill out captcha" button and then on "Login". You have to compile the file "TestLib.asm" with environment variable TargetOS=Linux, or use Fresh, load TestFreshLib.fpr and set Project|Options|TargetOS=Linux (it was committed with this alias set to Win32) |
|||
19 Jan 2012, 07:30 |
|
cvtss2sd 28 Jan 2012, 06:14
Isn't the interpreter supposed to be first..? I remember the order of certain sections being important, but i don't know why (so maybe spacing them out with some data aligns them in such a way it doesn't matter).
|
|||
28 Jan 2012, 06:14 |
|
JohnFound 28 Jan 2012, 10:56
Well, usually ELF binary runs normally on every section order. Only sometimes, when the code grows, it happen to crash, but after more 20..30 bytes growth it works normally again. I have an impression that LD linker simply crashes on some configurations, or maybe it needs some alignment of the interpreter segment or something.
|
|||
28 Jan 2012, 10:56 |
|
MinhHung 26 Feb 2012, 00:06
hi,
i used Evan's Debugger to debug it and i see it error at: Code: mov dword[ebp-136],0 mov eax,[edi+52]; eax=0 cmp byte[ebp],0 mov eax,[eax+4];<-- wrong here mov dword[ebp-128],eax |
|||
26 Feb 2012, 00:06 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.