flat assembler
Message board for the users of flat assembler.

Index > Linux > What is wrong with this ELF?

Author
Thread Post new topic Reply to topic
JohnFound



Joined: 16 Jun 2003
Posts: 3500
Location: Bulgaria
JohnFound
Here is a ELF executable that crashes miserably, not on execution, but on loading. The strange thing is that adding some empty space in the code makes it to be loaded properly. Because of this behavior I am unable to create more simple example.
One possible place of the problem is the import segment. It has been created using modified version of the macros library by Tomasz Grysztar, posted here.

Unfortunately my knowledge about ELF structure is poor, so please someone to help me to understand what wrong happens.

Regards


Description:
Download
Filename: TestLib.zip
Filesize: 14.19 KB
Downloaded: 214 Time(s)

Post 23 Dec 2011, 09:46
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
MinhHung



Joined: 10 Sep 2010
Posts: 51
Location: Viet Nam
MinhHung
"segment fault"

i think:
your program try to access unavailable memory
[/code]
Post 18 Jan 2012, 05:34
View user's profile Send private message Yahoo Messenger Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 454
Location: Czech republic, Slovak republic
Feryno
You didn't attach source file (only binary there).
Is the last section writable?
Post 18 Jan 2012, 09:03
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3500
Location: Bulgaria
JohnFound
I didn't attach the source, because it is too big and probably not so important. Anyway, the source main structure is not changed from version to version, but some versions simply can't be loaded by Linux. (and adding some empty extra bytes fixes the problem)
There are 3 sections, defined in this file
As a result, the simplified structure looks like:
Code:
format ELF executable 3
entry start

; code section
segment readable executable

; data section
segment readable writeable

; imports section
segment interpreter readable
    
Post 18 Jan 2012, 09:44
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 454
Location: Czech republic, Slovak republic
Feryno
Quote:
Code:
; imports section
segment interpreter readable    

please try to change it to:
Code:
; imports section
segment interpreter readable writeable    


or different approach - rearrange segments so the last one is writeable
or add any writeable segment at the end
Post 19 Jan 2012, 06:45
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3500
Location: Bulgaria
JohnFound
Feryno, the last segment is writeable. The order is: "code", "import", "data"
Anyway, making all segments writeable, didn't fix the things.
But, when I reordered "import" and "data" segments (code, data, import) - the bug disappeared and the application runs properly.
The other way to fix things is to insert somewhere in the code segment "rb 64".
Without knowing what caused such behavior, I can't claim bug fixed. IMHO, the segmentation fault is generated by "ld-linux.so.2" linker during the loading of the ELF.
...
BTW, I found one revision that shows that bug. Here is the zip and here is the repository check-in page.
Sorry, you have to login in order to download the zip, but it is simple - just click on "Fill out captcha" button and then on "Login".
You have to compile the file "TestLib.asm" with environment variable TargetOS=Linux, or use Fresh, load TestFreshLib.fpr and set Project|Options|TargetOS=Linux (it was committed with this alias set to Win32)
Post 19 Jan 2012, 07:30
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
cvtss2sd



Joined: 30 Sep 2010
Posts: 48
cvtss2sd
Isn't the interpreter supposed to be first..? I remember the order of certain sections being important, but i don't know why (so maybe spacing them out with some data aligns them in such a way it doesn't matter).
Post 28 Jan 2012, 06:14
View user's profile Send private message Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3500
Location: Bulgaria
JohnFound
Well, usually ELF binary runs normally on every section order. Only sometimes, when the code grows, it happen to crash, but after more 20..30 bytes growth it works normally again. I have an impression that LD linker simply crashes on some configurations, or maybe it needs some alignment of the interpreter segment or something.
Post 28 Jan 2012, 10:56
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
MinhHung



Joined: 10 Sep 2010
Posts: 51
Location: Viet Nam
MinhHung
hi,
i used Evan's Debugger to debug it
and i see it error at:
Code:
mov dword[ebp-136],0
mov eax,[edi+52]; eax=0
cmp byte[ebp],0
mov eax,[eax+4];<-- wrong here
mov dword[ebp-128],eax
    
Post 26 Feb 2012, 00:06
View user's profile Send private message Yahoo Messenger Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.