对于 ELF 文件的某些部分,例如“.dynstr”,写入部分头表结构中的偏移量是“readelf -a”不报告的。例如,偏移量是“0x0245”,但 readelf 报告“0x0300”作为部分的偏移量。我可以使用 HexEditor 确认“readelf”返回的偏移量是错误的。对于前几节,readelf 报告的相应偏移量是正确的,但在某些点向下,所有偏移量都是错误的。有谁知道为什么报告的偏移量与文件中写入的偏移量不同?或者这是与 readelf 相关的错误?
注意:通过使用“objdump -h”我还可以确认 readelf 报告的偏移量是错误的
注意 2:' readelf ' 返回的一些偏移量甚至大于文件大小。
这是作为输出示例或 readelf:
Section Headers:
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
[ 1] .interp PROGBITS 0000000000400200 00000200
000000000000001c 0000000000000000 A 0 0 1
[ 2] .note.ABI-tag NOTE 000000000040021c 0000021c
0000000000000020 0000000000000000 A 0 0 4
[ 3] .note.gnu.build-i NOTE 000000000040023c 0000023c
0000000000000024 0000000000000000 A 0 0 4
[ 4] .gnu.hash GNU_HASH 0000000000400260 00000260
000000000000001c 0000000000000000 A 5 0 8
[ 5] .dynsym DYNSYM 0000000000400280 00000280
0000000000000120 0000000000000018 A 6 1 8
>> [ 6] .dynstr STRTAB 00000000004003a0 000003a0 <<< 0x3a0 is wrong
0000000000000084 0000000000000000 A 0 0 1
这是“objdump -h”输出:
Sections:
Idx Name Size VMA LMA File off Algn
0 .interp 0000001c 0000000000400200 0000000000400200 00000200 2**0
CONTENTS, ALLOC, LOAD, READONLY, DATA
1 .note.ABI-tag 00000020 000000000040021c 000000000040021c 0000021c 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
2 .note.gnu.build-id 00000024 000000000040023c 000000000040023c 0000023c 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
3 .gnu.hash 0000001c 0000000000400260 0000000000400260 00000260 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
4 .dynsym 00000048 0000000000400280 0000000000400280 00000280 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
5 .dynstr 00000038 00000000004002c8 00000000004002c8 000002c8 2**0
CONTENTS, ALLOC, LOAD, READONLY, DATA
6 .gnu.version 00000006 0000000000400300 0000000000400300 00000300 2**1
CONTENTS, ALLOC, LOAD, READONLY, DATA
7 .gnu.version_r 00000020 0000000000400308 0000000000400308 00000308 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
8 .rela.dyn 00000018 0000000000400328 0000000000400328 00000328 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
9 .rela.plt 00000030 0000000000400340 0000000000400340 00000340 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
10 .init 0000001a 0000000000400370 0000000000400370 00000370 2**2
CONTENTS, ALLOC, LOAD, READONLY, CODE
11 .plt 00000030 0000000000400390 0000000000400390 00000390 2**4
CONTENTS, ALLOC, LOAD, READONLY, CODE
12 .text 00000182 00000000004003c0 00000000004003c0 000003c0 2**4
CONTENTS, ALLOC, LOAD, READONLY, CODE
13 .fini 00000009 0000000000400544 0000000000400544 00000544 2**2
CONTENTS, ALLOC, LOAD, READONLY, CODE
14 .rodata 00000004 0000000000400550 0000000000400550 00000550 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
15 .eh_frame_hdr 00000034 0000000000400554 0000000000400554 00000554 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
16 .eh_frame 000000f4 0000000000400588 0000000000400588 00000588 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
17 .init_array 00000008 0000000000600680 0000000000600680 00000680 2**3
CONTENTS, ALLOC, LOAD, DATA
18 .fini_array 00000008 0000000000600688 0000000000600688 00000688 2**3
CONTENTS, ALLOC, LOAD, DATA
19 .jcr 00000008 0000000000600690 0000000000600690 00000690 2**3
CONTENTS, ALLOC, LOAD, DATA
20 .dynamic 000001d0 0000000000600698 0000000000600698 00000698 2**3
CONTENTS, ALLOC, LOAD, DATA
21 .got 00000008 0000000000600868 0000000000600868 00000868 2**3
CONTENTS, ALLOC, LOAD, DATA
22 .got.plt 00000028 0000000000600870 0000000000600870 00000870 2**3
CONTENTS, ALLOC, LOAD, DATA
23 .data 00000014 0000000000600898 0000000000600898 00000898 2**3
CONTENTS, ALLOC, LOAD, DATA
24 .bss 00000004 00000000006008ac 00000000006008ac 000008ac 2**0
ALLOC
25 .comment 00000039 0000000000000000 0000000000000000 000008ac 2**0
CONTENTS, READONLY