ELF Hacks

我喜欢基于代码片段的学习，之前学习过一些binutils和其他处理ELF的工具的奇技淫巧，了解到很多概念，比如weak symbol、common section、RPATH、把资源文件嵌入ELF等，昨天创建了一个项目https://github.com/MaskRay/ElfHacks整理了很多自包含的例子。

# Program Description backtrace gcc backtrace(3) bss-section-in-c-and-c++ gcc/g++ .bss gcc-attribute-alias gcc alias attribute emits an alias for another symbol gcc-nostdlib gcc do not use standard system startup files or libraries gcc-pie gcc produce a position independent executable (IMHO, like PIC+Bsymbolic) gcc-static gcc statically linked executable g++-inline-means-weak-symbol g++ inline functions translated to weak symbols implicit-inline-member-function g++ member functions defined in classes are implicitly inline ld-Bsymbolic ld -Bsymbolic binds references to local symbols ld-dy-dn ld -dn makes ld link against static libraries ld-execstack ld -z execstack and NX bit ld-export-dynamic ld --export-dynamic makes executables export dynamic symbols ld-now ld -z now tells ld.so to resolve symbols immediately ld-rpath ld -rpath sets DT_RUNPATH which adds a directory to runtime library search path ld-whole-archive ld --whole-archive includes every object files (not only those which are required) ld-wrap ld --wrap makes undefined references to SYMBOL be resolved to __wrap_SYMBOL LD_BIND_NOW ld.so resolve all symbols at startup instead of deferring resolution to the first call LD_PROFILE ld.so profile a shared library LD_TRACE_LOADED_OBJECTS ld.so list dynamic library dependencies rather than running as-syscall as make syscalls in x86-64 assembly as-syscall-i386 as make syscalls in i386 assembly shellcode-in-c gcc,objcopy write shellcode in c using gcc & objcopy objcopy-link-blob objcopy link blob into executable libSegFault glibc

每个例子都存放在单独的目录，里面有Makefile。在单独的目录里，执行make show可以看到说明，和所描述特性相关的输出用终端的红色字标出了。有些例子提供了make gdb，是用Expect脚本写的gdb的交互式会话，用来观察所描述的特性如何影响程序的运行时状态。

项目根目录也提供了Makefile，执行make show或make gdb会递归地在各例子目录里执行make。