Manually created ELF executable crashes with SIGSEGV

Question

I need to learn to manually create ELF executables. So far I've been making use of online guides such as:

After several failures I simplified my program to the following (it is supposed to just exit with the return code 0):

0000000: 7f45 4c46 0101 0100 0000 0000 0000 0010  .ELF............
0000010: 0200 0300 0100 0000 8080 0408 3400 0000  ............4...
0000020: 0000 0000 0000 0000 3400 2000 0100 2800  ........4. ...(.
0000030: 0000 0000 0100 0000 5400 0000 8080 0408  ........T.......
0000040: 0000 0000 0c00 0000 0c00 0000 0500 0000  ................
0000050: 0010 0000 b801 0000 00bb 0000 0000 cd80  ................

When I try to execute it, it crashes with SIGSEGV. GDB prints:

During startup program terminated with signal SIGSEGV, Segmentation fault.

What have I done wrong?

Possible duplicate of [How to make an executable ELF file in Linux using a hex editor?](http://stackoverflow.com/questions/26294034/how-to-make-an-executable-elf-file-in-linux-using-a-hex-editor) or else it is a debug this "code" question. — Ciro Santilli OurBigBook.com, Nov 09 '15 at 11:27

Employed Russian · Accepted Answer · 2015-10-20T06:41:36.443

With your binary, I am getting different output from GDB:

(gdb) r
Starting program: /tmp/sample.elf.bad
During startup program terminated with signal SIGKILL, Killed.

Looking at the binary:

readelf -l sample.elf

Elf file type is EXEC (Executable file)
Entry point 0x8048080
There are 1 program headers, starting at offset 52

Program Headers:
  Type           Offset   VirtAddr   PhysAddr   FileSiz MemSiz  Flg Align
  LOAD           0x000054 0x08048080 0x00000000 0x0000c 0x0000c R E 0x1000

Here you are asking the kernel to mmap a segment with file offset 0x54 at virtual address 0x08048080.

Since these two numbers do not equal each other modulo page size, the kernel refuses:

strace ./sample.elf
execve("./sample.elf", ["./sample.elf"], [/* 42 vars */] <unfinished ...>
+++ killed by SIGKILL +++
Killed

Above strace means that the kernel tried to create the process, didn't like what it saw, and terminated it with prejudice. Not a single instruction of your binary was executed.

Fixing the LOAD virtual address and the entry point to be 0x08048054 produces desired working executable:

strace ./sample.elf
execve("./sample.elf", ["./sample.elf"], [/* 42 vars */]) = 0
[ Process PID=23172 runs in 32 bit mode. ]
_exit(0)                                = ?
+++ exited with 0 +++

Here is the hexdump for it:

hd ./sample.elf
00000000  7f 45 4c 46 01 01 01 00  00 00 00 00 00 00 00 10  |.ELF............|
00000010  02 00 03 00 01 00 00 00  54 80 04 08 34 00 00 00  |........T...4...|
00000020  00 00 00 00 00 00 00 00  34 00 20 00 01 00 28 00  |........4. ...(.|
00000030  00 00 00 00 01 00 00 00  54 00 00 00 54 80 04 08  |........T...T...|
00000040  00 00 00 00 0c 00 00 00  0c 00 00 00 05 00 00 00  |................|
00000050  00 10 00 00 b8 01 00 00  00 bb 00 00 00 00 cd 80  |................|
00000060

i am getting this error ./sample.elf: line 1: 7F: command not found 8 times.are there any steps to run manually written elf? — incompetent, Oct 21 '15 at 19:53
@shami This is a hex dump of the ELF file (which is binary). You can't run a hex dump (as you appear to have tried) anymore than you can "run" source code. To turn bytes into binary, you can use `perl` `pack` routine, or write a trivial "compiler". — Employed Russian, Oct 22 '15 at 01:08
thanks for your response. i am following the link from op. according to that, it should run after chmod +x. for clarity, i added elf header, text header, data header and then hello word program hex. — incompetent, Oct 22 '15 at 07:44
@shami I am sorry but I do not understand exactly what you did. Does the aoutput of `hd sample.elf` match my output above? Perhaps ask a separate question? — Employed Russian, Oct 22 '15 at 14:04

Manually created ELF executable crashes with SIGSEGV

1 Answers1