0

I'm actually recoding the nm and objdump program. I've already finished objdump and it works well, so i'm working on nm now. I'm trying to find the Symbol table, in order to do that i run through the Section header table like this :

while (i < elf->e_shnum)
{
    if (shdr[i].sh_type == SHT_SYMTAB)
        printf("Symbol table found\n");
    i++;
}

I never run through this condition, already tried in my objdump program and same problem, can't find SHT_SYMTAB.

This is how i'm getting the Section header table :

Elf64_Shdr    *shdr;
unsigned char *shstrtab;
void          *data;
Elf64_Ehdr    *elf;

//I reduced the code to make it more readable
data = mmap(NULL, filesize(fd), PROT_READ, MAP_SHARED, fd, 0);
elf = ((Elf64_Ehdr *)data);
shdr = ((Elf64_Shdr *)(data + elf->e_shoff));
shstrtab = ((unsigned char *)(data + shdr[elf->e_shstrndx].sh_offset));

I don't know if i'm doing it right (even if my objdump is working perfectly), or if i didn't understand how nm works

Thanks for help :)

drumz
  • 65
  • 7
  • I actually replace the data pointeur by the Ehdr one casted in void *, still not working – drumz Feb 25 '17 at 16:28

1 Answers1

1

I don't know if i'm doing it right

This:

shdr = ((Elf64_Shdr *)(data + elf->e_shoff));

adds .e_shoff to a void* pointer, which invokes undefined behavior.

However, GCC treats arithmetic on void* as if it were a char*, so above code should still produce correct result iff you compiled it with GCC.

Your first step should be to verify that the file you are trying to run your program on actually has SHT_SYMTAB section(s) by running readelf -WS /path/to/file.

Assuming it does, your second step should be to verify (in a debugger, or by printing shdr and data) that the shdr you computed matches Start of section headers printed by readelf -h /path/to/file.

P.S. Note that fully-stripped ELF files do not have a SYMTAB section at all (it's not required for execution).

Community
  • 1
  • 1
Employed Russian
  • 199,314
  • 34
  • 295
  • 362
  • I found the problem, i was exiting my function when my address (gived by data + shdr[i]._sh_offset) was equal to my shstrtab (which isn't the end of the ELF file). But thanks for the tips on void * :) – drumz Feb 26 '17 at 12:11
  • 1
    @Drumz "i was exiting my function" -- and this is why you should always try to provide a complete minimal example (http://stackoverflow.com/help/mcve) -- the problem was not in the code you showed, so nobody could guess where it was. – Employed Russian Feb 26 '17 at 17:21