So I have been studying ELF binary and came across this question of whether it is possible to read the ELF data section using an inline assembly (assuming you know where the section is located).
After searching for a bit, I found a few links that asked a similar question, but I am struggling a bit to put them together for my use.
- Retrieving Offsets, Strings and Virtual Address in .rodata and .rodata1
- x86 ASM Linux - Using the .bss Section
- dword ptr usage confusion
The question I have is, let's say I have the content of a section (custom .rodata section I added using objcopy) as the following:
╰─$ objdump -s -j .rodata_custom hello ↵
hello: file format elf64-x86-64
Contents of section .rodata_custom:
4ab3ac 42796520 576f726c 64 Bye World
Using the inline assembly in the C program, I would like to read the content of this section (either ASCII code or string literal, whichever one is possible).
From my understanding of inline assembly, the solution I can think of is using something like the
mov reg, DWORD PTR [address of section]
mov variable, reg
I statically compiled a binary, so I won't have to deal with relocation (although dynamically compiling won't be too much of an issue since this new data section will always be adjacent to the original .rodata section), and from disassembling the binary, I know the address of the section to read is 4ab3ac.
Here is my attempt at solving my problem:
int main() {
char *test;
uintptr_t addr = 0x4ab3ac;
asm volatile (
"mov %%rdx, dword ptr [%0]\n\t"
"mov %%rdx, %[test]\n\t"
: [test]"=a"(test)
: "r"(addr)
:
);
printf("%p\n", test);
return 0;
}
and unfortunately, it results in an error stating that Error: junk `[%rax]' after expression. I feel like I'm close, but missing something or misunderstanding somewhere...
I hope my question and intent make sense. If full code (source code + Makefile) is necessary to understand the question, please let me know.
Kind regards,
