├── .gitignore ├── LICENSE.md ├── Makefile ├── README.txt ├── disasm.c ├── elf-parser-main.c ├── elf-parser.c ├── elf-parser.h ├── hola ├── hola ├── hola.S ├── hola.c ├── objdump-text.S └── text.S └── meson.build /.gitignore: -------------------------------------------------------------------------------- 1 | # Compiled Object files 2 | *.slo 3 | *.lo 4 | *.o 5 | 6 | # Compiled Dynamic libraries 7 | *.so 8 | 9 | # Compiled Static libraries 10 | *.lai 11 | *.la 12 | *.a 13 | 14 | # Miscellany 15 | elf-parser 16 | tags 17 | *.swp 18 | *.patch 19 | -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | 2 | # Licensed under the Creative Commons License BY-SA 4.0 3 | 4 | ![CC-BY](https://upload.wikimedia.org/wikipedia/commons/thumb/1/16/CC-BY_icon.svg/320px-CC-BY_icon.svg.png) 5 | 6 | ### Highlights: 7 | 8 | - **No separate conditions/restrictions to (re)distribute source-code.** 9 | 10 | - **If required, code can be re-used/included in GPL source-code.** 11 | 12 | > *When someone creates an adaptation of a BY-SA licensed work and includes it in a GPLv3-licensed project, both licenses apply and downstream users must comply with both licenses. However, Section 2(a)(5)(B) of BY-SA 4.0 allows anyone who receives the adapted material downstream to satisfy the conditions of both BY-SA and GPLv3 (i.e. attribution and ShareAlike) in the manner dictated by the GPLv3.* 13 | 14 | More details on [how one-way compatibility operates](https://wiki.creativecommons.org/wiki/ShareAlike_compatibility:_GPLv3#How_one-compatibility_operates). 15 | 16 | ## You are free to: 17 | 18 | * Share — copy and redistribute the material in any medium or format. 19 | * Adapt — remix, transform, and build upon the material for **any purpose, even commercially**. 20 | 21 | > *The licensor cannot revoke these freedoms as long as you follow the license terms.* 22 | 23 | Under the following terms: 24 | 25 | * **Attribution** — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. 26 | 27 | * **Sample Attribution** : 28 | 29 | > "Contains parts of ELF-parser by TheCodeArtist. Source: https://github.com/TheCodeArtist/elf-parser" 30 | 31 | * **No additional restrictions** — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits. 32 | 33 | 34 | 35 | ## Notices: 36 | 37 | **You do not have to comply with the license for elements of the material in the public domain** or where your use is permitted by an applicable exception or limitation. No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material. 38 | 39 | 40 | For the complete details, refer https://creativecommons.org/licenses/by/4.0/ . 41 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | CC=gcc 2 | CFLAGS= -Wall -g -I. 3 | DEPS = elf-parser.h 4 | OBJ = disasm.o elf-parser.o elf-parser-main.o 5 | 6 | %.o: %.c $(DEPS) 7 | $(CC) -c -o $@ $< $(CFLAGS) 8 | 9 | elfparser: $(OBJ) 10 | gcc -o $@ $^ $(CFLAGS) 11 | 12 | clean: 13 | rm -rf *.o elfparser 14 | 15 | -------------------------------------------------------------------------------- /README.txt: -------------------------------------------------------------------------------- 1 | elf-parser 2 | ========== 3 | 4 | Identifying/Extracting various sections of an ELF file 5 | 6 | ============= 7 | 1. NOTES 8 | ============= 9 | This section contains random thoughts during development. 10 | 11 | 1. Theoretical "hole" exists between elf-header and program-header. 12 | elf-header ends at elf_header.e_ehsize 13 | program-header starts at elf_header.e_phoff 14 | 15 | 2. Dynamic-linked libraries (*.so) == ELF 16 | Static-linked libraries (*.a) == archive (no ELF!) 17 | 18 | 19 | Licensed under the Creative Commons License. Refer LICENSE.md for more details. 20 | -------------------------------------------------------------------------------- /disasm.c: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | 4 | void disassemble(int32_t fd, Elf32_Ehdr eh, Elf32_Shdr* sh_table) 5 | { 6 | int32_t i; 7 | char* sh_str; /* section-header string-table is also a section. */ 8 | char* buf; /* buffer to hold contents of the .text section */ 9 | 10 | /* Read section-header string-table */ 11 | debug("eh.e_shstrndx = 0x%x\n", eh.e_shstrndx); 12 | sh_str = read_section(fd, sh_table[eh.e_shstrndx]); 13 | 14 | for(i=0; i 2 | 3 | /* Main entry point of elf-parser */ 4 | int32_t main(int32_t argc, char *argv[]) 5 | { 6 | 7 | int32_t fd; 8 | Elf32_Ehdr eh; /* elf-header is fixed size */ 9 | 10 | if(argc!=2) { 11 | printf("Usage: elf-parser \n"); 12 | return 0; 13 | } 14 | 15 | fd = open(argv[1], O_RDONLY|O_SYNC); 16 | if(fd<0) { 17 | printf("Error %d Unable to open %s\n", fd, argv[1]); 18 | return 0; 19 | } 20 | 21 | /* ELF header : at start of file */ 22 | read_elf_header(fd, &eh); 23 | if(!is_ELF(eh)) { 24 | return 0; 25 | } 26 | if(is64Bit(eh)){ 27 | Elf64_Ehdr eh64; /* elf-header is fixed size */ 28 | Elf64_Shdr* sh_tbl; /* section-header table is variable size */ 29 | 30 | read_elf_header64(fd, &eh64); 31 | print_elf_header64(eh64); 32 | 33 | /* Section header table : */ 34 | sh_tbl = malloc(eh64.e_shentsize * eh64.e_shnum); 35 | if(!sh_tbl) { 36 | printf("Failed to allocate %d bytes\n", 37 | (eh64.e_shentsize * eh64.e_shnum)); 38 | } 39 | read_section_header_table64(fd, eh64, sh_tbl); 40 | print_section_headers64(fd, eh64, sh_tbl); 41 | 42 | /* Symbol tables : 43 | * sh_tbl[i].sh_type 44 | * |`- SHT_SYMTAB 45 | * `- SHT_DYNSYM 46 | */ 47 | print_symbols64(fd, eh64, sh_tbl); 48 | 49 | /* Save .text section as text.S 50 | */ 51 | save_text_section64(fd, eh64, sh_tbl); 52 | 53 | /* Disassemble .text section 54 | * Logs asm instructions to stdout 55 | * Currently supports ARMv7 56 | */ 57 | disassemble64(fd, eh64, sh_tbl); 58 | 59 | } else{ 60 | Elf32_Shdr* sh_tbl; /* section-header table is variable size */ 61 | print_elf_header(eh); 62 | 63 | /* Section header table : */ 64 | sh_tbl = malloc(eh.e_shentsize * eh.e_shnum); 65 | if(!sh_tbl) { 66 | printf("Failed to allocate %d bytes\n", 67 | (eh.e_shentsize * eh.e_shnum)); 68 | } 69 | read_section_header_table(fd, eh, sh_tbl); 70 | print_section_headers(fd, eh, sh_tbl); 71 | 72 | /* Symbol tables : 73 | * sh_tbl[i].sh_type 74 | * |`- SHT_SYMTAB 75 | * `- SHT_DYNSYM 76 | */ 77 | print_symbols(fd, eh, sh_tbl); 78 | 79 | /* Save .text section as text.S 80 | */ 81 | save_text_section(fd, eh, sh_tbl); 82 | 83 | /* Disassemble .text section 84 | * Logs asm instructions to stdout 85 | * Currently supports ARMv7 86 | */ 87 | disassemble(fd, eh, sh_tbl); 88 | } 89 | 90 | return 0; 91 | 92 | } 93 | 94 | -------------------------------------------------------------------------------- /elf-parser.c: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | void read_elf_header64(int32_t fd, Elf64_Ehdr *elf_header) 4 | { 5 | assert(elf_header != NULL); 6 | assert(lseek(fd, (off_t)0, SEEK_SET) == (off_t)0); 7 | assert(read(fd, (void *)elf_header, sizeof(Elf64_Ehdr)) == sizeof(Elf64_Ehdr)); 8 | } 9 | 10 | 11 | bool is_ELF64(Elf64_Ehdr eh) 12 | { 13 | /* ELF magic bytes are 0x7f,'E','L','F' 14 | * Using octal escape sequence to represent 0x7f 15 | */ 16 | if(!strncmp((char*)eh.e_ident, "\177ELF", 4)) { 17 | printf("ELFMAGIC \t= ELF\n"); 18 | /* IS a ELF file */ 19 | return 1; 20 | } else { 21 | printf("ELFMAGIC mismatch!\n"); 22 | /* Not ELF file */ 23 | return 0; 24 | } 25 | } 26 | 27 | void print_elf_header64(Elf64_Ehdr elf_header) 28 | { 29 | 30 | /* Storage capacity class */ 31 | printf("Storage class\t= "); 32 | switch(elf_header.e_ident[EI_CLASS]) 33 | { 34 | case ELFCLASS32: 35 | printf("32-bit objects\n"); 36 | break; 37 | 38 | case ELFCLASS64: 39 | printf("64-bit objects\n"); 40 | break; 41 | 42 | default: 43 | printf("INVALID CLASS\n"); 44 | break; 45 | } 46 | 47 | /* Data Format */ 48 | printf("Data format\t= "); 49 | switch(elf_header.e_ident[EI_DATA]) 50 | { 51 | case ELFDATA2LSB: 52 | printf("2's complement, little endian\n"); 53 | break; 54 | 55 | case ELFDATA2MSB: 56 | printf("2's complement, big endian\n"); 57 | break; 58 | 59 | default: 60 | printf("INVALID Format\n"); 61 | break; 62 | } 63 | 64 | /* OS ABI */ 65 | printf("OS ABI\t\t= "); 66 | switch(elf_header.e_ident[EI_OSABI]) 67 | { 68 | case ELFOSABI_SYSV: 69 | printf("UNIX System V ABI\n"); 70 | break; 71 | 72 | case ELFOSABI_HPUX: 73 | printf("HP-UX\n"); 74 | break; 75 | 76 | case ELFOSABI_NETBSD: 77 | printf("NetBSD\n"); 78 | break; 79 | 80 | case ELFOSABI_LINUX: 81 | printf("Linux\n"); 82 | break; 83 | 84 | case ELFOSABI_SOLARIS: 85 | printf("Sun Solaris\n"); 86 | break; 87 | 88 | case ELFOSABI_AIX: 89 | printf("IBM AIX\n"); 90 | break; 91 | 92 | case ELFOSABI_IRIX: 93 | printf("SGI Irix\n"); 94 | break; 95 | 96 | case ELFOSABI_FREEBSD: 97 | printf("FreeBSD\n"); 98 | break; 99 | 100 | case ELFOSABI_TRU64: 101 | printf("Compaq TRU64 UNIX\n"); 102 | break; 103 | 104 | case ELFOSABI_MODESTO: 105 | printf("Novell Modesto\n"); 106 | break; 107 | 108 | case ELFOSABI_OPENBSD: 109 | printf("OpenBSD\n"); 110 | break; 111 | 112 | case ELFOSABI_ARM_AEABI: 113 | printf("ARM EABI\n"); 114 | break; 115 | 116 | case ELFOSABI_ARM: 117 | printf("ARM\n"); 118 | break; 119 | 120 | case ELFOSABI_STANDALONE: 121 | printf("Standalone (embedded) app\n"); 122 | break; 123 | 124 | default: 125 | printf("Unknown (0x%x)\n", elf_header.e_ident[EI_OSABI]); 126 | break; 127 | } 128 | 129 | /* ELF filetype */ 130 | printf("Filetype \t= "); 131 | switch(elf_header.e_type) 132 | { 133 | case ET_NONE: 134 | printf("N/A (0x0)\n"); 135 | break; 136 | 137 | case ET_REL: 138 | printf("Relocatable\n"); 139 | break; 140 | 141 | case ET_EXEC: 142 | printf("Executable\n"); 143 | break; 144 | 145 | case ET_DYN: 146 | printf("Shared Object\n"); 147 | break; 148 | default: 149 | printf("Unknown (0x%x)\n", elf_header.e_type); 150 | break; 151 | } 152 | 153 | /* ELF Machine-id */ 154 | printf("Machine\t\t= "); 155 | switch(elf_header.e_machine) 156 | { 157 | case EM_NONE: 158 | printf("None (0x0)\n"); 159 | break; 160 | 161 | case EM_386: 162 | printf("INTEL x86 (0x%x)\n", EM_386); 163 | break; 164 | 165 | case EM_X86_64: 166 | printf("AMD x86_64 (0x%x)\n", EM_X86_64); 167 | break; 168 | 169 | case EM_AARCH64: 170 | printf("AARCH64 (0x%x)\n", EM_AARCH64); 171 | break; 172 | 173 | default: 174 | printf(" 0x%x\n", elf_header.e_machine); 175 | break; 176 | } 177 | 178 | /* Entry point */ 179 | printf("Entry point\t= 0x%08lx\n", elf_header.e_entry); 180 | 181 | /* ELF header size in bytes */ 182 | printf("ELF header size\t= 0x%08x\n", elf_header.e_ehsize); 183 | 184 | /* Program Header */ 185 | printf("\nProgram Header\t= "); 186 | printf("0x%08lx\n", elf_header.e_phoff); /* start */ 187 | printf("\t\t %d entries\n", elf_header.e_phnum); /* num entry */ 188 | printf("\t\t %d bytes\n", elf_header.e_phentsize); /* size/entry */ 189 | 190 | /* Section header starts at */ 191 | printf("\nSection Header\t= "); 192 | printf("0x%08lx\n", elf_header.e_shoff); /* start */ 193 | printf("\t\t %d entries\n", elf_header.e_shnum); /* num entry */ 194 | printf("\t\t %d bytes\n", elf_header.e_shentsize); /* size/entry */ 195 | printf("\t\t 0x%08x (string table offset)\n", elf_header.e_shstrndx); 196 | 197 | /* File flags (Machine specific)*/ 198 | printf("\nFile flags \t= 0x%08x\n", elf_header.e_flags); 199 | 200 | /* ELF file flags are machine specific. 201 | * INTEL implements NO flags. 202 | * ARM implements a few. 203 | * Add support below to parse ELF file flags on ARM 204 | */ 205 | int32_t ef = elf_header.e_flags; 206 | printf("\t\t "); 207 | 208 | if(ef & EF_ARM_RELEXEC) 209 | printf(",RELEXEC "); 210 | 211 | if(ef & EF_ARM_HASENTRY) 212 | printf(",HASENTRY "); 213 | 214 | if(ef & EF_ARM_INTERWORK) 215 | printf(",INTERWORK "); 216 | 217 | if(ef & EF_ARM_APCS_26) 218 | printf(",APCS_26 "); 219 | 220 | if(ef & EF_ARM_APCS_FLOAT) 221 | printf(",APCS_FLOAT "); 222 | 223 | if(ef & EF_ARM_PIC) 224 | printf(",PIC "); 225 | 226 | if(ef & EF_ARM_ALIGN8) 227 | printf(",ALIGN8 "); 228 | 229 | if(ef & EF_ARM_NEW_ABI) 230 | printf(",NEW_ABI "); 231 | 232 | if(ef & EF_ARM_OLD_ABI) 233 | printf(",OLD_ABI "); 234 | 235 | if(ef & EF_ARM_SOFT_FLOAT) 236 | printf(",SOFT_FLOAT "); 237 | 238 | if(ef & EF_ARM_VFP_FLOAT) 239 | printf(",VFP_FLOAT "); 240 | 241 | if(ef & EF_ARM_MAVERICK_FLOAT) 242 | printf(",MAVERICK_FLOAT "); 243 | 244 | printf("\n"); 245 | 246 | /* MSB of flags conatins ARM EABI version */ 247 | printf("ARM EABI\t= Version %d\n", (ef & EF_ARM_EABIMASK)>>24); 248 | 249 | printf("\n"); /* End of ELF header */ 250 | 251 | } 252 | 253 | void read_section_header_table64(int32_t fd, Elf64_Ehdr eh, Elf64_Shdr sh_table[]) 254 | { 255 | uint32_t i; 256 | 257 | assert(lseek(fd, (off_t)eh.e_shoff, SEEK_SET) == (off_t)eh.e_shoff); 258 | 259 | for(i=0; i>24); 645 | 646 | printf("\n"); /* End of ELF header */ 647 | 648 | } 649 | 650 | void read_section_header_table(int32_t fd, Elf32_Ehdr eh, Elf32_Shdr sh_table[]) 651 | { 652 | uint32_t i; 653 | 654 | assert(lseek(fd, (off_t)eh.e_shoff, SEEK_SET) == (off_t)eh.e_shoff); 655 | 656 | for(i=0; i 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | 10 | #include 11 | 12 | #define DEBUG 1 13 | 14 | #define debug(...) \ 15 | do { if (DEBUG) printf(":"__VA_ARGS__); } while (0) 16 | 17 | void disassemble(int32_t fd, Elf32_Ehdr eh, Elf32_Shdr* sh_tbl); 18 | void disassemble64(int32_t fd, Elf64_Ehdr eh, Elf64_Shdr* sh_tbl); 19 | void read_elf_header64(int32_t fd, Elf64_Ehdr *elf_header); 20 | bool is_ELF64(Elf64_Ehdr eh); 21 | void print_elf_header64(Elf64_Ehdr elf_header); 22 | void read_section_header_table64(int32_t fd, Elf64_Ehdr eh, Elf64_Shdr sh_table[]); 23 | char * read_section64(int32_t fd, Elf64_Shdr sh); 24 | void print_section_headers64(int32_t fd, Elf64_Ehdr eh, Elf64_Shdr sh_table[]); 25 | void print_symbol_table64(int32_t fd,Elf64_Ehdr eh,Elf64_Shdr sh_table[],uint32_t symbol_table); 26 | void print_symbols64(int32_t fd, Elf64_Ehdr eh, Elf64_Shdr sh_table[]); 27 | void save_text_section64(int32_t fd, Elf64_Ehdr eh, Elf64_Shdr sh_table[]); 28 | void read_elf_header(int32_t fd, Elf32_Ehdr *elf_header); 29 | bool is_ELF(Elf32_Ehdr eh); 30 | void print_elf_header(Elf32_Ehdr elf_header); 31 | void read_section_header_table(int32_t fd, Elf32_Ehdr eh, Elf32_Shdr sh_table[]); 32 | char * read_section(int32_t fd, Elf32_Shdr sh); 33 | void print_section_headers(int32_t fd, Elf32_Ehdr eh, Elf32_Shdr sh_table[]); 34 | void print_symbol_table(int32_t fd,Elf32_Ehdr eh,Elf32_Shdr sh_table[],uint32_t symbol_table); 35 | void print_symbols(int32_t fd, Elf32_Ehdr eh, Elf32_Shdr sh_table[]); 36 | void save_text_section(int32_t fd, Elf32_Ehdr eh, Elf32_Shdr sh_table[]); 37 | bool is64Bit(Elf32_Ehdr eh); 38 | 39 | -------------------------------------------------------------------------------- /hola/hola: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheCodeArtist/elf-parser/ebd6f1e0dcc1108c9f0b0872c5dc74097898a424/hola/hola -------------------------------------------------------------------------------- /hola/hola.S: -------------------------------------------------------------------------------- 1 | 2 | hola: file format elf32-littlearm 3 | 4 | 5 | Disassembly of section .init: 6 | 7 | 00008330 <_init>: 8 | 8330: e92d4010 push {r4, lr} 9 | 8334: eb00001f bl 83b8 10 | 8338: e8bd8010 pop {r4, pc} 11 | 12 | Disassembly of section .plt: 13 | 14 | 0000833c <.plt>: 15 | 833c: e52de004 push {lr} ; (str lr, [sp, #-4]!) 16 | 8340: e59fe004 ldr lr, [pc, #4] ; 834c <_init+0x1c> 17 | 8344: e08fe00e add lr, pc, lr 18 | 8348: e5bef008 ldr pc, [lr, #8]! 19 | 834c: 000082e8 .word 0x000082e8 20 | 8350: e28fc600 add ip, pc, #0 ; 0x0 21 | 8354: e28cca08 add ip, ip, #32768 ; 0x8000 22 | 8358: e5bcf2e8 ldr pc, [ip, #744]! 23 | 835c: e28fc600 add ip, pc, #0 ; 0x0 24 | 8360: e28cca08 add ip, ip, #32768 ; 0x8000 25 | 8364: e5bcf2e0 ldr pc, [ip, #736]! 26 | 8368: e28fc600 add ip, pc, #0 ; 0x0 27 | 836c: e28cca08 add ip, ip, #32768 ; 0x8000 28 | 8370: e5bcf2d8 ldr pc, [ip, #728]! 29 | 8374: e28fc600 add ip, pc, #0 ; 0x0 30 | 8378: e28cca08 add ip, ip, #32768 ; 0x8000 31 | 837c: e5bcf2d0 ldr pc, [ip, #720]! 32 | 33 | Disassembly of section .text: 34 | 35 | 00008380 <_start>: 36 | 8380: e59fc024 ldr ip, [pc, #36] ; 83ac <_start+0x2c> 37 | 8384: e3a0b000 mov fp, #0 ; 0x0 38 | 8388: e49d1004 pop {r1} ; (ldr r1, [sp], #4) 39 | 838c: e1a0200d mov r2, sp 40 | 8390: e52d2004 push {r2} ; (str r2, [sp, #-4]!) 41 | 8394: e52d0004 push {r0} ; (str r0, [sp, #-4]!) 42 | 8398: e59f0010 ldr r0, [pc, #16] ; 83b0 <_start+0x30> 43 | 839c: e59f3010 ldr r3, [pc, #16] ; 83b4 <_start+0x34> 44 | 83a0: e52dc004 push {ip} ; (str ip, [sp, #-4]!) 45 | 83a4: ebffffec bl 835c <_init+0x2c> 46 | 83a8: ebffffe8 bl 8350 <_init+0x20> 47 | 83ac: 00008450 .word 0x00008450 48 | 83b0: 00008428 .word 0x00008428 49 | 83b4: 00008454 .word 0x00008454 50 | 51 | 000083b8 : 52 | 83b8: e59f3014 ldr r3, [pc, #20] ; 83d4 53 | 83bc: e59f2014 ldr r2, [pc, #20] ; 83d8 54 | 83c0: e08f3003 add r3, pc, r3 55 | 83c4: e7931002 ldr r1, [r3, r2] 56 | 83c8: e3510000 cmp r1, #0 ; 0x0 57 | 83cc: 012fff1e bxeq lr 58 | 83d0: eaffffe4 b 8368 <_init+0x38> 59 | 83d4: 0000826c .word 0x0000826c 60 | 83d8: 0000001c .word 0x0000001c 61 | 62 | 000083dc <__do_global_dtors_aux>: 63 | 83dc: e59f2010 ldr r2, [pc, #16] ; 83f4 <__do_global_dtors_aux+0x18> 64 | 83e0: e5d23000 ldrb r3, [r2] 65 | 83e4: e3530000 cmp r3, #0 ; 0x0 66 | 83e8: 03a03001 moveq r3, #1 ; 0x1 67 | 83ec: 05c23000 strbeq r3, [r2] 68 | 83f0: e12fff1e bx lr 69 | 83f4: 0001065c .word 0x0001065c 70 | 71 | 000083f8 : 72 | 83f8: e59f0020 ldr r0, [pc, #32] ; 8420 73 | 83fc: e92d4010 push {r4, lr} 74 | 8400: e5903000 ldr r3, [r0] 75 | 8404: e3530000 cmp r3, #0 ; 0x0 76 | 8408: 08bd8010 popeq {r4, pc} 77 | 840c: e59f3010 ldr r3, [pc, #16] ; 8424 78 | 8410: e3530000 cmp r3, #0 ; 0x0 79 | 8414: 08bd8010 popeq {r4, pc} 80 | 8418: e12fff33 blx r3 81 | 841c: e8bd8010 pop {r4, pc} 82 | 8420: 00010540 .word 0x00010540 83 | 8424: 00000000 .word 0x00000000 84 | 85 | 00008428
: 86 | 8428: e92d4800 push {fp, lr} 87 | 842c: e28db004 add fp, sp, #4 ; 0x4 88 | 8430: e24ddb01 sub sp, sp, #1024 ; 0x400 89 | 8434: e59f0010 ldr r0, [pc, #16] ; 844c 90 | 8438: ebffffcd bl 8374 <_init+0x44> 91 | 843c: e3a03000 mov r3, #0 ; 0x0 92 | 8440: e1a00003 mov r0, r3 93 | 8444: e24bd004 sub sp, fp, #4 ; 0x4 94 | 8448: e8bd8800 pop {fp, pc} 95 | 844c: 000084cc .word 0x000084cc 96 | 97 | 00008450 <__libc_csu_fini>: 98 | 8450: e12fff1e bx lr 99 | 100 | 00008454 <__libc_csu_init>: 101 | 8454: e92d47f0 push {r4, r5, r6, r7, r8, r9, sl, lr} 102 | 8458: e1a08001 mov r8, r1 103 | 845c: e1a07002 mov r7, r2 104 | 8460: e1a0a000 mov sl, r0 105 | 8464: ebffffb1 bl 8330 <_init> 106 | 8468: e59f1044 ldr r1, [pc, #68] ; 84b4 <__libc_csu_init+0x60> 107 | 846c: e59f3044 ldr r3, [pc, #68] ; 84b8 <__libc_csu_init+0x64> 108 | 8470: e59f2044 ldr r2, [pc, #68] ; 84bc <__libc_csu_init+0x68> 109 | 8474: e0613003 rsb r3, r1, r3 110 | 8478: e08f2002 add r2, pc, r2 111 | 847c: e1b05143 asrs r5, r3, #2 112 | 8480: e0822001 add r2, r2, r1 113 | 8484: 08bd87f0 popeq {r4, r5, r6, r7, r8, r9, sl, pc} 114 | 8488: e1a06002 mov r6, r2 115 | 848c: e3a04000 mov r4, #0 ; 0x0 116 | 8490: e1a0000a mov r0, sl 117 | 8494: e1a01008 mov r1, r8 118 | 8498: e1a02007 mov r2, r7 119 | 849c: e1a0e00f mov lr, pc 120 | 84a0: e796f104 ldr pc, [r6, r4, lsl #2] 121 | 84a4: e2844001 add r4, r4, #1 ; 0x1 122 | 84a8: e1540005 cmp r4, r5 123 | 84ac: 3afffff7 bcc 8490 <__libc_csu_init+0x3c> 124 | 84b0: e8bd87f0 pop {r4, r5, r6, r7, r8, r9, sl, pc} 125 | 84b4: ffffff04 .word 0xffffff04 126 | 84b8: ffffff08 .word 0xffffff08 127 | 84bc: 000081b4 .word 0x000081b4 128 | 129 | Disassembly of section .fini: 130 | 131 | 000084c0 <_fini>: 132 | 84c0: e92d4010 push {r4, lr} 133 | 84c4: e8bd8010 pop {r4, pc} 134 | -------------------------------------------------------------------------------- /hola/hola.c: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | int main() 4 | { 5 | char array1K[1024]; 6 | printf("Hola Mundo!"); 7 | return 0; 8 | } 9 | -------------------------------------------------------------------------------- /hola/objdump-text.S: -------------------------------------------------------------------------------- 1 | 2 | elf-parser: file format elf32-i386 3 | 4 | 5 | Disassembly of section .init: 6 | 7 | 080484a4 <_init>: 8 | 80484a4: 53 push %ebx 9 | 80484a5: 83 ec 08 sub $0x8,%esp 10 | 80484a8: e8 00 00 00 00 call 80484ad <_init+0x9> 11 | 80484ad: 5b pop %ebx 12 | 80484ae: 81 c3 47 3b 00 00 add $0x3b47,%ebx 13 | 80484b4: 8b 83 fc ff ff ff mov -0x4(%ebx),%eax 14 | 80484ba: 85 c0 test %eax,%eax 15 | 80484bc: 74 05 je 80484c3 <_init+0x1f> 16 | 80484be: e8 ad 00 00 00 call 8048570 <__gmon_start__@plt> 17 | 80484c3: e8 c8 01 00 00 call 8048690 18 | 80484c8: e8 e3 16 00 00 call 8049bb0 <__do_global_ctors_aux> 19 | 80484cd: 83 c4 08 add $0x8,%esp 20 | 80484d0: 5b pop %ebx 21 | 80484d1: c3 ret 22 | 23 | Disassembly of section .plt: 24 | 25 | 080484e0 : 26 | 80484e0: ff 35 f8 bf 04 08 pushl 0x804bff8 27 | 80484e6: ff 25 fc bf 04 08 jmp *0x804bffc 28 | 80484ec: 00 00 add %al,(%eax) 29 | ... 30 | 31 | 080484f0 : 32 | 80484f0: ff 25 00 c0 04 08 jmp *0x804c000 33 | 80484f6: 68 00 00 00 00 push $0x0 34 | 80484fb: e9 e0 ff ff ff jmp 80484e0 <_init+0x3c> 35 | 36 | 08048500 : 37 | 8048500: ff 25 04 c0 04 08 jmp *0x804c004 38 | 8048506: 68 08 00 00 00 push $0x8 39 | 804850b: e9 d0 ff ff ff jmp 80484e0 <_init+0x3c> 40 | 41 | 08048510 : 42 | 8048510: ff 25 08 c0 04 08 jmp *0x804c008 43 | 8048516: 68 10 00 00 00 push $0x10 44 | 804851b: e9 c0 ff ff ff jmp 80484e0 <_init+0x3c> 45 | 46 | 08048520 : 47 | 8048520: ff 25 0c c0 04 08 jmp *0x804c00c 48 | 8048526: 68 18 00 00 00 push $0x18 49 | 804852b: e9 b0 ff ff ff jmp 80484e0 <_init+0x3c> 50 | 51 | 08048530 <__stack_chk_fail@plt>: 52 | 8048530: ff 25 10 c0 04 08 jmp *0x804c010 53 | 8048536: 68 20 00 00 00 push $0x20 54 | 804853b: e9 a0 ff ff ff jmp 80484e0 <_init+0x3c> 55 | 56 | 08048540 : 57 | 8048540: ff 25 14 c0 04 08 jmp *0x804c014 58 | 8048546: 68 28 00 00 00 push $0x28 59 | 804854b: e9 90 ff ff ff jmp 80484e0 <_init+0x3c> 60 | 61 | 08048550 : 62 | 8048550: ff 25 18 c0 04 08 jmp *0x804c018 63 | 8048556: 68 30 00 00 00 push $0x30 64 | 804855b: e9 80 ff ff ff jmp 80484e0 <_init+0x3c> 65 | 66 | 08048560 : 67 | 8048560: ff 25 1c c0 04 08 jmp *0x804c01c 68 | 8048566: 68 38 00 00 00 push $0x38 69 | 804856b: e9 70 ff ff ff jmp 80484e0 <_init+0x3c> 70 | 71 | 08048570 <__gmon_start__@plt>: 72 | 8048570: ff 25 20 c0 04 08 jmp *0x804c020 73 | 8048576: 68 40 00 00 00 push $0x40 74 | 804857b: e9 60 ff ff ff jmp 80484e0 <_init+0x3c> 75 | 76 | 08048580 : 77 | 8048580: ff 25 24 c0 04 08 jmp *0x804c024 78 | 8048586: 68 48 00 00 00 push $0x48 79 | 804858b: e9 50 ff ff ff jmp 80484e0 <_init+0x3c> 80 | 81 | 08048590 : 82 | 8048590: ff 25 28 c0 04 08 jmp *0x804c028 83 | 8048596: 68 50 00 00 00 push $0x50 84 | 804859b: e9 40 ff ff ff jmp 80484e0 <_init+0x3c> 85 | 86 | 080485a0 : 87 | 80485a0: ff 25 2c c0 04 08 jmp *0x804c02c 88 | 80485a6: 68 58 00 00 00 push $0x58 89 | 80485ab: e9 30 ff ff ff jmp 80484e0 <_init+0x3c> 90 | 91 | 080485b0 <__libc_start_main@plt>: 92 | 80485b0: ff 25 30 c0 04 08 jmp *0x804c030 93 | 80485b6: 68 60 00 00 00 push $0x60 94 | 80485bb: e9 20 ff ff ff jmp 80484e0 <_init+0x3c> 95 | 96 | 080485c0 : 97 | 80485c0: ff 25 34 c0 04 08 jmp *0x804c034 98 | 80485c6: 68 68 00 00 00 push $0x68 99 | 80485cb: e9 10 ff ff ff jmp 80484e0 <_init+0x3c> 100 | 101 | 080485d0 : 102 | 80485d0: ff 25 38 c0 04 08 jmp *0x804c038 103 | 80485d6: 68 70 00 00 00 push $0x70 104 | 80485db: e9 00 ff ff ff jmp 80484e0 <_init+0x3c> 105 | 106 | 080485e0 : 107 | 80485e0: ff 25 3c c0 04 08 jmp *0x804c03c 108 | 80485e6: 68 78 00 00 00 push $0x78 109 | 80485eb: e9 f0 fe ff ff jmp 80484e0 <_init+0x3c> 110 | 111 | 080485f0 <__assert_fail@plt>: 112 | 80485f0: ff 25 40 c0 04 08 jmp *0x804c040 113 | 80485f6: 68 80 00 00 00 push $0x80 114 | 80485fb: e9 e0 fe ff ff jmp 80484e0 <_init+0x3c> 115 | 116 | Disassembly of section .text: 117 | 118 | 08048600 <_start>: 119 | 8048600: 31 ed xor %ebp,%ebp 120 | 8048602: 5e pop %esi 121 | 8048603: 89 e1 mov %esp,%ecx 122 | 8048605: 83 e4 f0 and $0xfffffff0,%esp 123 | 8048608: 50 push %eax 124 | 8048609: 54 push %esp 125 | 804860a: 52 push %edx 126 | 804860b: 68 a0 9b 04 08 push $0x8049ba0 127 | 8048610: 68 30 9b 04 08 push $0x8049b30 128 | 8048615: 51 push %ecx 129 | 8048616: 56 push %esi 130 | 8048617: 68 08 97 04 08 push $0x8049708 131 | 804861c: e8 8f ff ff ff call 80485b0 <__libc_start_main@plt> 132 | 8048621: f4 hlt 133 | 8048622: 90 nop 134 | 8048623: 90 nop 135 | 8048624: 90 nop 136 | 8048625: 90 nop 137 | 8048626: 90 nop 138 | 8048627: 90 nop 139 | 8048628: 90 nop 140 | 8048629: 90 nop 141 | 804862a: 90 nop 142 | 804862b: 90 nop 143 | 804862c: 90 nop 144 | 804862d: 90 nop 145 | 804862e: 90 nop 146 | 804862f: 90 nop 147 | 148 | 08048630 <__do_global_dtors_aux>: 149 | 8048630: 55 push %ebp 150 | 8048631: 89 e5 mov %esp,%ebp 151 | 8048633: 53 push %ebx 152 | 8048634: 83 ec 04 sub $0x4,%esp 153 | 8048637: 80 3d 4c c0 04 08 00 cmpb $0x0,0x804c04c 154 | 804863e: 75 3f jne 804867f <__do_global_dtors_aux+0x4f> 155 | 8048640: a1 50 c0 04 08 mov 0x804c050,%eax 156 | 8048645: bb 20 bf 04 08 mov $0x804bf20,%ebx 157 | 804864a: 81 eb 1c bf 04 08 sub $0x804bf1c,%ebx 158 | 8048650: c1 fb 02 sar $0x2,%ebx 159 | 8048653: 83 eb 01 sub $0x1,%ebx 160 | 8048656: 39 d8 cmp %ebx,%eax 161 | 8048658: 73 1e jae 8048678 <__do_global_dtors_aux+0x48> 162 | 804865a: 8d b6 00 00 00 00 lea 0x0(%esi),%esi 163 | 8048660: 83 c0 01 add $0x1,%eax 164 | 8048663: a3 50 c0 04 08 mov %eax,0x804c050 165 | 8048668: ff 14 85 1c bf 04 08 call *0x804bf1c(,%eax,4) 166 | 804866f: a1 50 c0 04 08 mov 0x804c050,%eax 167 | 8048674: 39 d8 cmp %ebx,%eax 168 | 8048676: 72 e8 jb 8048660 <__do_global_dtors_aux+0x30> 169 | 8048678: c6 05 4c c0 04 08 01 movb $0x1,0x804c04c 170 | 804867f: 83 c4 04 add $0x4,%esp 171 | 8048682: 5b pop %ebx 172 | 8048683: 5d pop %ebp 173 | 8048684: c3 ret 174 | 8048685: 8d 74 26 00 lea 0x0(%esi,%eiz,1),%esi 175 | 8048689: 8d bc 27 00 00 00 00 lea 0x0(%edi,%eiz,1),%edi 176 | 177 | 08048690 : 178 | 8048690: 55 push %ebp 179 | 8048691: 89 e5 mov %esp,%ebp 180 | 8048693: 83 ec 18 sub $0x18,%esp 181 | 8048696: a1 24 bf 04 08 mov 0x804bf24,%eax 182 | 804869b: 85 c0 test %eax,%eax 183 | 804869d: 74 12 je 80486b1 184 | 804869f: b8 00 00 00 00 mov $0x0,%eax 185 | 80486a4: 85 c0 test %eax,%eax 186 | 80486a6: 74 09 je 80486b1 187 | 80486a8: c7 04 24 24 bf 04 08 movl $0x804bf24,(%esp) 188 | 80486af: ff d0 call *%eax 189 | 80486b1: c9 leave 190 | 80486b2: c3 ret 191 | 80486b3: 90 nop 192 | 193 | 080486b4 : 194 | 195 | #define debug(...) \ 196 | do { if (DEBUG) printf(":"__VA_ARGS__); } while (0) 197 | 198 | void read_elf_header(int32_t fd, Elf32_Ehdr *elf_header) 199 | { 200 | 80486b4: 55 push %ebp 201 | 80486b5: 89 e5 mov %esp,%ebp 202 | 80486b7: 83 ec 18 sub $0x18,%esp 203 | assert(elf_header != NULL); 204 | 80486ba: 83 7d 0c 00 cmpl $0x0,0xc(%ebp) 205 | 80486be: 75 24 jne 80486e4 206 | 80486c0: c7 44 24 0c 64 a3 04 movl $0x804a364,0xc(%esp) 207 | 80486c7: 08 208 | 80486c8: c7 44 24 08 13 00 00 movl $0x13,0x8(%esp) 209 | 80486cf: 00 210 | 80486d0: c7 44 24 04 00 9c 04 movl $0x8049c00,0x4(%esp) 211 | 80486d7: 08 212 | 80486d8: c7 04 24 0d 9c 04 08 movl $0x8049c0d,(%esp) 213 | 80486df: e8 0c ff ff ff call 80485f0 <__assert_fail@plt> 214 | assert(lseek(fd, (off_t)0, SEEK_SET) == (off_t)0); 215 | 80486e4: c7 44 24 08 00 00 00 movl $0x0,0x8(%esp) 216 | 80486eb: 00 217 | 80486ec: c7 44 24 04 00 00 00 movl $0x0,0x4(%esp) 218 | 80486f3: 00 219 | 80486f4: 8b 45 08 mov 0x8(%ebp),%eax 220 | 80486f7: 89 04 24 mov %eax,(%esp) 221 | 80486fa: e8 21 fe ff ff call 8048520 222 | 80486ff: 85 c0 test %eax,%eax 223 | 8048701: 74 24 je 8048727 224 | 8048703: c7 44 24 0c 64 a3 04 movl $0x804a364,0xc(%esp) 225 | 804870a: 08 226 | 804870b: c7 44 24 08 14 00 00 movl $0x14,0x8(%esp) 227 | 8048712: 00 228 | 8048713: c7 44 24 04 00 9c 04 movl $0x8049c00,0x4(%esp) 229 | 804871a: 08 230 | 804871b: c7 04 24 28 9c 04 08 movl $0x8049c28,(%esp) 231 | 8048722: e8 c9 fe ff ff call 80485f0 <__assert_fail@plt> 232 | assert(read(fd, (void *)elf_header, sizeof(Elf32_Ehdr)) == sizeof(Elf32_Ehdr)); 233 | 8048727: c7 44 24 08 34 00 00 movl $0x34,0x8(%esp) 234 | 804872e: 00 235 | 804872f: 8b 45 0c mov 0xc(%ebp),%eax 236 | 8048732: 89 44 24 04 mov %eax,0x4(%esp) 237 | 8048736: 8b 45 08 mov 0x8(%ebp),%eax 238 | 8048739: 89 04 24 mov %eax,(%esp) 239 | 804873c: e8 af fd ff ff call 80484f0 240 | 8048741: 83 f8 34 cmp $0x34,%eax 241 | 8048744: 74 24 je 804876a 242 | 8048746: c7 44 24 0c 64 a3 04 movl $0x804a364,0xc(%esp) 243 | 804874d: 08 244 | 804874e: c7 44 24 08 15 00 00 movl $0x15,0x8(%esp) 245 | 8048755: 00 246 | 8048756: c7 44 24 04 00 9c 04 movl $0x8049c00,0x4(%esp) 247 | 804875d: 08 248 | 804875e: c7 04 24 4c 9c 04 08 movl $0x8049c4c,(%esp) 249 | 8048765: e8 86 fe ff ff call 80485f0 <__assert_fail@plt> 250 | } 251 | 804876a: c9 leave 252 | 804876b: c3 ret 253 | 254 | 0804876c : 255 | 256 | 257 | bool is_ELF(Elf32_Ehdr eh) 258 | { 259 | 804876c: 55 push %ebp 260 | 804876d: 89 e5 mov %esp,%ebp 261 | 804876f: 57 push %edi 262 | 8048770: 56 push %esi 263 | 8048771: 83 ec 10 sub $0x10,%esp 264 | /* ELF magic bytes are 0x7f,'E','L','F' 265 | * Using octal escape sequence to represent 0x7f 266 | */ 267 | if(!strncmp((char*)eh.e_ident, "\177ELF", 4)) { 268 | 8048774: 8d 55 08 lea 0x8(%ebp),%edx 269 | 8048777: b8 93 9c 04 08 mov $0x8049c93,%eax 270 | 804877c: b9 04 00 00 00 mov $0x4,%ecx 271 | 8048781: 89 d6 mov %edx,%esi 272 | 8048783: 89 c7 mov %eax,%edi 273 | 8048785: f3 a6 repz cmpsb %es:(%edi),%ds:(%esi) 274 | 8048787: 0f 97 c2 seta %dl 275 | 804878a: 0f 92 c0 setb %al 276 | 804878d: 89 d1 mov %edx,%ecx 277 | 804878f: 28 c1 sub %al,%cl 278 | 8048791: 89 c8 mov %ecx,%eax 279 | 8048793: 0f be c0 movsbl %al,%eax 280 | 8048796: 85 c0 test %eax,%eax 281 | 8048798: 75 13 jne 80487ad 282 | printf("ELFMAGIC \t= ELF\n"); 283 | 804879a: c7 04 24 98 9c 04 08 movl $0x8049c98,(%esp) 284 | 80487a1: e8 ba fd ff ff call 8048560 285 | /* IS a ELF file */ 286 | return 1; 287 | 80487a6: b8 01 00 00 00 mov $0x1,%eax 288 | 80487ab: eb 11 jmp 80487be 289 | } else { 290 | printf("ELFMAGIC mismatch!\n"); 291 | 80487ad: c7 04 24 a8 9c 04 08 movl $0x8049ca8,(%esp) 292 | 80487b4: e8 a7 fd ff ff call 8048560 293 | /* Not ELF file */ 294 | return 0; 295 | 80487b9: b8 00 00 00 00 mov $0x0,%eax 296 | } 297 | } 298 | 80487be: 83 c4 10 add $0x10,%esp 299 | 80487c1: 5e pop %esi 300 | 80487c2: 5f pop %edi 301 | 80487c3: 5d pop %ebp 302 | 80487c4: c3 ret 303 | 304 | 080487c5 : 305 | 306 | 307 | 308 | void print_elf_header(Elf32_Ehdr elf_header) 309 | { 310 | 80487c5: 55 push %ebp 311 | 80487c6: 89 e5 mov %esp,%ebp 312 | 80487c8: 83 ec 28 sub $0x28,%esp 313 | 314 | /* Storage capacity class */ 315 | printf("Storage class\t= "); 316 | 80487cb: b8 bb 9c 04 08 mov $0x8049cbb,%eax 317 | 80487d0: 89 04 24 mov %eax,(%esp) 318 | 80487d3: e8 28 fd ff ff call 8048500 319 | switch(elf_header.e_ident[EI_CLASS]) 320 | 80487d8: 0f b6 45 0c movzbl 0xc(%ebp),%eax 321 | 80487dc: 0f b6 c0 movzbl %al,%eax 322 | 80487df: 83 f8 01 cmp $0x1,%eax 323 | 80487e2: 74 07 je 80487eb 324 | 80487e4: 83 f8 02 cmp $0x2,%eax 325 | 80487e7: 74 10 je 80487f9 326 | 80487e9: eb 1c jmp 8048807 327 | { 328 | case ELFCLASS32: 329 | printf("32-bit objects\n"); 330 | 80487eb: c7 04 24 cc 9c 04 08 movl $0x8049ccc,(%esp) 331 | 80487f2: e8 69 fd ff ff call 8048560 332 | break; 333 | 80487f7: eb 1b jmp 8048814 334 | 335 | case ELFCLASS64: 336 | printf("64-bit objects\n"); 337 | 80487f9: c7 04 24 db 9c 04 08 movl $0x8049cdb,(%esp) 338 | 8048800: e8 5b fd ff ff call 8048560 339 | break; 340 | 8048805: eb 0d jmp 8048814 341 | 342 | default: 343 | printf("INVALID CLASS\n"); 344 | 8048807: c7 04 24 ea 9c 04 08 movl $0x8049cea,(%esp) 345 | 804880e: e8 4d fd ff ff call 8048560 346 | break; 347 | 8048813: 90 nop 348 | } 349 | 350 | /* Data Format */ 351 | printf("Data format\t= "); 352 | 8048814: b8 f8 9c 04 08 mov $0x8049cf8,%eax 353 | 8048819: 89 04 24 mov %eax,(%esp) 354 | 804881c: e8 df fc ff ff call 8048500 355 | switch(elf_header.e_ident[EI_DATA]) 356 | 8048821: 0f b6 45 0d movzbl 0xd(%ebp),%eax 357 | 8048825: 0f b6 c0 movzbl %al,%eax 358 | 8048828: 83 f8 01 cmp $0x1,%eax 359 | 804882b: 74 07 je 8048834 360 | 804882d: 83 f8 02 cmp $0x2,%eax 361 | 8048830: 74 10 je 8048842 362 | 8048832: eb 1c jmp 8048850 363 | { 364 | case ELFDATA2LSB: 365 | printf("2's complement, little endian\n"); 366 | 8048834: c7 04 24 07 9d 04 08 movl $0x8049d07,(%esp) 367 | 804883b: e8 20 fd ff ff call 8048560 368 | break; 369 | 8048840: eb 1b jmp 804885d 370 | 371 | case ELFDATA2MSB: 372 | printf("2's complement, big endian\n"); 373 | 8048842: c7 04 24 25 9d 04 08 movl $0x8049d25,(%esp) 374 | 8048849: e8 12 fd ff ff call 8048560 375 | break; 376 | 804884e: eb 0d jmp 804885d 377 | 378 | default: 379 | printf("INVALID Format\n"); 380 | 8048850: c7 04 24 40 9d 04 08 movl $0x8049d40,(%esp) 381 | 8048857: e8 04 fd ff ff call 8048560 382 | break; 383 | 804885c: 90 nop 384 | } 385 | 386 | /* OS ABI */ 387 | printf("OS ABI\t\t= "); 388 | 804885d: b8 4f 9d 04 08 mov $0x8049d4f,%eax 389 | 8048862: 89 04 24 mov %eax,(%esp) 390 | 8048865: e8 96 fc ff ff call 8048500 391 | switch(elf_header.e_ident[EI_OSABI]) 392 | 804886a: 0f b6 45 0f movzbl 0xf(%ebp),%eax 393 | 804886e: 0f b6 c0 movzbl %al,%eax 394 | 8048871: 83 f8 08 cmp $0x8,%eax 395 | 8048874: 0f 84 ea 00 00 00 je 8048964 396 | 804887a: 83 f8 08 cmp $0x8,%eax 397 | 804887d: 7f 38 jg 80488b7 398 | 804887f: 83 f8 02 cmp $0x2,%eax 399 | 8048882: 0f 84 98 00 00 00 je 8048920 400 | 8048888: 83 f8 02 cmp $0x2,%eax 401 | 804888b: 7f 0e jg 804889b 402 | 804888d: 85 c0 test %eax,%eax 403 | 804888f: 74 6d je 80488fe 404 | 8048891: 83 f8 01 cmp $0x1,%eax 405 | 8048894: 74 79 je 804890f 406 | 8048896: e9 39 01 00 00 jmp 80489d4 407 | 804889b: 83 f8 06 cmp $0x6,%eax 408 | 804889e: 0f 84 9e 00 00 00 je 8048942 409 | 80488a4: 83 f8 06 cmp $0x6,%eax 410 | 80488a7: 0f 8f a6 00 00 00 jg 8048953 411 | 80488ad: 83 f8 03 cmp $0x3,%eax 412 | 80488b0: 74 7f je 8048931 413 | 80488b2: e9 1d 01 00 00 jmp 80489d4 414 | 80488b7: 83 f8 0c cmp $0xc,%eax 415 | 80488ba: 0f 84 dc 00 00 00 je 804899c 416 | 80488c0: 83 f8 0c cmp $0xc,%eax 417 | 80488c3: 7f 17 jg 80488dc 418 | 80488c5: 83 f8 0a cmp $0xa,%eax 419 | 80488c8: 0f 84 b2 00 00 00 je 8048980 420 | 80488ce: 83 f8 0a cmp $0xa,%eax 421 | 80488d1: 0f 8f b7 00 00 00 jg 804898e 422 | 80488d7: e9 96 00 00 00 jmp 8048972 423 | 80488dc: 83 f8 61 cmp $0x61,%eax 424 | 80488df: 0f 84 d3 00 00 00 je 80489b8 425 | 80488e5: 3d ff 00 00 00 cmp $0xff,%eax 426 | 80488ea: 0f 84 d6 00 00 00 je 80489c6 427 | 80488f0: 83 f8 40 cmp $0x40,%eax 428 | 80488f3: 0f 84 b1 00 00 00 je 80489aa 429 | 80488f9: e9 d6 00 00 00 jmp 80489d4 430 | { 431 | case ELFOSABI_SYSV: 432 | printf("UNIX System V ABI\n"); 433 | 80488fe: c7 04 24 5a 9d 04 08 movl $0x8049d5a,(%esp) 434 | 8048905: e8 56 fc ff ff call 8048560 435 | break; 436 | 804890a: e9 de 00 00 00 jmp 80489ed 437 | 438 | case ELFOSABI_HPUX: 439 | printf("HP-UX\n"); 440 | 804890f: c7 04 24 6c 9d 04 08 movl $0x8049d6c,(%esp) 441 | 8048916: e8 45 fc ff ff call 8048560 442 | break; 443 | 804891b: e9 cd 00 00 00 jmp 80489ed 444 | 445 | case ELFOSABI_NETBSD: 446 | printf("NetBSD\n"); 447 | 8048920: c7 04 24 72 9d 04 08 movl $0x8049d72,(%esp) 448 | 8048927: e8 34 fc ff ff call 8048560 449 | break; 450 | 804892c: e9 bc 00 00 00 jmp 80489ed 451 | 452 | case ELFOSABI_LINUX: 453 | printf("Linux\n"); 454 | 8048931: c7 04 24 79 9d 04 08 movl $0x8049d79,(%esp) 455 | 8048938: e8 23 fc ff ff call 8048560 456 | break; 457 | 804893d: e9 ab 00 00 00 jmp 80489ed 458 | 459 | case ELFOSABI_SOLARIS: 460 | printf("Sun Solaris\n"); 461 | 8048942: c7 04 24 7f 9d 04 08 movl $0x8049d7f,(%esp) 462 | 8048949: e8 12 fc ff ff call 8048560 463 | break; 464 | 804894e: e9 9a 00 00 00 jmp 80489ed 465 | 466 | case ELFOSABI_AIX: 467 | printf("IBM AIX\n"); 468 | 8048953: c7 04 24 8b 9d 04 08 movl $0x8049d8b,(%esp) 469 | 804895a: e8 01 fc ff ff call 8048560 470 | break; 471 | 804895f: e9 89 00 00 00 jmp 80489ed 472 | 473 | case ELFOSABI_IRIX: 474 | printf("SGI Irix\n"); 475 | 8048964: c7 04 24 93 9d 04 08 movl $0x8049d93,(%esp) 476 | 804896b: e8 f0 fb ff ff call 8048560 477 | break; 478 | 8048970: eb 7b jmp 80489ed 479 | 480 | case ELFOSABI_FREEBSD: 481 | printf("FreeBSD\n"); 482 | 8048972: c7 04 24 9c 9d 04 08 movl $0x8049d9c,(%esp) 483 | 8048979: e8 e2 fb ff ff call 8048560 484 | break; 485 | 804897e: eb 6d jmp 80489ed 486 | 487 | case ELFOSABI_TRU64: 488 | printf("Compaq TRU64 UNIX\n"); 489 | 8048980: c7 04 24 a4 9d 04 08 movl $0x8049da4,(%esp) 490 | 8048987: e8 d4 fb ff ff call 8048560 491 | break; 492 | 804898c: eb 5f jmp 80489ed 493 | 494 | case ELFOSABI_MODESTO: 495 | printf("Novell Modesto\n"); 496 | 804898e: c7 04 24 b6 9d 04 08 movl $0x8049db6,(%esp) 497 | 8048995: e8 c6 fb ff ff call 8048560 498 | break; 499 | 804899a: eb 51 jmp 80489ed 500 | 501 | case ELFOSABI_OPENBSD: 502 | printf("OpenBSD\n"); 503 | 804899c: c7 04 24 c5 9d 04 08 movl $0x8049dc5,(%esp) 504 | 80489a3: e8 b8 fb ff ff call 8048560 505 | break; 506 | 80489a8: eb 43 jmp 80489ed 507 | 508 | case ELFOSABI_ARM_AEABI: 509 | printf("ARM EABI\n"); 510 | 80489aa: c7 04 24 cd 9d 04 08 movl $0x8049dcd,(%esp) 511 | 80489b1: e8 aa fb ff ff call 8048560 512 | break; 513 | 80489b6: eb 35 jmp 80489ed 514 | 515 | case ELFOSABI_ARM: 516 | printf("ARM\n"); 517 | 80489b8: c7 04 24 d6 9d 04 08 movl $0x8049dd6,(%esp) 518 | 80489bf: e8 9c fb ff ff call 8048560 519 | break; 520 | 80489c4: eb 27 jmp 80489ed 521 | 522 | case ELFOSABI_STANDALONE: 523 | printf("Standalone (embedded) app\n"); 524 | 80489c6: c7 04 24 da 9d 04 08 movl $0x8049dda,(%esp) 525 | 80489cd: e8 8e fb ff ff call 8048560 526 | break; 527 | 80489d2: eb 19 jmp 80489ed 528 | 529 | default: 530 | printf("Unknown (0x%x)\n", elf_header.e_ident[EI_OSABI]); 531 | 80489d4: 0f b6 45 0f movzbl 0xf(%ebp),%eax 532 | 80489d8: 0f b6 d0 movzbl %al,%edx 533 | 80489db: b8 f4 9d 04 08 mov $0x8049df4,%eax 534 | 80489e0: 89 54 24 04 mov %edx,0x4(%esp) 535 | 80489e4: 89 04 24 mov %eax,(%esp) 536 | 80489e7: e8 14 fb ff ff call 8048500 537 | break; 538 | 80489ec: 90 nop 539 | } 540 | 541 | /* ELF filetype */ 542 | printf("Filetype \t= "); 543 | 80489ed: b8 04 9e 04 08 mov $0x8049e04,%eax 544 | 80489f2: 89 04 24 mov %eax,(%esp) 545 | 80489f5: e8 06 fb ff ff call 8048500 546 | switch(elf_header.e_type) 547 | 80489fa: 0f b7 45 18 movzwl 0x18(%ebp),%eax 548 | 80489fe: 0f b7 c0 movzwl %ax,%eax 549 | 8048a01: 83 f8 01 cmp $0x1,%eax 550 | 8048a04: 74 25 je 8048a2b 551 | 8048a06: 83 f8 01 cmp $0x1,%eax 552 | 8048a09: 7f 06 jg 8048a11 553 | 8048a0b: 85 c0 test %eax,%eax 554 | 8048a0d: 74 0e je 8048a1d 555 | 8048a0f: eb 44 jmp 8048a55 556 | 8048a11: 83 f8 02 cmp $0x2,%eax 557 | 8048a14: 74 23 je 8048a39 558 | 8048a16: 83 f8 03 cmp $0x3,%eax 559 | 8048a19: 74 2c je 8048a47 560 | 8048a1b: eb 38 jmp 8048a55 561 | { 562 | case ET_NONE: 563 | printf("N/A (0x0)\n"); 564 | 8048a1d: c7 04 24 11 9e 04 08 movl $0x8049e11,(%esp) 565 | 8048a24: e8 37 fb ff ff call 8048560 566 | break; 567 | 8048a29: eb 43 jmp 8048a6e 568 | 569 | case ET_REL: 570 | printf("Relocatable\n"); 571 | 8048a2b: c7 04 24 1b 9e 04 08 movl $0x8049e1b,(%esp) 572 | 8048a32: e8 29 fb ff ff call 8048560 573 | break; 574 | 8048a37: eb 35 jmp 8048a6e 575 | 576 | case ET_EXEC: 577 | printf("Executable\n"); 578 | 8048a39: c7 04 24 27 9e 04 08 movl $0x8049e27,(%esp) 579 | 8048a40: e8 1b fb ff ff call 8048560 580 | break; 581 | 8048a45: eb 27 jmp 8048a6e 582 | 583 | case ET_DYN: 584 | printf("Shared Object\n"); 585 | 8048a47: c7 04 24 32 9e 04 08 movl $0x8049e32,(%esp) 586 | 8048a4e: e8 0d fb ff ff call 8048560 587 | break; 588 | 8048a53: eb 19 jmp 8048a6e 589 | default: 590 | printf("Unknown (0x%x)\n", elf_header.e_type); 591 | 8048a55: 0f b7 45 18 movzwl 0x18(%ebp),%eax 592 | 8048a59: 0f b7 d0 movzwl %ax,%edx 593 | 8048a5c: b8 f4 9d 04 08 mov $0x8049df4,%eax 594 | 8048a61: 89 54 24 04 mov %edx,0x4(%esp) 595 | 8048a65: 89 04 24 mov %eax,(%esp) 596 | 8048a68: e8 93 fa ff ff call 8048500 597 | break; 598 | 8048a6d: 90 nop 599 | } 600 | 601 | /* ELF Machine-id */ 602 | printf("Machine\t\t= "); 603 | 8048a6e: b8 40 9e 04 08 mov $0x8049e40,%eax 604 | 8048a73: 89 04 24 mov %eax,(%esp) 605 | 8048a76: e8 85 fa ff ff call 8048500 606 | switch(elf_header.e_machine) 607 | 8048a7b: 0f b7 45 1a movzwl 0x1a(%ebp),%eax 608 | 8048a7f: 0f b7 c0 movzwl %ax,%eax 609 | 8048a82: 83 f8 03 cmp $0x3,%eax 610 | 8048a85: 74 17 je 8048a9e 611 | 8048a87: 83 f8 28 cmp $0x28,%eax 612 | 8048a8a: 74 29 je 8048ab5 613 | 8048a8c: 85 c0 test %eax,%eax 614 | 8048a8e: 75 3c jne 8048acc 615 | { 616 | case EM_NONE: 617 | printf("None (0x0)\n"); 618 | 8048a90: c7 04 24 4c 9e 04 08 movl $0x8049e4c,(%esp) 619 | 8048a97: e8 c4 fa ff ff call 8048560 620 | break; 621 | 8048a9c: eb 47 jmp 8048ae5 622 | 623 | case EM_386: 624 | printf("INTEL x86 (0x%x)\n", EM_386); 625 | 8048a9e: b8 57 9e 04 08 mov $0x8049e57,%eax 626 | 8048aa3: c7 44 24 04 03 00 00 movl $0x3,0x4(%esp) 627 | 8048aaa: 00 628 | 8048aab: 89 04 24 mov %eax,(%esp) 629 | 8048aae: e8 4d fa ff ff call 8048500 630 | break; 631 | 8048ab3: eb 30 jmp 8048ae5 632 | 633 | case EM_ARM: 634 | printf("ARM (0x%x)\n", EM_ARM); 635 | 8048ab5: b8 69 9e 04 08 mov $0x8049e69,%eax 636 | 8048aba: c7 44 24 04 28 00 00 movl $0x28,0x4(%esp) 637 | 8048ac1: 00 638 | 8048ac2: 89 04 24 mov %eax,(%esp) 639 | 8048ac5: e8 36 fa ff ff call 8048500 640 | break; 641 | 8048aca: eb 19 jmp 8048ae5 642 | default: 643 | printf("Machine\t= 0x%x\n", elf_header.e_machine); 644 | 8048acc: 0f b7 45 1a movzwl 0x1a(%ebp),%eax 645 | 8048ad0: 0f b7 d0 movzwl %ax,%edx 646 | 8048ad3: b8 75 9e 04 08 mov $0x8049e75,%eax 647 | 8048ad8: 89 54 24 04 mov %edx,0x4(%esp) 648 | 8048adc: 89 04 24 mov %eax,(%esp) 649 | 8048adf: e8 1c fa ff ff call 8048500 650 | break; 651 | 8048ae4: 90 nop 652 | } 653 | 654 | /* Entry point */ 655 | printf("Entry point\t= 0x%08x\n", elf_header.e_entry); 656 | 8048ae5: 8b 55 20 mov 0x20(%ebp),%edx 657 | 8048ae8: b8 85 9e 04 08 mov $0x8049e85,%eax 658 | 8048aed: 89 54 24 04 mov %edx,0x4(%esp) 659 | 8048af1: 89 04 24 mov %eax,(%esp) 660 | 8048af4: e8 07 fa ff ff call 8048500 661 | 662 | /* ELF header size in bytes */ 663 | printf("ELF header size\t= 0x%08x\n", elf_header.e_ehsize); 664 | 8048af9: 0f b7 45 30 movzwl 0x30(%ebp),%eax 665 | 8048afd: 0f b7 d0 movzwl %ax,%edx 666 | 8048b00: b8 9b 9e 04 08 mov $0x8049e9b,%eax 667 | 8048b05: 89 54 24 04 mov %edx,0x4(%esp) 668 | 8048b09: 89 04 24 mov %eax,(%esp) 669 | 8048b0c: e8 ef f9 ff ff call 8048500 670 | 671 | /* Program Header */ 672 | printf("\nProgram Header\t= "); 673 | 8048b11: b8 b5 9e 04 08 mov $0x8049eb5,%eax 674 | 8048b16: 89 04 24 mov %eax,(%esp) 675 | 8048b19: e8 e2 f9 ff ff call 8048500 676 | printf("0x%08x\n", elf_header.e_phoff); /* start */ 677 | 8048b1e: 8b 55 24 mov 0x24(%ebp),%edx 678 | 8048b21: b8 c8 9e 04 08 mov $0x8049ec8,%eax 679 | 8048b26: 89 54 24 04 mov %edx,0x4(%esp) 680 | 8048b2a: 89 04 24 mov %eax,(%esp) 681 | 8048b2d: e8 ce f9 ff ff call 8048500 682 | printf("\t\t %d entries\n", elf_header.e_phnum); /* num entry */ 683 | 8048b32: 0f b7 45 34 movzwl 0x34(%ebp),%eax 684 | 8048b36: 0f b7 d0 movzwl %ax,%edx 685 | 8048b39: b8 d0 9e 04 08 mov $0x8049ed0,%eax 686 | 8048b3e: 89 54 24 04 mov %edx,0x4(%esp) 687 | 8048b42: 89 04 24 mov %eax,(%esp) 688 | 8048b45: e8 b6 f9 ff ff call 8048500 689 | printf("\t\t %d bytes\n", elf_header.e_phentsize); /* size/entry */ 690 | 8048b4a: 0f b7 45 32 movzwl 0x32(%ebp),%eax 691 | 8048b4e: 0f b7 d0 movzwl %ax,%edx 692 | 8048b51: b8 e0 9e 04 08 mov $0x8049ee0,%eax 693 | 8048b56: 89 54 24 04 mov %edx,0x4(%esp) 694 | 8048b5a: 89 04 24 mov %eax,(%esp) 695 | 8048b5d: e8 9e f9 ff ff call 8048500 696 | 697 | /* Section header starts at */ 698 | printf("\nSection Header\t= "); 699 | 8048b62: b8 ee 9e 04 08 mov $0x8049eee,%eax 700 | 8048b67: 89 04 24 mov %eax,(%esp) 701 | 8048b6a: e8 91 f9 ff ff call 8048500 702 | printf("0x%08x\n", elf_header.e_shoff); /* start */ 703 | 8048b6f: 8b 55 28 mov 0x28(%ebp),%edx 704 | 8048b72: b8 c8 9e 04 08 mov $0x8049ec8,%eax 705 | 8048b77: 89 54 24 04 mov %edx,0x4(%esp) 706 | 8048b7b: 89 04 24 mov %eax,(%esp) 707 | 8048b7e: e8 7d f9 ff ff call 8048500 708 | printf("\t\t %d entries\n", elf_header.e_shnum); /* num entry */ 709 | 8048b83: 0f b7 45 38 movzwl 0x38(%ebp),%eax 710 | 8048b87: 0f b7 d0 movzwl %ax,%edx 711 | 8048b8a: b8 d0 9e 04 08 mov $0x8049ed0,%eax 712 | 8048b8f: 89 54 24 04 mov %edx,0x4(%esp) 713 | 8048b93: 89 04 24 mov %eax,(%esp) 714 | 8048b96: e8 65 f9 ff ff call 8048500 715 | printf("\t\t %d bytes\n", elf_header.e_shentsize); /* size/entry */ 716 | 8048b9b: 0f b7 45 36 movzwl 0x36(%ebp),%eax 717 | 8048b9f: 0f b7 d0 movzwl %ax,%edx 718 | 8048ba2: b8 e0 9e 04 08 mov $0x8049ee0,%eax 719 | 8048ba7: 89 54 24 04 mov %edx,0x4(%esp) 720 | 8048bab: 89 04 24 mov %eax,(%esp) 721 | 8048bae: e8 4d f9 ff ff call 8048500 722 | printf("\t\t 0x%08x (string table offset)\n", elf_header.e_shstrndx); 723 | 8048bb3: 0f b7 45 3a movzwl 0x3a(%ebp),%eax 724 | 8048bb7: 0f b7 d0 movzwl %ax,%edx 725 | 8048bba: b8 04 9f 04 08 mov $0x8049f04,%eax 726 | 8048bbf: 89 54 24 04 mov %edx,0x4(%esp) 727 | 8048bc3: 89 04 24 mov %eax,(%esp) 728 | 8048bc6: e8 35 f9 ff ff call 8048500 729 | 730 | /* File flags (Machine specific)*/ 731 | printf("\nFile flags \t= 0x%08x\n", elf_header.e_flags); 732 | 8048bcb: 8b 55 2c mov 0x2c(%ebp),%edx 733 | 8048bce: b8 26 9f 04 08 mov $0x8049f26,%eax 734 | 8048bd3: 89 54 24 04 mov %edx,0x4(%esp) 735 | 8048bd7: 89 04 24 mov %eax,(%esp) 736 | 8048bda: e8 21 f9 ff ff call 8048500 737 | /* ELF file flags are machine specific. 738 | * INTEL implements NO flags. 739 | * ARM implements a few. 740 | * Add support below to parse ELF file flags on ARM 741 | */ 742 | int32_t ef = elf_header.e_flags; 743 | 8048bdf: 8b 45 2c mov 0x2c(%ebp),%eax 744 | 8048be2: 89 45 f4 mov %eax,-0xc(%ebp) 745 | printf("\t\t "); 746 | 8048be5: b8 3d 9f 04 08 mov $0x8049f3d,%eax 747 | 8048bea: 89 04 24 mov %eax,(%esp) 748 | 8048bed: e8 0e f9 ff ff call 8048500 749 | 750 | if(ef & EF_ARM_RELEXEC) 751 | 8048bf2: 8b 45 f4 mov -0xc(%ebp),%eax 752 | 8048bf5: 83 e0 01 and $0x1,%eax 753 | 8048bf8: 84 c0 test %al,%al 754 | 8048bfa: 74 0d je 8048c09 755 | printf(",RELEXEC "); 756 | 8048bfc: b8 42 9f 04 08 mov $0x8049f42,%eax 757 | 8048c01: 89 04 24 mov %eax,(%esp) 758 | 8048c04: e8 f7 f8 ff ff call 8048500 759 | 760 | if(ef & EF_ARM_HASENTRY) 761 | 8048c09: 8b 45 f4 mov -0xc(%ebp),%eax 762 | 8048c0c: 83 e0 02 and $0x2,%eax 763 | 8048c0f: 85 c0 test %eax,%eax 764 | 8048c11: 74 0d je 8048c20 765 | printf(",HASENTRY "); 766 | 8048c13: b8 4c 9f 04 08 mov $0x8049f4c,%eax 767 | 8048c18: 89 04 24 mov %eax,(%esp) 768 | 8048c1b: e8 e0 f8 ff ff call 8048500 769 | 770 | if(ef & EF_ARM_INTERWORK) 771 | 8048c20: 8b 45 f4 mov -0xc(%ebp),%eax 772 | 8048c23: 83 e0 04 and $0x4,%eax 773 | 8048c26: 85 c0 test %eax,%eax 774 | 8048c28: 74 0d je 8048c37 775 | printf(",INTERWORK "); 776 | 8048c2a: b8 57 9f 04 08 mov $0x8049f57,%eax 777 | 8048c2f: 89 04 24 mov %eax,(%esp) 778 | 8048c32: e8 c9 f8 ff ff call 8048500 779 | 780 | if(ef & EF_ARM_APCS_26) 781 | 8048c37: 8b 45 f4 mov -0xc(%ebp),%eax 782 | 8048c3a: 83 e0 08 and $0x8,%eax 783 | 8048c3d: 85 c0 test %eax,%eax 784 | 8048c3f: 74 0d je 8048c4e 785 | printf(",APCS_26 "); 786 | 8048c41: b8 63 9f 04 08 mov $0x8049f63,%eax 787 | 8048c46: 89 04 24 mov %eax,(%esp) 788 | 8048c49: e8 b2 f8 ff ff call 8048500 789 | 790 | if(ef & EF_ARM_APCS_FLOAT) 791 | 8048c4e: 8b 45 f4 mov -0xc(%ebp),%eax 792 | 8048c51: 83 e0 10 and $0x10,%eax 793 | 8048c54: 85 c0 test %eax,%eax 794 | 8048c56: 74 0d je 8048c65 795 | printf(",APCS_FLOAT "); 796 | 8048c58: b8 6d 9f 04 08 mov $0x8049f6d,%eax 797 | 8048c5d: 89 04 24 mov %eax,(%esp) 798 | 8048c60: e8 9b f8 ff ff call 8048500 799 | 800 | if(ef & EF_ARM_PIC) 801 | 8048c65: 8b 45 f4 mov -0xc(%ebp),%eax 802 | 8048c68: 83 e0 20 and $0x20,%eax 803 | 8048c6b: 85 c0 test %eax,%eax 804 | 8048c6d: 74 0d je 8048c7c 805 | printf(",PIC "); 806 | 8048c6f: b8 7a 9f 04 08 mov $0x8049f7a,%eax 807 | 8048c74: 89 04 24 mov %eax,(%esp) 808 | 8048c77: e8 84 f8 ff ff call 8048500 809 | 810 | if(ef & EF_ARM_ALIGN8) 811 | 8048c7c: 8b 45 f4 mov -0xc(%ebp),%eax 812 | 8048c7f: 83 e0 40 and $0x40,%eax 813 | 8048c82: 85 c0 test %eax,%eax 814 | 8048c84: 74 0d je 8048c93 815 | printf(",ALIGN8 "); 816 | 8048c86: b8 80 9f 04 08 mov $0x8049f80,%eax 817 | 8048c8b: 89 04 24 mov %eax,(%esp) 818 | 8048c8e: e8 6d f8 ff ff call 8048500 819 | 820 | if(ef & EF_ARM_NEW_ABI) 821 | 8048c93: 8b 45 f4 mov -0xc(%ebp),%eax 822 | 8048c96: 25 80 00 00 00 and $0x80,%eax 823 | 8048c9b: 85 c0 test %eax,%eax 824 | 8048c9d: 74 0d je 8048cac 825 | printf(",NEW_ABI "); 826 | 8048c9f: b8 89 9f 04 08 mov $0x8049f89,%eax 827 | 8048ca4: 89 04 24 mov %eax,(%esp) 828 | 8048ca7: e8 54 f8 ff ff call 8048500 829 | 830 | if(ef & EF_ARM_OLD_ABI) 831 | 8048cac: 8b 45 f4 mov -0xc(%ebp),%eax 832 | 8048caf: 25 00 01 00 00 and $0x100,%eax 833 | 8048cb4: 85 c0 test %eax,%eax 834 | 8048cb6: 74 0d je 8048cc5 835 | printf(",OLD_ABI "); 836 | 8048cb8: b8 93 9f 04 08 mov $0x8049f93,%eax 837 | 8048cbd: 89 04 24 mov %eax,(%esp) 838 | 8048cc0: e8 3b f8 ff ff call 8048500 839 | 840 | if(ef & EF_ARM_SOFT_FLOAT) 841 | 8048cc5: 8b 45 f4 mov -0xc(%ebp),%eax 842 | 8048cc8: 25 00 02 00 00 and $0x200,%eax 843 | 8048ccd: 85 c0 test %eax,%eax 844 | 8048ccf: 74 0d je 8048cde 845 | printf(",SOFT_FLOAT "); 846 | 8048cd1: b8 9d 9f 04 08 mov $0x8049f9d,%eax 847 | 8048cd6: 89 04 24 mov %eax,(%esp) 848 | 8048cd9: e8 22 f8 ff ff call 8048500 849 | 850 | if(ef & EF_ARM_VFP_FLOAT) 851 | 8048cde: 8b 45 f4 mov -0xc(%ebp),%eax 852 | 8048ce1: 25 00 04 00 00 and $0x400,%eax 853 | 8048ce6: 85 c0 test %eax,%eax 854 | 8048ce8: 74 0d je 8048cf7 855 | printf(",VFP_FLOAT "); 856 | 8048cea: b8 aa 9f 04 08 mov $0x8049faa,%eax 857 | 8048cef: 89 04 24 mov %eax,(%esp) 858 | 8048cf2: e8 09 f8 ff ff call 8048500 859 | 860 | if(ef & EF_ARM_MAVERICK_FLOAT) 861 | 8048cf7: 8b 45 f4 mov -0xc(%ebp),%eax 862 | 8048cfa: 25 00 08 00 00 and $0x800,%eax 863 | 8048cff: 85 c0 test %eax,%eax 864 | 8048d01: 74 0d je 8048d10 865 | printf(",MAVERICK_FLOAT "); 866 | 8048d03: b8 b6 9f 04 08 mov $0x8049fb6,%eax 867 | 8048d08: 89 04 24 mov %eax,(%esp) 868 | 8048d0b: e8 f0 f7 ff ff call 8048500 869 | 870 | printf("\n"); 871 | 8048d10: c7 04 24 0a 00 00 00 movl $0xa,(%esp) 872 | 8048d17: e8 b4 f8 ff ff call 80485d0 873 | 874 | /* MSB of flags conatins ARM EABI version */ 875 | printf("ARM EABI\t= Version %d\n", (ef & EF_ARM_EABIMASK)>>24); 876 | 8048d1c: 8b 45 f4 mov -0xc(%ebp),%eax 877 | 8048d1f: 89 c2 mov %eax,%edx 878 | 8048d21: c1 ea 18 shr $0x18,%edx 879 | 8048d24: b8 c7 9f 04 08 mov $0x8049fc7,%eax 880 | 8048d29: 89 54 24 04 mov %edx,0x4(%esp) 881 | 8048d2d: 89 04 24 mov %eax,(%esp) 882 | 8048d30: e8 cb f7 ff ff call 8048500 883 | 884 | printf("\n"); /* End of ELF header */ 885 | 8048d35: c7 04 24 0a 00 00 00 movl $0xa,(%esp) 886 | 8048d3c: e8 8f f8 ff ff call 80485d0 887 | 888 | } 889 | 8048d41: c9 leave 890 | 8048d42: c3 ret 891 | 892 | 08048d43 : 893 | 894 | void read_section_header_table(int32_t fd, Elf32_Ehdr eh, Elf32_Shdr sh_table[]) 895 | { 896 | 8048d43: 55 push %ebp 897 | 8048d44: 89 e5 mov %esp,%ebp 898 | 8048d46: 83 ec 28 sub $0x28,%esp 899 | uint32_t i; 900 | 901 | assert(lseek(fd, (off_t)eh.e_shoff, SEEK_SET) == (off_t)eh.e_shoff); 902 | 8048d49: 8b 45 2c mov 0x2c(%ebp),%eax 903 | 8048d4c: c7 44 24 08 00 00 00 movl $0x0,0x8(%esp) 904 | 8048d53: 00 905 | 8048d54: 89 44 24 04 mov %eax,0x4(%esp) 906 | 8048d58: 8b 45 08 mov 0x8(%ebp),%eax 907 | 8048d5b: 89 04 24 mov %eax,(%esp) 908 | 8048d5e: e8 bd f7 ff ff call 8048520 909 | 8048d63: 8b 55 2c mov 0x2c(%ebp),%edx 910 | 8048d66: 39 d0 cmp %edx,%eax 911 | 8048d68: 74 24 je 8048d8e 912 | 8048d6a: c7 44 24 0c 4a a3 04 movl $0x804a34a,0xc(%esp) 913 | 8048d71: 08 914 | 8048d72: c7 44 24 08 0c 01 00 movl $0x10c,0x8(%esp) 915 | 8048d79: 00 916 | 8048d7a: c7 44 24 04 00 9c 04 movl $0x8049c00,0x4(%esp) 917 | 8048d81: 08 918 | 8048d82: c7 04 24 e0 9f 04 08 movl $0x8049fe0,(%esp) 919 | 8048d89: e8 62 f8 ff ff call 80485f0 <__assert_fail@plt> 920 | 921 | for(i=0; i 924 | assert(read(fd, (void *)&sh_table[i], eh.e_shentsize) 925 | 8048d97: 0f b7 45 3a movzwl 0x3a(%ebp),%eax 926 | 8048d9b: 0f b7 c8 movzwl %ax,%ecx 927 | 8048d9e: 8b 55 f4 mov -0xc(%ebp),%edx 928 | 8048da1: 89 d0 mov %edx,%eax 929 | 8048da3: c1 e0 02 shl $0x2,%eax 930 | 8048da6: 01 d0 add %edx,%eax 931 | 8048da8: c1 e0 03 shl $0x3,%eax 932 | 8048dab: 03 45 40 add 0x40(%ebp),%eax 933 | 8048dae: 89 4c 24 08 mov %ecx,0x8(%esp) 934 | 8048db2: 89 44 24 04 mov %eax,0x4(%esp) 935 | 8048db6: 8b 45 08 mov 0x8(%ebp),%eax 936 | 8048db9: 89 04 24 mov %eax,(%esp) 937 | 8048dbc: e8 2f f7 ff ff call 80484f0 938 | 8048dc1: 0f b7 55 3a movzwl 0x3a(%ebp),%edx 939 | 8048dc5: 0f b7 d2 movzwl %dx,%edx 940 | 8048dc8: 39 d0 cmp %edx,%eax 941 | 8048dca: 74 24 je 8048df0 942 | 8048dcc: c7 44 24 0c 4a a3 04 movl $0x804a34a,0xc(%esp) 943 | 8048dd3: 08 944 | 8048dd4: c7 44 24 08 10 01 00 movl $0x110,0x8(%esp) 945 | 8048ddb: 00 946 | 8048ddc: c7 44 24 04 00 9c 04 movl $0x8049c00,0x4(%esp) 947 | 8048de3: 08 948 | 8048de4: c7 04 24 18 a0 04 08 movl $0x804a018,(%esp) 949 | 8048deb: e8 00 f8 ff ff call 80485f0 <__assert_fail@plt> 950 | { 951 | uint32_t i; 952 | 953 | assert(lseek(fd, (off_t)eh.e_shoff, SEEK_SET) == (off_t)eh.e_shoff); 954 | 955 | for(i=0; i 961 | assert(read(fd, (void *)&sh_table[i], eh.e_shentsize) 962 | == eh.e_shentsize); 963 | } 964 | 965 | } 966 | 8048e00: c9 leave 967 | 8048e01: c3 ret 968 | 969 | 08048e02 : 970 | 971 | char * read_section(int32_t fd, Elf32_Shdr sh) 972 | { 973 | 8048e02: 55 push %ebp 974 | 8048e03: 89 e5 mov %esp,%ebp 975 | 8048e05: 83 ec 28 sub $0x28,%esp 976 | char* buff = malloc(sh.sh_size); 977 | 8048e08: 8b 45 20 mov 0x20(%ebp),%eax 978 | 8048e0b: 89 04 24 mov %eax,(%esp) 979 | 8048e0e: e8 3d f7 ff ff call 8048550 980 | 8048e13: 89 45 f4 mov %eax,-0xc(%ebp) 981 | if(!buff) { 982 | 8048e16: 83 7d f4 00 cmpl $0x0,-0xc(%ebp) 983 | 8048e1a: 75 1c jne 8048e38 984 | printf("%s:Failed to allocate %dbytes\n", 985 | 8048e1c: 8b 55 20 mov 0x20(%ebp),%edx 986 | 8048e1f: b8 5c a0 04 08 mov $0x804a05c,%eax 987 | 8048e24: 89 54 24 08 mov %edx,0x8(%esp) 988 | 8048e28: c7 44 24 04 30 a3 04 movl $0x804a330,0x4(%esp) 989 | 8048e2f: 08 990 | 8048e30: 89 04 24 mov %eax,(%esp) 991 | 8048e33: e8 c8 f6 ff ff call 8048500 992 | __func__, sh.sh_size); 993 | } 994 | 995 | assert(buff != NULL); 996 | 8048e38: 83 7d f4 00 cmpl $0x0,-0xc(%ebp) 997 | 8048e3c: 75 24 jne 8048e62 998 | 8048e3e: c7 44 24 0c 3d a3 04 movl $0x804a33d,0xc(%esp) 999 | 8048e45: 08 1000 | 8048e46: c7 44 24 08 1d 01 00 movl $0x11d,0x8(%esp) 1001 | 8048e4d: 00 1002 | 8048e4e: c7 44 24 04 00 9c 04 movl $0x8049c00,0x4(%esp) 1003 | 8048e55: 08 1004 | 8048e56: c7 04 24 7b a0 04 08 movl $0x804a07b,(%esp) 1005 | 8048e5d: e8 8e f7 ff ff call 80485f0 <__assert_fail@plt> 1006 | assert(lseek(fd, (off_t)sh.sh_offset, SEEK_SET) == (off_t)sh.sh_offset); 1007 | 8048e62: 8b 45 1c mov 0x1c(%ebp),%eax 1008 | 8048e65: c7 44 24 08 00 00 00 movl $0x0,0x8(%esp) 1009 | 8048e6c: 00 1010 | 8048e6d: 89 44 24 04 mov %eax,0x4(%esp) 1011 | 8048e71: 8b 45 08 mov 0x8(%ebp),%eax 1012 | 8048e74: 89 04 24 mov %eax,(%esp) 1013 | 8048e77: e8 a4 f6 ff ff call 8048520 1014 | 8048e7c: 8b 55 1c mov 0x1c(%ebp),%edx 1015 | 8048e7f: 39 d0 cmp %edx,%eax 1016 | 8048e81: 74 24 je 8048ea7 1017 | 8048e83: c7 44 24 0c 3d a3 04 movl $0x804a33d,0xc(%esp) 1018 | 8048e8a: 08 1019 | 8048e8b: c7 44 24 08 1e 01 00 movl $0x11e,0x8(%esp) 1020 | 8048e92: 00 1021 | 8048e93: c7 44 24 04 00 9c 04 movl $0x8049c00,0x4(%esp) 1022 | 8048e9a: 08 1023 | 8048e9b: c7 04 24 90 a0 04 08 movl $0x804a090,(%esp) 1024 | 8048ea2: e8 49 f7 ff ff call 80485f0 <__assert_fail@plt> 1025 | assert(read(fd, (void *)buff, sh.sh_size) == sh.sh_size); 1026 | 8048ea7: 8b 45 20 mov 0x20(%ebp),%eax 1027 | 8048eaa: 89 44 24 08 mov %eax,0x8(%esp) 1028 | 8048eae: 8b 45 f4 mov -0xc(%ebp),%eax 1029 | 8048eb1: 89 44 24 04 mov %eax,0x4(%esp) 1030 | 8048eb5: 8b 45 08 mov 0x8(%ebp),%eax 1031 | 8048eb8: 89 04 24 mov %eax,(%esp) 1032 | 8048ebb: e8 30 f6 ff ff call 80484f0 1033 | 8048ec0: 89 c2 mov %eax,%edx 1034 | 8048ec2: 8b 45 20 mov 0x20(%ebp),%eax 1035 | 8048ec5: 39 c2 cmp %eax,%edx 1036 | 8048ec7: 74 24 je 8048eed 1037 | 8048ec9: c7 44 24 0c 3d a3 04 movl $0x804a33d,0xc(%esp) 1038 | 8048ed0: 08 1039 | 8048ed1: c7 44 24 08 1f 01 00 movl $0x11f,0x8(%esp) 1040 | 8048ed8: 00 1041 | 8048ed9: c7 44 24 04 00 9c 04 movl $0x8049c00,0x4(%esp) 1042 | 8048ee0: 08 1043 | 8048ee1: c7 04 24 cc a0 04 08 movl $0x804a0cc,(%esp) 1044 | 8048ee8: e8 03 f7 ff ff call 80485f0 <__assert_fail@plt> 1045 | 1046 | return buff; 1047 | 8048eed: 8b 45 f4 mov -0xc(%ebp),%eax 1048 | } 1049 | 8048ef0: c9 leave 1050 | 8048ef1: c3 ret 1051 | 1052 | 08048ef2 : 1053 | 1054 | void print_section_headers(int32_t fd, Elf32_Ehdr eh, Elf32_Shdr sh_table[]) 1055 | { 1056 | 8048ef2: 55 push %ebp 1057 | 8048ef3: 89 e5 mov %esp,%ebp 1058 | 8048ef5: 83 ec 48 sub $0x48,%esp 1059 | uint32_t i; 1060 | char* sh_str; /* section-header string-table is also a section. */ 1061 | 1062 | /* Read section-header string-table */ 1063 | debug("eh.e_shstrndx = 0x%x\n", eh.e_shstrndx); 1064 | 8048ef8: 0f b7 45 3e movzwl 0x3e(%ebp),%eax 1065 | 8048efc: 0f b7 d0 movzwl %ax,%edx 1066 | 8048eff: b8 fd a0 04 08 mov $0x804a0fd,%eax 1067 | 8048f04: 89 54 24 04 mov %edx,0x4(%esp) 1068 | 8048f08: 89 04 24 mov %eax,(%esp) 1069 | 8048f0b: e8 f0 f5 ff ff call 8048500 1070 | sh_str = read_section(fd, sh_table[eh.e_shstrndx]); 1071 | 8048f10: 0f b7 45 3e movzwl 0x3e(%ebp),%eax 1072 | 8048f14: 0f b7 d0 movzwl %ax,%edx 1073 | 8048f17: 89 d0 mov %edx,%eax 1074 | 8048f19: c1 e0 02 shl $0x2,%eax 1075 | 8048f1c: 01 d0 add %edx,%eax 1076 | 8048f1e: c1 e0 03 shl $0x3,%eax 1077 | 8048f21: 03 45 40 add 0x40(%ebp),%eax 1078 | 8048f24: 8b 10 mov (%eax),%edx 1079 | 8048f26: 89 54 24 04 mov %edx,0x4(%esp) 1080 | 8048f2a: 8b 50 04 mov 0x4(%eax),%edx 1081 | 8048f2d: 89 54 24 08 mov %edx,0x8(%esp) 1082 | 8048f31: 8b 50 08 mov 0x8(%eax),%edx 1083 | 8048f34: 89 54 24 0c mov %edx,0xc(%esp) 1084 | 8048f38: 8b 50 0c mov 0xc(%eax),%edx 1085 | 8048f3b: 89 54 24 10 mov %edx,0x10(%esp) 1086 | 8048f3f: 8b 50 10 mov 0x10(%eax),%edx 1087 | 8048f42: 89 54 24 14 mov %edx,0x14(%esp) 1088 | 8048f46: 8b 50 14 mov 0x14(%eax),%edx 1089 | 8048f49: 89 54 24 18 mov %edx,0x18(%esp) 1090 | 8048f4d: 8b 50 18 mov 0x18(%eax),%edx 1091 | 8048f50: 89 54 24 1c mov %edx,0x1c(%esp) 1092 | 8048f54: 8b 50 1c mov 0x1c(%eax),%edx 1093 | 8048f57: 89 54 24 20 mov %edx,0x20(%esp) 1094 | 8048f5b: 8b 50 20 mov 0x20(%eax),%edx 1095 | 8048f5e: 89 54 24 24 mov %edx,0x24(%esp) 1096 | 8048f62: 8b 40 24 mov 0x24(%eax),%eax 1097 | 8048f65: 89 44 24 28 mov %eax,0x28(%esp) 1098 | 8048f69: 8b 45 08 mov 0x8(%ebp),%eax 1099 | 8048f6c: 89 04 24 mov %eax,(%esp) 1100 | 8048f6f: e8 8e fe ff ff call 8048e02 1101 | 8048f74: 89 45 f4 mov %eax,-0xc(%ebp) 1102 | 1103 | printf("========================================"); 1104 | 8048f77: b8 1c a1 04 08 mov $0x804a11c,%eax 1105 | 8048f7c: 89 04 24 mov %eax,(%esp) 1106 | 8048f7f: e8 7c f5 ff ff call 8048500 1107 | printf("========================================\n"); 1108 | 8048f84: c7 04 24 1c a1 04 08 movl $0x804a11c,(%esp) 1109 | 8048f8b: e8 d0 f5 ff ff call 8048560 1110 | printf(" idx offset load-addr size algn" 1111 | 8048f90: c7 04 24 48 a1 04 08 movl $0x804a148,(%esp) 1112 | 8048f97: e8 c4 f5 ff ff call 8048560 1113 | " flags type section\n"); 1114 | printf("========================================"); 1115 | 8048f9c: b8 1c a1 04 08 mov $0x804a11c,%eax 1116 | 8048fa1: 89 04 24 mov %eax,(%esp) 1117 | 8048fa4: e8 57 f5 ff ff call 8048500 1118 | printf("========================================\n"); 1119 | 8048fa9: c7 04 24 1c a1 04 08 movl $0x804a11c,(%esp) 1120 | 8048fb0: e8 ab f5 ff ff call 8048560 1121 | 1122 | for(i=0; i 1125 | printf(" %03d ", i); 1126 | 8048fc1: b8 91 a1 04 08 mov $0x804a191,%eax 1127 | 8048fc6: 8b 55 f0 mov -0x10(%ebp),%edx 1128 | 8048fc9: 89 54 24 04 mov %edx,0x4(%esp) 1129 | 8048fcd: 89 04 24 mov %eax,(%esp) 1130 | 8048fd0: e8 2b f5 ff ff call 8048500 1131 | printf("0x%08x ", sh_table[i].sh_offset); 1132 | 8048fd5: 8b 55 f0 mov -0x10(%ebp),%edx 1133 | 8048fd8: 89 d0 mov %edx,%eax 1134 | 8048fda: c1 e0 02 shl $0x2,%eax 1135 | 8048fdd: 01 d0 add %edx,%eax 1136 | 8048fdf: c1 e0 03 shl $0x3,%eax 1137 | 8048fe2: 03 45 40 add 0x40(%ebp),%eax 1138 | 8048fe5: 8b 50 10 mov 0x10(%eax),%edx 1139 | 8048fe8: b8 98 a1 04 08 mov $0x804a198,%eax 1140 | 8048fed: 89 54 24 04 mov %edx,0x4(%esp) 1141 | 8048ff1: 89 04 24 mov %eax,(%esp) 1142 | 8048ff4: e8 07 f5 ff ff call 8048500 1143 | printf("0x%08x ", sh_table[i].sh_addr); 1144 | 8048ff9: 8b 55 f0 mov -0x10(%ebp),%edx 1145 | 8048ffc: 89 d0 mov %edx,%eax 1146 | 8048ffe: c1 e0 02 shl $0x2,%eax 1147 | 8049001: 01 d0 add %edx,%eax 1148 | 8049003: c1 e0 03 shl $0x3,%eax 1149 | 8049006: 03 45 40 add 0x40(%ebp),%eax 1150 | 8049009: 8b 50 0c mov 0xc(%eax),%edx 1151 | 804900c: b8 98 a1 04 08 mov $0x804a198,%eax 1152 | 8049011: 89 54 24 04 mov %edx,0x4(%esp) 1153 | 8049015: 89 04 24 mov %eax,(%esp) 1154 | 8049018: e8 e3 f4 ff ff call 8048500 1155 | printf("0x%08x ", sh_table[i].sh_size); 1156 | 804901d: 8b 55 f0 mov -0x10(%ebp),%edx 1157 | 8049020: 89 d0 mov %edx,%eax 1158 | 8049022: c1 e0 02 shl $0x2,%eax 1159 | 8049025: 01 d0 add %edx,%eax 1160 | 8049027: c1 e0 03 shl $0x3,%eax 1161 | 804902a: 03 45 40 add 0x40(%ebp),%eax 1162 | 804902d: 8b 50 14 mov 0x14(%eax),%edx 1163 | 8049030: b8 98 a1 04 08 mov $0x804a198,%eax 1164 | 8049035: 89 54 24 04 mov %edx,0x4(%esp) 1165 | 8049039: 89 04 24 mov %eax,(%esp) 1166 | 804903c: e8 bf f4 ff ff call 8048500 1167 | printf("%4d ", sh_table[i].sh_addralign); 1168 | 8049041: 8b 55 f0 mov -0x10(%ebp),%edx 1169 | 8049044: 89 d0 mov %edx,%eax 1170 | 8049046: c1 e0 02 shl $0x2,%eax 1171 | 8049049: 01 d0 add %edx,%eax 1172 | 804904b: c1 e0 03 shl $0x3,%eax 1173 | 804904e: 03 45 40 add 0x40(%ebp),%eax 1174 | 8049051: 8b 50 20 mov 0x20(%eax),%edx 1175 | 8049054: b8 a0 a1 04 08 mov $0x804a1a0,%eax 1176 | 8049059: 89 54 24 04 mov %edx,0x4(%esp) 1177 | 804905d: 89 04 24 mov %eax,(%esp) 1178 | 8049060: e8 9b f4 ff ff call 8048500 1179 | printf("0x%08x ", sh_table[i].sh_flags); 1180 | 8049065: 8b 55 f0 mov -0x10(%ebp),%edx 1181 | 8049068: 89 d0 mov %edx,%eax 1182 | 804906a: c1 e0 02 shl $0x2,%eax 1183 | 804906d: 01 d0 add %edx,%eax 1184 | 804906f: c1 e0 03 shl $0x3,%eax 1185 | 8049072: 03 45 40 add 0x40(%ebp),%eax 1186 | 8049075: 8b 50 08 mov 0x8(%eax),%edx 1187 | 8049078: b8 98 a1 04 08 mov $0x804a198,%eax 1188 | 804907d: 89 54 24 04 mov %edx,0x4(%esp) 1189 | 8049081: 89 04 24 mov %eax,(%esp) 1190 | 8049084: e8 77 f4 ff ff call 8048500 1191 | printf("0x%08x ", sh_table[i].sh_type); 1192 | 8049089: 8b 55 f0 mov -0x10(%ebp),%edx 1193 | 804908c: 89 d0 mov %edx,%eax 1194 | 804908e: c1 e0 02 shl $0x2,%eax 1195 | 8049091: 01 d0 add %edx,%eax 1196 | 8049093: c1 e0 03 shl $0x3,%eax 1197 | 8049096: 03 45 40 add 0x40(%ebp),%eax 1198 | 8049099: 8b 50 04 mov 0x4(%eax),%edx 1199 | 804909c: b8 98 a1 04 08 mov $0x804a198,%eax 1200 | 80490a1: 89 54 24 04 mov %edx,0x4(%esp) 1201 | 80490a5: 89 04 24 mov %eax,(%esp) 1202 | 80490a8: e8 53 f4 ff ff call 8048500 1203 | printf("%s\t", (sh_str + sh_table[i].sh_name)); 1204 | 80490ad: 8b 55 f0 mov -0x10(%ebp),%edx 1205 | 80490b0: 89 d0 mov %edx,%eax 1206 | 80490b2: c1 e0 02 shl $0x2,%eax 1207 | 80490b5: 01 d0 add %edx,%eax 1208 | 80490b7: c1 e0 03 shl $0x3,%eax 1209 | 80490ba: 03 45 40 add 0x40(%ebp),%eax 1210 | 80490bd: 8b 00 mov (%eax),%eax 1211 | 80490bf: 89 c2 mov %eax,%edx 1212 | 80490c1: 03 55 f4 add -0xc(%ebp),%edx 1213 | 80490c4: b8 a5 a1 04 08 mov $0x804a1a5,%eax 1214 | 80490c9: 89 54 24 04 mov %edx,0x4(%esp) 1215 | 80490cd: 89 04 24 mov %eax,(%esp) 1216 | 80490d0: e8 2b f4 ff ff call 8048500 1217 | printf("\n"); 1218 | 80490d5: c7 04 24 0a 00 00 00 movl $0xa,(%esp) 1219 | 80490dc: e8 ef f4 ff ff call 80485d0 1220 | printf(" idx offset load-addr size algn" 1221 | " flags type section\n"); 1222 | printf("========================================"); 1223 | printf("========================================\n"); 1224 | 1225 | for(i=0; i 1231 | printf("0x%08x ", sh_table[i].sh_flags); 1232 | printf("0x%08x ", sh_table[i].sh_type); 1233 | printf("%s\t", (sh_str + sh_table[i].sh_name)); 1234 | printf("\n"); 1235 | } 1236 | printf("========================================"); 1237 | 80490f5: b8 1c a1 04 08 mov $0x804a11c,%eax 1238 | 80490fa: 89 04 24 mov %eax,(%esp) 1239 | 80490fd: e8 fe f3 ff ff call 8048500 1240 | printf("========================================\n"); 1241 | 8049102: c7 04 24 1c a1 04 08 movl $0x804a11c,(%esp) 1242 | 8049109: e8 52 f4 ff ff call 8048560 1243 | printf("\n"); /* end of section header table */ 1244 | 804910e: c7 04 24 0a 00 00 00 movl $0xa,(%esp) 1245 | 8049115: e8 b6 f4 ff ff call 80485d0 1246 | } 1247 | 804911a: c9 leave 1248 | 804911b: c3 ret 1249 | 1250 | 0804911c : 1251 | 1252 | void print_symbol_table(int32_t fd, 1253 | Elf32_Ehdr eh, 1254 | Elf32_Shdr sh_table[], 1255 | uint32_t symbol_table) 1256 | { 1257 | 804911c: 55 push %ebp 1258 | 804911d: 89 e5 mov %esp,%ebp 1259 | 804911f: 83 ec 58 sub $0x58,%esp 1260 | 1261 | char *str_tbl; 1262 | Elf32_Sym* sym_tbl; 1263 | uint32_t i, symbol_count; 1264 | 1265 | sym_tbl = (Elf32_Sym*)read_section(fd, sh_table[symbol_table]); 1266 | 8049122: 8b 55 44 mov 0x44(%ebp),%edx 1267 | 8049125: 89 d0 mov %edx,%eax 1268 | 8049127: c1 e0 02 shl $0x2,%eax 1269 | 804912a: 01 d0 add %edx,%eax 1270 | 804912c: c1 e0 03 shl $0x3,%eax 1271 | 804912f: 03 45 40 add 0x40(%ebp),%eax 1272 | 8049132: 8b 10 mov (%eax),%edx 1273 | 8049134: 89 54 24 04 mov %edx,0x4(%esp) 1274 | 8049138: 8b 50 04 mov 0x4(%eax),%edx 1275 | 804913b: 89 54 24 08 mov %edx,0x8(%esp) 1276 | 804913f: 8b 50 08 mov 0x8(%eax),%edx 1277 | 8049142: 89 54 24 0c mov %edx,0xc(%esp) 1278 | 8049146: 8b 50 0c mov 0xc(%eax),%edx 1279 | 8049149: 89 54 24 10 mov %edx,0x10(%esp) 1280 | 804914d: 8b 50 10 mov 0x10(%eax),%edx 1281 | 8049150: 89 54 24 14 mov %edx,0x14(%esp) 1282 | 8049154: 8b 50 14 mov 0x14(%eax),%edx 1283 | 8049157: 89 54 24 18 mov %edx,0x18(%esp) 1284 | 804915b: 8b 50 18 mov 0x18(%eax),%edx 1285 | 804915e: 89 54 24 1c mov %edx,0x1c(%esp) 1286 | 8049162: 8b 50 1c mov 0x1c(%eax),%edx 1287 | 8049165: 89 54 24 20 mov %edx,0x20(%esp) 1288 | 8049169: 8b 50 20 mov 0x20(%eax),%edx 1289 | 804916c: 89 54 24 24 mov %edx,0x24(%esp) 1290 | 8049170: 8b 40 24 mov 0x24(%eax),%eax 1291 | 8049173: 89 44 24 28 mov %eax,0x28(%esp) 1292 | 8049177: 8b 45 08 mov 0x8(%ebp),%eax 1293 | 804917a: 89 04 24 mov %eax,(%esp) 1294 | 804917d: e8 80 fc ff ff call 8048e02 1295 | 8049182: 89 45 e8 mov %eax,-0x18(%ebp) 1296 | 1297 | /* Read linked string-table 1298 | * Section containing the string table having names of 1299 | * symbols of this section 1300 | */ 1301 | uint32_t str_tbl_ndx = sh_table[symbol_table].sh_link; 1302 | 8049185: 8b 55 44 mov 0x44(%ebp),%edx 1303 | 8049188: 89 d0 mov %edx,%eax 1304 | 804918a: c1 e0 02 shl $0x2,%eax 1305 | 804918d: 01 d0 add %edx,%eax 1306 | 804918f: c1 e0 03 shl $0x3,%eax 1307 | 8049192: 03 45 40 add 0x40(%ebp),%eax 1308 | 8049195: 8b 40 18 mov 0x18(%eax),%eax 1309 | 8049198: 89 45 ec mov %eax,-0x14(%ebp) 1310 | debug("str_table_ndx = 0x%x\n", str_tbl_ndx); 1311 | 804919b: b8 a9 a1 04 08 mov $0x804a1a9,%eax 1312 | 80491a0: 8b 55 ec mov -0x14(%ebp),%edx 1313 | 80491a3: 89 54 24 04 mov %edx,0x4(%esp) 1314 | 80491a7: 89 04 24 mov %eax,(%esp) 1315 | 80491aa: e8 51 f3 ff ff call 8048500 1316 | str_tbl = read_section(fd, sh_table[str_tbl_ndx]); 1317 | 80491af: 8b 55 ec mov -0x14(%ebp),%edx 1318 | 80491b2: 89 d0 mov %edx,%eax 1319 | 80491b4: c1 e0 02 shl $0x2,%eax 1320 | 80491b7: 01 d0 add %edx,%eax 1321 | 80491b9: c1 e0 03 shl $0x3,%eax 1322 | 80491bc: 03 45 40 add 0x40(%ebp),%eax 1323 | 80491bf: 8b 10 mov (%eax),%edx 1324 | 80491c1: 89 54 24 04 mov %edx,0x4(%esp) 1325 | 80491c5: 8b 50 04 mov 0x4(%eax),%edx 1326 | 80491c8: 89 54 24 08 mov %edx,0x8(%esp) 1327 | 80491cc: 8b 50 08 mov 0x8(%eax),%edx 1328 | 80491cf: 89 54 24 0c mov %edx,0xc(%esp) 1329 | 80491d3: 8b 50 0c mov 0xc(%eax),%edx 1330 | 80491d6: 89 54 24 10 mov %edx,0x10(%esp) 1331 | 80491da: 8b 50 10 mov 0x10(%eax),%edx 1332 | 80491dd: 89 54 24 14 mov %edx,0x14(%esp) 1333 | 80491e1: 8b 50 14 mov 0x14(%eax),%edx 1334 | 80491e4: 89 54 24 18 mov %edx,0x18(%esp) 1335 | 80491e8: 8b 50 18 mov 0x18(%eax),%edx 1336 | 80491eb: 89 54 24 1c mov %edx,0x1c(%esp) 1337 | 80491ef: 8b 50 1c mov 0x1c(%eax),%edx 1338 | 80491f2: 89 54 24 20 mov %edx,0x20(%esp) 1339 | 80491f6: 8b 50 20 mov 0x20(%eax),%edx 1340 | 80491f9: 89 54 24 24 mov %edx,0x24(%esp) 1341 | 80491fd: 8b 40 24 mov 0x24(%eax),%eax 1342 | 8049200: 89 44 24 28 mov %eax,0x28(%esp) 1343 | 8049204: 8b 45 08 mov 0x8(%ebp),%eax 1344 | 8049207: 89 04 24 mov %eax,(%esp) 1345 | 804920a: e8 f3 fb ff ff call 8048e02 1346 | 804920f: 89 45 f0 mov %eax,-0x10(%ebp) 1347 | 1348 | symbol_count = (sh_table[symbol_table].sh_size/sizeof(Elf32_Sym)); 1349 | 8049212: 8b 55 44 mov 0x44(%ebp),%edx 1350 | 8049215: 89 d0 mov %edx,%eax 1351 | 8049217: c1 e0 02 shl $0x2,%eax 1352 | 804921a: 01 d0 add %edx,%eax 1353 | 804921c: c1 e0 03 shl $0x3,%eax 1354 | 804921f: 03 45 40 add 0x40(%ebp),%eax 1355 | 8049222: 8b 40 14 mov 0x14(%eax),%eax 1356 | 8049225: c1 e8 04 shr $0x4,%eax 1357 | 8049228: 89 45 f4 mov %eax,-0xc(%ebp) 1358 | printf("%d symbols\n", symbol_count); 1359 | 804922b: b8 c7 a1 04 08 mov $0x804a1c7,%eax 1360 | 8049230: 8b 55 f4 mov -0xc(%ebp),%edx 1361 | 8049233: 89 54 24 04 mov %edx,0x4(%esp) 1362 | 8049237: 89 04 24 mov %eax,(%esp) 1363 | 804923a: e8 c1 f2 ff ff call 8048500 1364 | 1365 | for(i=0; i< symbol_count; i++) { 1366 | 804923f: c7 45 e4 00 00 00 00 movl $0x0,-0x1c(%ebp) 1367 | 8049246: e9 81 00 00 00 jmp 80492cc 1368 | printf("0x%08x ", sym_tbl[i].st_value); 1369 | 804924b: 8b 45 e4 mov -0x1c(%ebp),%eax 1370 | 804924e: c1 e0 04 shl $0x4,%eax 1371 | 8049251: 03 45 e8 add -0x18(%ebp),%eax 1372 | 8049254: 8b 50 04 mov 0x4(%eax),%edx 1373 | 8049257: b8 98 a1 04 08 mov $0x804a198,%eax 1374 | 804925c: 89 54 24 04 mov %edx,0x4(%esp) 1375 | 8049260: 89 04 24 mov %eax,(%esp) 1376 | 8049263: e8 98 f2 ff ff call 8048500 1377 | printf("0x%02x ", ELF32_ST_BIND(sym_tbl[i].st_info)); 1378 | 8049268: 8b 45 e4 mov -0x1c(%ebp),%eax 1379 | 804926b: c1 e0 04 shl $0x4,%eax 1380 | 804926e: 03 45 e8 add -0x18(%ebp),%eax 1381 | 8049271: 0f b6 40 0c movzbl 0xc(%eax),%eax 1382 | 8049275: c0 e8 04 shr $0x4,%al 1383 | 8049278: 0f b6 d0 movzbl %al,%edx 1384 | 804927b: b8 d3 a1 04 08 mov $0x804a1d3,%eax 1385 | 8049280: 89 54 24 04 mov %edx,0x4(%esp) 1386 | 8049284: 89 04 24 mov %eax,(%esp) 1387 | 8049287: e8 74 f2 ff ff call 8048500 1388 | printf("0x%02x ", ELF32_ST_TYPE(sym_tbl[i].st_info)); 1389 | 804928c: 8b 45 e4 mov -0x1c(%ebp),%eax 1390 | 804928f: c1 e0 04 shl $0x4,%eax 1391 | 8049292: 03 45 e8 add -0x18(%ebp),%eax 1392 | 8049295: 0f b6 40 0c movzbl 0xc(%eax),%eax 1393 | 8049299: 0f b6 c0 movzbl %al,%eax 1394 | 804929c: 89 c2 mov %eax,%edx 1395 | 804929e: 83 e2 0f and $0xf,%edx 1396 | 80492a1: b8 d3 a1 04 08 mov $0x804a1d3,%eax 1397 | 80492a6: 89 54 24 04 mov %edx,0x4(%esp) 1398 | 80492aa: 89 04 24 mov %eax,(%esp) 1399 | 80492ad: e8 4e f2 ff ff call 8048500 1400 | printf("%s\n", (str_tbl + sym_tbl[i].st_name)); 1401 | 80492b2: 8b 45 e4 mov -0x1c(%ebp),%eax 1402 | 80492b5: c1 e0 04 shl $0x4,%eax 1403 | 80492b8: 03 45 e8 add -0x18(%ebp),%eax 1404 | 80492bb: 8b 00 mov (%eax),%eax 1405 | 80492bd: 03 45 f0 add -0x10(%ebp),%eax 1406 | 80492c0: 89 04 24 mov %eax,(%esp) 1407 | 80492c3: e8 98 f2 ff ff call 8048560 1408 | str_tbl = read_section(fd, sh_table[str_tbl_ndx]); 1409 | 1410 | symbol_count = (sh_table[symbol_table].sh_size/sizeof(Elf32_Sym)); 1411 | printf("%d symbols\n", symbol_count); 1412 | 1413 | for(i=0; i< symbol_count; i++) { 1414 | 80492c8: 83 45 e4 01 addl $0x1,-0x1c(%ebp) 1415 | 80492cc: 8b 45 e4 mov -0x1c(%ebp),%eax 1416 | 80492cf: 3b 45 f4 cmp -0xc(%ebp),%eax 1417 | 80492d2: 0f 82 73 ff ff ff jb 804924b 1418 | printf("0x%08x ", sym_tbl[i].st_value); 1419 | printf("0x%02x ", ELF32_ST_BIND(sym_tbl[i].st_info)); 1420 | printf("0x%02x ", ELF32_ST_TYPE(sym_tbl[i].st_info)); 1421 | printf("%s\n", (str_tbl + sym_tbl[i].st_name)); 1422 | } 1423 | } 1424 | 80492d8: c9 leave 1425 | 80492d9: c3 ret 1426 | 1427 | 080492da : 1428 | 1429 | void print_symbols(int32_t fd, Elf32_Ehdr eh, Elf32_Shdr sh_table[]) 1430 | { 1431 | 80492da: 55 push %ebp 1432 | 80492db: 89 e5 mov %esp,%ebp 1433 | 80492dd: 83 ec 58 sub $0x58,%esp 1434 | uint32_t i; 1435 | 1436 | for(i=0; i 1439 | if ((sh_table[i].sh_type==SHT_SYMTAB) 1440 | 80492ec: 8b 55 f4 mov -0xc(%ebp),%edx 1441 | 80492ef: 89 d0 mov %edx,%eax 1442 | 80492f1: c1 e0 02 shl $0x2,%eax 1443 | 80492f4: 01 d0 add %edx,%eax 1444 | 80492f6: c1 e0 03 shl $0x3,%eax 1445 | 80492f9: 03 45 40 add 0x40(%ebp),%eax 1446 | 80492fc: 8b 40 04 mov 0x4(%eax),%eax 1447 | 80492ff: 83 f8 02 cmp $0x2,%eax 1448 | 8049302: 74 1c je 8049320 1449 | || (sh_table[i].sh_type==SHT_DYNSYM)) { 1450 | 8049304: 8b 55 f4 mov -0xc(%ebp),%edx 1451 | 8049307: 89 d0 mov %edx,%eax 1452 | 8049309: c1 e0 02 shl $0x2,%eax 1453 | 804930c: 01 d0 add %edx,%eax 1454 | 804930e: c1 e0 03 shl $0x3,%eax 1455 | 8049311: 03 45 40 add 0x40(%ebp),%eax 1456 | 8049314: 8b 40 04 mov 0x4(%eax),%eax 1457 | 8049317: 83 f8 0b cmp $0xb,%eax 1458 | 804931a: 0f 85 88 00 00 00 jne 80493a8 1459 | printf("\n[Section %03d]", i); 1460 | 8049320: b8 db a1 04 08 mov $0x804a1db,%eax 1461 | 8049325: 8b 55 f4 mov -0xc(%ebp),%edx 1462 | 8049328: 89 54 24 04 mov %edx,0x4(%esp) 1463 | 804932c: 89 04 24 mov %eax,(%esp) 1464 | 804932f: e8 cc f1 ff ff call 8048500 1465 | print_symbol_table(fd, eh, sh_table, i); 1466 | 8049334: 8b 45 f4 mov -0xc(%ebp),%eax 1467 | 8049337: 89 44 24 3c mov %eax,0x3c(%esp) 1468 | 804933b: 8b 45 40 mov 0x40(%ebp),%eax 1469 | 804933e: 89 44 24 38 mov %eax,0x38(%esp) 1470 | 8049342: 8b 45 0c mov 0xc(%ebp),%eax 1471 | 8049345: 89 44 24 04 mov %eax,0x4(%esp) 1472 | 8049349: 8b 45 10 mov 0x10(%ebp),%eax 1473 | 804934c: 89 44 24 08 mov %eax,0x8(%esp) 1474 | 8049350: 8b 45 14 mov 0x14(%ebp),%eax 1475 | 8049353: 89 44 24 0c mov %eax,0xc(%esp) 1476 | 8049357: 8b 45 18 mov 0x18(%ebp),%eax 1477 | 804935a: 89 44 24 10 mov %eax,0x10(%esp) 1478 | 804935e: 8b 45 1c mov 0x1c(%ebp),%eax 1479 | 8049361: 89 44 24 14 mov %eax,0x14(%esp) 1480 | 8049365: 8b 45 20 mov 0x20(%ebp),%eax 1481 | 8049368: 89 44 24 18 mov %eax,0x18(%esp) 1482 | 804936c: 8b 45 24 mov 0x24(%ebp),%eax 1483 | 804936f: 89 44 24 1c mov %eax,0x1c(%esp) 1484 | 8049373: 8b 45 28 mov 0x28(%ebp),%eax 1485 | 8049376: 89 44 24 20 mov %eax,0x20(%esp) 1486 | 804937a: 8b 45 2c mov 0x2c(%ebp),%eax 1487 | 804937d: 89 44 24 24 mov %eax,0x24(%esp) 1488 | 8049381: 8b 45 30 mov 0x30(%ebp),%eax 1489 | 8049384: 89 44 24 28 mov %eax,0x28(%esp) 1490 | 8049388: 8b 45 34 mov 0x34(%ebp),%eax 1491 | 804938b: 89 44 24 2c mov %eax,0x2c(%esp) 1492 | 804938f: 8b 45 38 mov 0x38(%ebp),%eax 1493 | 8049392: 89 44 24 30 mov %eax,0x30(%esp) 1494 | 8049396: 8b 45 3c mov 0x3c(%ebp),%eax 1495 | 8049399: 89 44 24 34 mov %eax,0x34(%esp) 1496 | 804939d: 8b 45 08 mov 0x8(%ebp),%eax 1497 | 80493a0: 89 04 24 mov %eax,(%esp) 1498 | 80493a3: e8 74 fd ff ff call 804911c 1499 | 1500 | void print_symbols(int32_t fd, Elf32_Ehdr eh, Elf32_Shdr sh_table[]) 1501 | { 1502 | uint32_t i; 1503 | 1504 | for(i=0; i 1510 | || (sh_table[i].sh_type==SHT_DYNSYM)) { 1511 | printf("\n[Section %03d]", i); 1512 | print_symbol_table(fd, eh, sh_table, i); 1513 | } 1514 | } 1515 | } 1516 | 80493bc: c9 leave 1517 | 80493bd: c3 ret 1518 | 1519 | 080493be : 1520 | 1521 | void save_text_section(int32_t fd, Elf32_Ehdr eh, Elf32_Shdr sh_table[]) 1522 | { 1523 | 80493be: 55 push %ebp 1524 | 80493bf: 89 e5 mov %esp,%ebp 1525 | 80493c1: 57 push %edi 1526 | 80493c2: 56 push %esi 1527 | 80493c3: 53 push %ebx 1528 | 80493c4: 83 ec 6c sub $0x6c,%esp 1529 | int32_t fd2; /* to write text.S in current directory */ 1530 | char* sh_str; /* section-header string-table is also a section. */ 1531 | char* buf; /* buffer to hold contents of the .text section */ 1532 | 1533 | /* */ 1534 | char *pwd = getcwd(NULL, (size_t)NULL); 1535 | 80493c7: c7 44 24 04 00 00 00 movl $0x0,0x4(%esp) 1536 | 80493ce: 00 1537 | 80493cf: c7 04 24 00 00 00 00 movl $0x0,(%esp) 1538 | 80493d6: e8 b5 f1 ff ff call 8048590 1539 | 80493db: 89 45 dc mov %eax,-0x24(%ebp) 1540 | printf("%s\n", pwd); 1541 | 80493de: 8b 45 dc mov -0x24(%ebp),%eax 1542 | 80493e1: 89 04 24 mov %eax,(%esp) 1543 | 80493e4: e8 77 f1 ff ff call 8048560 1544 | pwd = realloc(pwd, strlen(pwd)+8); 1545 | 80493e9: 8b 45 dc mov -0x24(%ebp),%eax 1546 | 80493ec: c7 45 c4 ff ff ff ff movl $0xffffffff,-0x3c(%ebp) 1547 | 80493f3: 89 c2 mov %eax,%edx 1548 | 80493f5: b8 00 00 00 00 mov $0x0,%eax 1549 | 80493fa: 8b 4d c4 mov -0x3c(%ebp),%ecx 1550 | 80493fd: 89 d7 mov %edx,%edi 1551 | 80493ff: f2 ae repnz scas %es:(%edi),%al 1552 | 8049401: 89 c8 mov %ecx,%eax 1553 | 8049403: f7 d0 not %eax 1554 | 8049405: 83 e8 01 sub $0x1,%eax 1555 | 8049408: 83 c0 08 add $0x8,%eax 1556 | 804940b: 89 44 24 04 mov %eax,0x4(%esp) 1557 | 804940f: 8b 45 dc mov -0x24(%ebp),%eax 1558 | 8049412: 89 04 24 mov %eax,(%esp) 1559 | 8049415: e8 26 f1 ff ff call 8048540 1560 | 804941a: 89 45 dc mov %eax,-0x24(%ebp) 1561 | strcat(pwd,"/text.S"); 1562 | 804941d: ba eb a1 04 08 mov $0x804a1eb,%edx 1563 | 8049422: 8b 45 dc mov -0x24(%ebp),%eax 1564 | 8049425: c7 45 c4 ff ff ff ff movl $0xffffffff,-0x3c(%ebp) 1565 | 804942c: 89 c3 mov %eax,%ebx 1566 | 804942e: b8 00 00 00 00 mov $0x0,%eax 1567 | 8049433: 8b 4d c4 mov -0x3c(%ebp),%ecx 1568 | 8049436: 89 df mov %ebx,%edi 1569 | 8049438: f2 ae repnz scas %es:(%edi),%al 1570 | 804943a: 89 c8 mov %ecx,%eax 1571 | 804943c: f7 d0 not %eax 1572 | 804943e: 83 e8 01 sub $0x1,%eax 1573 | 8049441: 03 45 dc add -0x24(%ebp),%eax 1574 | 8049444: 8b 0a mov (%edx),%ecx 1575 | 8049446: 89 08 mov %ecx,(%eax) 1576 | 8049448: 8b 52 04 mov 0x4(%edx),%edx 1577 | 804944b: 89 50 04 mov %edx,0x4(%eax) 1578 | printf("%s\n", pwd); 1579 | 804944e: 8b 45 dc mov -0x24(%ebp),%eax 1580 | 8049451: 89 04 24 mov %eax,(%esp) 1581 | 8049454: e8 07 f1 ff ff call 8048560 1582 | 1583 | /* Read section-header string-table */ 1584 | debug("eh.e_shstrndx = 0x%x\n", eh.e_shstrndx); 1585 | 8049459: 0f b7 45 3e movzwl 0x3e(%ebp),%eax 1586 | 804945d: 0f b7 d0 movzwl %ax,%edx 1587 | 8049460: b8 fd a0 04 08 mov $0x804a0fd,%eax 1588 | 8049465: 89 54 24 04 mov %edx,0x4(%esp) 1589 | 8049469: 89 04 24 mov %eax,(%esp) 1590 | 804946c: e8 8f f0 ff ff call 8048500 1591 | sh_str = read_section(fd, sh_table[eh.e_shstrndx]); 1592 | 8049471: 0f b7 45 3e movzwl 0x3e(%ebp),%eax 1593 | 8049475: 0f b7 d0 movzwl %ax,%edx 1594 | 8049478: 89 d0 mov %edx,%eax 1595 | 804947a: c1 e0 02 shl $0x2,%eax 1596 | 804947d: 01 d0 add %edx,%eax 1597 | 804947f: c1 e0 03 shl $0x3,%eax 1598 | 8049482: 03 45 40 add 0x40(%ebp),%eax 1599 | 8049485: 8b 10 mov (%eax),%edx 1600 | 8049487: 89 54 24 04 mov %edx,0x4(%esp) 1601 | 804948b: 8b 50 04 mov 0x4(%eax),%edx 1602 | 804948e: 89 54 24 08 mov %edx,0x8(%esp) 1603 | 8049492: 8b 50 08 mov 0x8(%eax),%edx 1604 | 8049495: 89 54 24 0c mov %edx,0xc(%esp) 1605 | 8049499: 8b 50 0c mov 0xc(%eax),%edx 1606 | 804949c: 89 54 24 10 mov %edx,0x10(%esp) 1607 | 80494a0: 8b 50 10 mov 0x10(%eax),%edx 1608 | 80494a3: 89 54 24 14 mov %edx,0x14(%esp) 1609 | 80494a7: 8b 50 14 mov 0x14(%eax),%edx 1610 | 80494aa: 89 54 24 18 mov %edx,0x18(%esp) 1611 | 80494ae: 8b 50 18 mov 0x18(%eax),%edx 1612 | 80494b1: 89 54 24 1c mov %edx,0x1c(%esp) 1613 | 80494b5: 8b 50 1c mov 0x1c(%eax),%edx 1614 | 80494b8: 89 54 24 20 mov %edx,0x20(%esp) 1615 | 80494bc: 8b 50 20 mov 0x20(%eax),%edx 1616 | 80494bf: 89 54 24 24 mov %edx,0x24(%esp) 1617 | 80494c3: 8b 40 24 mov 0x24(%eax),%eax 1618 | 80494c6: 89 44 24 28 mov %eax,0x28(%esp) 1619 | 80494ca: 8b 45 08 mov 0x8(%ebp),%eax 1620 | 80494cd: 89 04 24 mov %eax,(%esp) 1621 | 80494d0: e8 2d f9 ff ff call 8048e02 1622 | 80494d5: 89 45 e0 mov %eax,-0x20(%ebp) 1623 | 1624 | for(i=0; i 1627 | if(!strcmp(".text", (sh_str + sh_table[i].sh_name))) { 1628 | 80494e4: 8b 55 d4 mov -0x2c(%ebp),%edx 1629 | 80494e7: 89 d0 mov %edx,%eax 1630 | 80494e9: c1 e0 02 shl $0x2,%eax 1631 | 80494ec: 01 d0 add %edx,%eax 1632 | 80494ee: c1 e0 03 shl $0x3,%eax 1633 | 80494f1: 03 45 40 add 0x40(%ebp),%eax 1634 | 80494f4: 8b 00 mov (%eax),%eax 1635 | 80494f6: 03 45 e0 add -0x20(%ebp),%eax 1636 | 80494f9: ba f3 a1 04 08 mov $0x804a1f3,%edx 1637 | 80494fe: b9 06 00 00 00 mov $0x6,%ecx 1638 | 8049503: 89 d6 mov %edx,%esi 1639 | 8049505: 89 c7 mov %eax,%edi 1640 | 8049507: f3 a6 repz cmpsb %es:(%edi),%ds:(%esi) 1641 | 8049509: 0f 97 c2 seta %dl 1642 | 804950c: 0f 92 c0 setb %al 1643 | 804950f: 89 d1 mov %edx,%ecx 1644 | 8049511: 28 c1 sub %al,%cl 1645 | 8049513: 89 c8 mov %ecx,%eax 1646 | 8049515: 0f be c0 movsbl %al,%eax 1647 | 8049518: 85 c0 test %eax,%eax 1648 | 804951a: 75 56 jne 8049572 1649 | printf("Found section\t\".text\"\n"); 1650 | 804951c: c7 04 24 f9 a1 04 08 movl $0x804a1f9,(%esp) 1651 | 8049523: e8 38 f0 ff ff call 8048560 1652 | printf("at offset\t0x%08x\n", sh_table[i].sh_offset); 1653 | 8049528: 8b 55 d4 mov -0x2c(%ebp),%edx 1654 | 804952b: 89 d0 mov %edx,%eax 1655 | 804952d: c1 e0 02 shl $0x2,%eax 1656 | 8049530: 01 d0 add %edx,%eax 1657 | 8049532: c1 e0 03 shl $0x3,%eax 1658 | 8049535: 03 45 40 add 0x40(%ebp),%eax 1659 | 8049538: 8b 50 10 mov 0x10(%eax),%edx 1660 | 804953b: b8 0f a2 04 08 mov $0x804a20f,%eax 1661 | 8049540: 89 54 24 04 mov %edx,0x4(%esp) 1662 | 8049544: 89 04 24 mov %eax,(%esp) 1663 | 8049547: e8 b4 ef ff ff call 8048500 1664 | printf("of size\t\t0x%08x\n", sh_table[i].sh_size); 1665 | 804954c: 8b 55 d4 mov -0x2c(%ebp),%edx 1666 | 804954f: 89 d0 mov %edx,%eax 1667 | 8049551: c1 e0 02 shl $0x2,%eax 1668 | 8049554: 01 d0 add %edx,%eax 1669 | 8049556: c1 e0 03 shl $0x3,%eax 1670 | 8049559: 03 45 40 add 0x40(%ebp),%eax 1671 | 804955c: 8b 50 14 mov 0x14(%eax),%edx 1672 | 804955f: b8 21 a2 04 08 mov $0x804a221,%eax 1673 | 8049564: 89 54 24 04 mov %edx,0x4(%esp) 1674 | 8049568: 89 04 24 mov %eax,(%esp) 1675 | 804956b: e8 90 ef ff ff call 8048500 1676 | 1677 | break; 1678 | 8049570: eb 14 jmp 8049586 1679 | 1680 | /* Read section-header string-table */ 1681 | debug("eh.e_shstrndx = 0x%x\n", eh.e_shstrndx); 1682 | sh_str = read_section(fd, sh_table[eh.e_shstrndx]); 1683 | 1684 | for(i=0; i 1690 | 1691 | break; 1692 | } 1693 | } 1694 | 1695 | assert(lseek(fd, sh_table[i].sh_offset, SEEK_SET)==sh_table[i].sh_offset); 1696 | 8049586: 8b 55 d4 mov -0x2c(%ebp),%edx 1697 | 8049589: 89 d0 mov %edx,%eax 1698 | 804958b: c1 e0 02 shl $0x2,%eax 1699 | 804958e: 01 d0 add %edx,%eax 1700 | 8049590: c1 e0 03 shl $0x3,%eax 1701 | 8049593: 03 45 40 add 0x40(%ebp),%eax 1702 | 8049596: 8b 40 10 mov 0x10(%eax),%eax 1703 | 8049599: c7 44 24 08 00 00 00 movl $0x0,0x8(%esp) 1704 | 80495a0: 00 1705 | 80495a1: 89 44 24 04 mov %eax,0x4(%esp) 1706 | 80495a5: 8b 45 08 mov 0x8(%ebp),%eax 1707 | 80495a8: 89 04 24 mov %eax,(%esp) 1708 | 80495ab: e8 70 ef ff ff call 8048520 1709 | 80495b0: 89 c1 mov %eax,%ecx 1710 | 80495b2: 8b 55 d4 mov -0x2c(%ebp),%edx 1711 | 80495b5: 89 d0 mov %edx,%eax 1712 | 80495b7: c1 e0 02 shl $0x2,%eax 1713 | 80495ba: 01 d0 add %edx,%eax 1714 | 80495bc: c1 e0 03 shl $0x3,%eax 1715 | 80495bf: 03 45 40 add 0x40(%ebp),%eax 1716 | 80495c2: 8b 40 10 mov 0x10(%eax),%eax 1717 | 80495c5: 39 c1 cmp %eax,%ecx 1718 | 80495c7: 74 24 je 80495ed 1719 | 80495c9: c7 44 24 0c 1e a3 04 movl $0x804a31e,0xc(%esp) 1720 | 80495d0: 08 1721 | 80495d1: c7 44 24 08 8c 01 00 movl $0x18c,0x8(%esp) 1722 | 80495d8: 00 1723 | 80495d9: c7 44 24 04 00 9c 04 movl $0x8049c00,0x4(%esp) 1724 | 80495e0: 08 1725 | 80495e1: c7 04 24 34 a2 04 08 movl $0x804a234,(%esp) 1726 | 80495e8: e8 03 f0 ff ff call 80485f0 <__assert_fail@plt> 1727 | buf = malloc(sh_table[i].sh_size); 1728 | 80495ed: 8b 55 d4 mov -0x2c(%ebp),%edx 1729 | 80495f0: 89 d0 mov %edx,%eax 1730 | 80495f2: c1 e0 02 shl $0x2,%eax 1731 | 80495f5: 01 d0 add %edx,%eax 1732 | 80495f7: c1 e0 03 shl $0x3,%eax 1733 | 80495fa: 03 45 40 add 0x40(%ebp),%eax 1734 | 80495fd: 8b 40 14 mov 0x14(%eax),%eax 1735 | 8049600: 89 04 24 mov %eax,(%esp) 1736 | 8049603: e8 48 ef ff ff call 8048550 1737 | 8049608: 89 45 e4 mov %eax,-0x1c(%ebp) 1738 | if(!buf) { 1739 | 804960b: 83 7d e4 00 cmpl $0x0,-0x1c(%ebp) 1740 | 804960f: 75 29 jne 804963a 1741 | printf("Failed to allocate %dbytes!!\n", sh_table[i].sh_size); 1742 | 8049611: 8b 55 d4 mov -0x2c(%ebp),%edx 1743 | 8049614: 89 d0 mov %edx,%eax 1744 | 8049616: c1 e0 02 shl $0x2,%eax 1745 | 8049619: 01 d0 add %edx,%eax 1746 | 804961b: c1 e0 03 shl $0x3,%eax 1747 | 804961e: 03 45 40 add 0x40(%ebp),%eax 1748 | 8049621: 8b 50 14 mov 0x14(%eax),%edx 1749 | 8049624: b8 6f a2 04 08 mov $0x804a26f,%eax 1750 | 8049629: 89 54 24 04 mov %edx,0x4(%esp) 1751 | 804962d: 89 04 24 mov %eax,(%esp) 1752 | 8049630: e8 cb ee ff ff call 8048500 1753 | goto EXIT; 1754 | 8049635: e9 b0 00 00 00 jmp 80496ea 1755 | } 1756 | assert(read(fd, buf, sh_table[i].sh_size)==sh_table[i].sh_size); 1757 | 804963a: 8b 55 d4 mov -0x2c(%ebp),%edx 1758 | 804963d: 89 d0 mov %edx,%eax 1759 | 804963f: c1 e0 02 shl $0x2,%eax 1760 | 8049642: 01 d0 add %edx,%eax 1761 | 8049644: c1 e0 03 shl $0x3,%eax 1762 | 8049647: 03 45 40 add 0x40(%ebp),%eax 1763 | 804964a: 8b 40 14 mov 0x14(%eax),%eax 1764 | 804964d: 89 44 24 08 mov %eax,0x8(%esp) 1765 | 8049651: 8b 45 e4 mov -0x1c(%ebp),%eax 1766 | 8049654: 89 44 24 04 mov %eax,0x4(%esp) 1767 | 8049658: 8b 45 08 mov 0x8(%ebp),%eax 1768 | 804965b: 89 04 24 mov %eax,(%esp) 1769 | 804965e: e8 8d ee ff ff call 80484f0 1770 | 8049663: 89 c1 mov %eax,%ecx 1771 | 8049665: 8b 55 d4 mov -0x2c(%ebp),%edx 1772 | 8049668: 89 d0 mov %edx,%eax 1773 | 804966a: c1 e0 02 shl $0x2,%eax 1774 | 804966d: 01 d0 add %edx,%eax 1775 | 804966f: c1 e0 03 shl $0x3,%eax 1776 | 8049672: 03 45 40 add 0x40(%ebp),%eax 1777 | 8049675: 8b 40 14 mov 0x14(%eax),%eax 1778 | 8049678: 39 c1 cmp %eax,%ecx 1779 | 804967a: 74 24 je 80496a0 1780 | 804967c: c7 44 24 0c 1e a3 04 movl $0x804a31e,0xc(%esp) 1781 | 8049683: 08 1782 | 8049684: c7 44 24 08 92 01 00 movl $0x192,0x8(%esp) 1783 | 804968b: 00 1784 | 804968c: c7 44 24 04 00 9c 04 movl $0x8049c00,0x4(%esp) 1785 | 8049693: 08 1786 | 8049694: c7 04 24 90 a2 04 08 movl $0x804a290,(%esp) 1787 | 804969b: e8 50 ef ff ff call 80485f0 <__assert_fail@plt> 1788 | fd2 = open(pwd, O_RDWR|O_SYNC|O_CREAT); 1789 | 80496a0: c7 44 24 04 42 10 10 movl $0x101042,0x4(%esp) 1790 | 80496a7: 00 1791 | 80496a8: 8b 45 dc mov -0x24(%ebp),%eax 1792 | 80496ab: 89 04 24 mov %eax,(%esp) 1793 | 80496ae: e8 cd ee ff ff call 8048580 1794 | 80496b3: 89 45 d8 mov %eax,-0x28(%ebp) 1795 | write(fd2, buf, sh_table[i].sh_size); 1796 | 80496b6: 8b 55 d4 mov -0x2c(%ebp),%edx 1797 | 80496b9: 89 d0 mov %edx,%eax 1798 | 80496bb: c1 e0 02 shl $0x2,%eax 1799 | 80496be: 01 d0 add %edx,%eax 1800 | 80496c0: c1 e0 03 shl $0x3,%eax 1801 | 80496c3: 03 45 40 add 0x40(%ebp),%eax 1802 | 80496c6: 8b 40 14 mov 0x14(%eax),%eax 1803 | 80496c9: 89 44 24 08 mov %eax,0x8(%esp) 1804 | 80496cd: 8b 45 e4 mov -0x1c(%ebp),%eax 1805 | 80496d0: 89 44 24 04 mov %eax,0x4(%esp) 1806 | 80496d4: 8b 45 d8 mov -0x28(%ebp),%eax 1807 | 80496d7: 89 04 24 mov %eax,(%esp) 1808 | 80496da: e8 e1 ee ff ff call 80485c0 1809 | fsync(fd2); 1810 | 80496df: 8b 45 d8 mov -0x28(%ebp),%eax 1811 | 80496e2: 89 04 24 mov %eax,(%esp) 1812 | 80496e5: e8 b6 ee ff ff call 80485a0 1813 | 1814 | EXIT: 1815 | close(fd2); 1816 | 80496ea: 8b 45 d8 mov -0x28(%ebp),%eax 1817 | 80496ed: 89 04 24 mov %eax,(%esp) 1818 | 80496f0: e8 eb ee ff ff call 80485e0 1819 | free(pwd); 1820 | 80496f5: 8b 45 dc mov -0x24(%ebp),%eax 1821 | 80496f8: 89 04 24 mov %eax,(%esp) 1822 | 80496fb: e8 10 ee ff ff call 8048510 1823 | 1824 | } 1825 | 8049700: 83 c4 6c add $0x6c,%esp 1826 | 8049703: 5b pop %ebx 1827 | 8049704: 5e pop %esi 1828 | 8049705: 5f pop %edi 1829 | 8049706: 5d pop %ebp 1830 | 8049707: c3 ret 1831 | 1832 | 08049708
: 1833 | 1834 | /* Main entry point of elf-parser */ 1835 | int32_t main(int32_t argc, char *argv[]) 1836 | { 1837 | 8049708: 55 push %ebp 1838 | 8049709: 89 e5 mov %esp,%ebp 1839 | 804970b: 83 e4 f0 and $0xfffffff0,%esp 1840 | 804970e: 81 ec 90 00 00 00 sub $0x90,%esp 1841 | 8049714: 8b 45 0c mov 0xc(%ebp),%eax 1842 | 8049717: 89 44 24 4c mov %eax,0x4c(%esp) 1843 | 804971b: 65 a1 14 00 00 00 mov %gs:0x14,%eax 1844 | 8049721: 89 84 24 8c 00 00 00 mov %eax,0x8c(%esp) 1845 | 8049728: 31 c0 xor %eax,%eax 1846 | 1847 | int32_t fd; 1848 | Elf32_Ehdr eh; /* elf-header is fixed size */ 1849 | Elf32_Shdr* sh_tbl; /* section-header table is variable size */ 1850 | 1851 | if(argc!=2) { 1852 | 804972a: 83 7d 08 02 cmpl $0x2,0x8(%ebp) 1853 | 804972e: 74 16 je 8049746 1854 | printf("Usage: elf-parser \n"); 1855 | 8049730: c7 04 24 c8 a2 04 08 movl $0x804a2c8,(%esp) 1856 | 8049737: e8 24 ee ff ff call 8048560 1857 | return 0; 1858 | 804973c: b8 00 00 00 00 mov $0x0,%eax 1859 | 8049741: e9 ce 03 00 00 jmp 8049b14 1860 | } 1861 | 1862 | fd = open(argv[1], O_RDONLY|O_SYNC); 1863 | 8049746: 8b 44 24 4c mov 0x4c(%esp),%eax 1864 | 804974a: 83 c0 04 add $0x4,%eax 1865 | 804974d: 8b 00 mov (%eax),%eax 1866 | 804974f: c7 44 24 04 00 10 10 movl $0x101000,0x4(%esp) 1867 | 8049756: 00 1868 | 8049757: 89 04 24 mov %eax,(%esp) 1869 | 804975a: e8 21 ee ff ff call 8048580 1870 | 804975f: 89 44 24 50 mov %eax,0x50(%esp) 1871 | if(fd<0) { 1872 | 8049763: 83 7c 24 50 00 cmpl $0x0,0x50(%esp) 1873 | 8049768: 79 2c jns 8049796 1874 | printf("Error %d Unable to open %s\n", fd, argv[1]); 1875 | 804976a: 8b 44 24 4c mov 0x4c(%esp),%eax 1876 | 804976e: 83 c0 04 add $0x4,%eax 1877 | 8049771: 8b 10 mov (%eax),%edx 1878 | 8049773: b8 e5 a2 04 08 mov $0x804a2e5,%eax 1879 | 8049778: 89 54 24 08 mov %edx,0x8(%esp) 1880 | 804977c: 8b 54 24 50 mov 0x50(%esp),%edx 1881 | 8049780: 89 54 24 04 mov %edx,0x4(%esp) 1882 | 8049784: 89 04 24 mov %eax,(%esp) 1883 | 8049787: e8 74 ed ff ff call 8048500 1884 | return 0; 1885 | 804978c: b8 00 00 00 00 mov $0x0,%eax 1886 | 8049791: e9 7e 03 00 00 jmp 8049b14 1887 | } 1888 | 1889 | /* ELF header : at start of file */ 1890 | read_elf_header(fd, &eh); 1891 | 8049796: 8d 44 24 58 lea 0x58(%esp),%eax 1892 | 804979a: 89 44 24 04 mov %eax,0x4(%esp) 1893 | 804979e: 8b 44 24 50 mov 0x50(%esp),%eax 1894 | 80497a2: 89 04 24 mov %eax,(%esp) 1895 | 80497a5: e8 0a ef ff ff call 80486b4 1896 | if(!is_ELF(eh)) { 1897 | 80497aa: 8b 44 24 58 mov 0x58(%esp),%eax 1898 | 80497ae: 89 04 24 mov %eax,(%esp) 1899 | 80497b1: 8b 44 24 5c mov 0x5c(%esp),%eax 1900 | 80497b5: 89 44 24 04 mov %eax,0x4(%esp) 1901 | 80497b9: 8b 44 24 60 mov 0x60(%esp),%eax 1902 | 80497bd: 89 44 24 08 mov %eax,0x8(%esp) 1903 | 80497c1: 8b 44 24 64 mov 0x64(%esp),%eax 1904 | 80497c5: 89 44 24 0c mov %eax,0xc(%esp) 1905 | 80497c9: 8b 44 24 68 mov 0x68(%esp),%eax 1906 | 80497cd: 89 44 24 10 mov %eax,0x10(%esp) 1907 | 80497d1: 8b 44 24 6c mov 0x6c(%esp),%eax 1908 | 80497d5: 89 44 24 14 mov %eax,0x14(%esp) 1909 | 80497d9: 8b 44 24 70 mov 0x70(%esp),%eax 1910 | 80497dd: 89 44 24 18 mov %eax,0x18(%esp) 1911 | 80497e1: 8b 44 24 74 mov 0x74(%esp),%eax 1912 | 80497e5: 89 44 24 1c mov %eax,0x1c(%esp) 1913 | 80497e9: 8b 44 24 78 mov 0x78(%esp),%eax 1914 | 80497ed: 89 44 24 20 mov %eax,0x20(%esp) 1915 | 80497f1: 8b 44 24 7c mov 0x7c(%esp),%eax 1916 | 80497f5: 89 44 24 24 mov %eax,0x24(%esp) 1917 | 80497f9: 8b 84 24 80 00 00 00 mov 0x80(%esp),%eax 1918 | 8049800: 89 44 24 28 mov %eax,0x28(%esp) 1919 | 8049804: 8b 84 24 84 00 00 00 mov 0x84(%esp),%eax 1920 | 804980b: 89 44 24 2c mov %eax,0x2c(%esp) 1921 | 804980f: 8b 84 24 88 00 00 00 mov 0x88(%esp),%eax 1922 | 8049816: 89 44 24 30 mov %eax,0x30(%esp) 1923 | 804981a: e8 4d ef ff ff call 804876c 1924 | 804981f: 83 f0 01 xor $0x1,%eax 1925 | 8049822: 84 c0 test %al,%al 1926 | 8049824: 74 0a je 8049830 1927 | return 0; 1928 | 8049826: b8 00 00 00 00 mov $0x0,%eax 1929 | 804982b: e9 e4 02 00 00 jmp 8049b14 1930 | } 1931 | print_elf_header(eh); 1932 | 8049830: 8b 44 24 58 mov 0x58(%esp),%eax 1933 | 8049834: 89 04 24 mov %eax,(%esp) 1934 | 8049837: 8b 44 24 5c mov 0x5c(%esp),%eax 1935 | 804983b: 89 44 24 04 mov %eax,0x4(%esp) 1936 | 804983f: 8b 44 24 60 mov 0x60(%esp),%eax 1937 | 8049843: 89 44 24 08 mov %eax,0x8(%esp) 1938 | 8049847: 8b 44 24 64 mov 0x64(%esp),%eax 1939 | 804984b: 89 44 24 0c mov %eax,0xc(%esp) 1940 | 804984f: 8b 44 24 68 mov 0x68(%esp),%eax 1941 | 8049853: 89 44 24 10 mov %eax,0x10(%esp) 1942 | 8049857: 8b 44 24 6c mov 0x6c(%esp),%eax 1943 | 804985b: 89 44 24 14 mov %eax,0x14(%esp) 1944 | 804985f: 8b 44 24 70 mov 0x70(%esp),%eax 1945 | 8049863: 89 44 24 18 mov %eax,0x18(%esp) 1946 | 8049867: 8b 44 24 74 mov 0x74(%esp),%eax 1947 | 804986b: 89 44 24 1c mov %eax,0x1c(%esp) 1948 | 804986f: 8b 44 24 78 mov 0x78(%esp),%eax 1949 | 8049873: 89 44 24 20 mov %eax,0x20(%esp) 1950 | 8049877: 8b 44 24 7c mov 0x7c(%esp),%eax 1951 | 804987b: 89 44 24 24 mov %eax,0x24(%esp) 1952 | 804987f: 8b 84 24 80 00 00 00 mov 0x80(%esp),%eax 1953 | 8049886: 89 44 24 28 mov %eax,0x28(%esp) 1954 | 804988a: 8b 84 24 84 00 00 00 mov 0x84(%esp),%eax 1955 | 8049891: 89 44 24 2c mov %eax,0x2c(%esp) 1956 | 8049895: 8b 84 24 88 00 00 00 mov 0x88(%esp),%eax 1957 | 804989c: 89 44 24 30 mov %eax,0x30(%esp) 1958 | 80498a0: e8 20 ef ff ff call 80487c5 1959 | 1960 | /* Section header table : */ 1961 | sh_tbl = malloc(eh.e_shentsize * eh.e_shnum); 1962 | 80498a5: 0f b7 84 24 86 00 00 movzwl 0x86(%esp),%eax 1963 | 80498ac: 00 1964 | 80498ad: 0f b7 d0 movzwl %ax,%edx 1965 | 80498b0: 0f b7 84 24 88 00 00 movzwl 0x88(%esp),%eax 1966 | 80498b7: 00 1967 | 80498b8: 0f b7 c0 movzwl %ax,%eax 1968 | 80498bb: 0f af c2 imul %edx,%eax 1969 | 80498be: 89 04 24 mov %eax,(%esp) 1970 | 80498c1: e8 8a ec ff ff call 8048550 1971 | 80498c6: 89 44 24 54 mov %eax,0x54(%esp) 1972 | if(!sh_tbl) { 1973 | 80498ca: 83 7c 24 54 00 cmpl $0x0,0x54(%esp) 1974 | 80498cf: 75 2a jne 80498fb 1975 | printf("Failed to allocate %d bytes\n", 1976 | (eh.e_shentsize * eh.e_shnum)); 1977 | 80498d1: 0f b7 84 24 86 00 00 movzwl 0x86(%esp),%eax 1978 | 80498d8: 00 1979 | print_elf_header(eh); 1980 | 1981 | /* Section header table : */ 1982 | sh_tbl = malloc(eh.e_shentsize * eh.e_shnum); 1983 | if(!sh_tbl) { 1984 | printf("Failed to allocate %d bytes\n", 1985 | 80498d9: 0f b7 d0 movzwl %ax,%edx 1986 | (eh.e_shentsize * eh.e_shnum)); 1987 | 80498dc: 0f b7 84 24 88 00 00 movzwl 0x88(%esp),%eax 1988 | 80498e3: 00 1989 | print_elf_header(eh); 1990 | 1991 | /* Section header table : */ 1992 | sh_tbl = malloc(eh.e_shentsize * eh.e_shnum); 1993 | if(!sh_tbl) { 1994 | printf("Failed to allocate %d bytes\n", 1995 | 80498e4: 0f b7 c0 movzwl %ax,%eax 1996 | 80498e7: 0f af d0 imul %eax,%edx 1997 | 80498ea: b8 01 a3 04 08 mov $0x804a301,%eax 1998 | 80498ef: 89 54 24 04 mov %edx,0x4(%esp) 1999 | 80498f3: 89 04 24 mov %eax,(%esp) 2000 | 80498f6: e8 05 ec ff ff call 8048500 2001 | (eh.e_shentsize * eh.e_shnum)); 2002 | } 2003 | read_section_header_table(fd, eh, sh_tbl); 2004 | 80498fb: 8b 44 24 54 mov 0x54(%esp),%eax 2005 | 80498ff: 89 44 24 38 mov %eax,0x38(%esp) 2006 | 8049903: 8b 44 24 58 mov 0x58(%esp),%eax 2007 | 8049907: 89 44 24 04 mov %eax,0x4(%esp) 2008 | 804990b: 8b 44 24 5c mov 0x5c(%esp),%eax 2009 | 804990f: 89 44 24 08 mov %eax,0x8(%esp) 2010 | 8049913: 8b 44 24 60 mov 0x60(%esp),%eax 2011 | 8049917: 89 44 24 0c mov %eax,0xc(%esp) 2012 | 804991b: 8b 44 24 64 mov 0x64(%esp),%eax 2013 | 804991f: 89 44 24 10 mov %eax,0x10(%esp) 2014 | 8049923: 8b 44 24 68 mov 0x68(%esp),%eax 2015 | 8049927: 89 44 24 14 mov %eax,0x14(%esp) 2016 | 804992b: 8b 44 24 6c mov 0x6c(%esp),%eax 2017 | 804992f: 89 44 24 18 mov %eax,0x18(%esp) 2018 | 8049933: 8b 44 24 70 mov 0x70(%esp),%eax 2019 | 8049937: 89 44 24 1c mov %eax,0x1c(%esp) 2020 | 804993b: 8b 44 24 74 mov 0x74(%esp),%eax 2021 | 804993f: 89 44 24 20 mov %eax,0x20(%esp) 2022 | 8049943: 8b 44 24 78 mov 0x78(%esp),%eax 2023 | 8049947: 89 44 24 24 mov %eax,0x24(%esp) 2024 | 804994b: 8b 44 24 7c mov 0x7c(%esp),%eax 2025 | 804994f: 89 44 24 28 mov %eax,0x28(%esp) 2026 | 8049953: 8b 84 24 80 00 00 00 mov 0x80(%esp),%eax 2027 | 804995a: 89 44 24 2c mov %eax,0x2c(%esp) 2028 | 804995e: 8b 84 24 84 00 00 00 mov 0x84(%esp),%eax 2029 | 8049965: 89 44 24 30 mov %eax,0x30(%esp) 2030 | 8049969: 8b 84 24 88 00 00 00 mov 0x88(%esp),%eax 2031 | 8049970: 89 44 24 34 mov %eax,0x34(%esp) 2032 | 8049974: 8b 44 24 50 mov 0x50(%esp),%eax 2033 | 8049978: 89 04 24 mov %eax,(%esp) 2034 | 804997b: e8 c3 f3 ff ff call 8048d43 2035 | print_section_headers(fd, eh, sh_tbl); 2036 | 8049980: 8b 44 24 54 mov 0x54(%esp),%eax 2037 | 8049984: 89 44 24 38 mov %eax,0x38(%esp) 2038 | 8049988: 8b 44 24 58 mov 0x58(%esp),%eax 2039 | 804998c: 89 44 24 04 mov %eax,0x4(%esp) 2040 | 8049990: 8b 44 24 5c mov 0x5c(%esp),%eax 2041 | 8049994: 89 44 24 08 mov %eax,0x8(%esp) 2042 | 8049998: 8b 44 24 60 mov 0x60(%esp),%eax 2043 | 804999c: 89 44 24 0c mov %eax,0xc(%esp) 2044 | 80499a0: 8b 44 24 64 mov 0x64(%esp),%eax 2045 | 80499a4: 89 44 24 10 mov %eax,0x10(%esp) 2046 | 80499a8: 8b 44 24 68 mov 0x68(%esp),%eax 2047 | 80499ac: 89 44 24 14 mov %eax,0x14(%esp) 2048 | 80499b0: 8b 44 24 6c mov 0x6c(%esp),%eax 2049 | 80499b4: 89 44 24 18 mov %eax,0x18(%esp) 2050 | 80499b8: 8b 44 24 70 mov 0x70(%esp),%eax 2051 | 80499bc: 89 44 24 1c mov %eax,0x1c(%esp) 2052 | 80499c0: 8b 44 24 74 mov 0x74(%esp),%eax 2053 | 80499c4: 89 44 24 20 mov %eax,0x20(%esp) 2054 | 80499c8: 8b 44 24 78 mov 0x78(%esp),%eax 2055 | 80499cc: 89 44 24 24 mov %eax,0x24(%esp) 2056 | 80499d0: 8b 44 24 7c mov 0x7c(%esp),%eax 2057 | 80499d4: 89 44 24 28 mov %eax,0x28(%esp) 2058 | 80499d8: 8b 84 24 80 00 00 00 mov 0x80(%esp),%eax 2059 | 80499df: 89 44 24 2c mov %eax,0x2c(%esp) 2060 | 80499e3: 8b 84 24 84 00 00 00 mov 0x84(%esp),%eax 2061 | 80499ea: 89 44 24 30 mov %eax,0x30(%esp) 2062 | 80499ee: 8b 84 24 88 00 00 00 mov 0x88(%esp),%eax 2063 | 80499f5: 89 44 24 34 mov %eax,0x34(%esp) 2064 | 80499f9: 8b 44 24 50 mov 0x50(%esp),%eax 2065 | 80499fd: 89 04 24 mov %eax,(%esp) 2066 | 8049a00: e8 ed f4 ff ff call 8048ef2 2067 | /* Symbol tables : 2068 | * sh_tbl[i].sh_type 2069 | * |`- SHT_SYMTAB 2070 | * `- SHT_DYNSYM 2071 | */ 2072 | print_symbols(fd, eh, sh_tbl); 2073 | 8049a05: 8b 44 24 54 mov 0x54(%esp),%eax 2074 | 8049a09: 89 44 24 38 mov %eax,0x38(%esp) 2075 | 8049a0d: 8b 44 24 58 mov 0x58(%esp),%eax 2076 | 8049a11: 89 44 24 04 mov %eax,0x4(%esp) 2077 | 8049a15: 8b 44 24 5c mov 0x5c(%esp),%eax 2078 | 8049a19: 89 44 24 08 mov %eax,0x8(%esp) 2079 | 8049a1d: 8b 44 24 60 mov 0x60(%esp),%eax 2080 | 8049a21: 89 44 24 0c mov %eax,0xc(%esp) 2081 | 8049a25: 8b 44 24 64 mov 0x64(%esp),%eax 2082 | 8049a29: 89 44 24 10 mov %eax,0x10(%esp) 2083 | 8049a2d: 8b 44 24 68 mov 0x68(%esp),%eax 2084 | 8049a31: 89 44 24 14 mov %eax,0x14(%esp) 2085 | 8049a35: 8b 44 24 6c mov 0x6c(%esp),%eax 2086 | 8049a39: 89 44 24 18 mov %eax,0x18(%esp) 2087 | 8049a3d: 8b 44 24 70 mov 0x70(%esp),%eax 2088 | 8049a41: 89 44 24 1c mov %eax,0x1c(%esp) 2089 | 8049a45: 8b 44 24 74 mov 0x74(%esp),%eax 2090 | 8049a49: 89 44 24 20 mov %eax,0x20(%esp) 2091 | 8049a4d: 8b 44 24 78 mov 0x78(%esp),%eax 2092 | 8049a51: 89 44 24 24 mov %eax,0x24(%esp) 2093 | 8049a55: 8b 44 24 7c mov 0x7c(%esp),%eax 2094 | 8049a59: 89 44 24 28 mov %eax,0x28(%esp) 2095 | 8049a5d: 8b 84 24 80 00 00 00 mov 0x80(%esp),%eax 2096 | 8049a64: 89 44 24 2c mov %eax,0x2c(%esp) 2097 | 8049a68: 8b 84 24 84 00 00 00 mov 0x84(%esp),%eax 2098 | 8049a6f: 89 44 24 30 mov %eax,0x30(%esp) 2099 | 8049a73: 8b 84 24 88 00 00 00 mov 0x88(%esp),%eax 2100 | 8049a7a: 89 44 24 34 mov %eax,0x34(%esp) 2101 | 8049a7e: 8b 44 24 50 mov 0x50(%esp),%eax 2102 | 8049a82: 89 04 24 mov %eax,(%esp) 2103 | 8049a85: e8 50 f8 ff ff call 80492da 2104 | 2105 | save_text_section(fd, eh, sh_tbl); 2106 | 8049a8a: 8b 44 24 54 mov 0x54(%esp),%eax 2107 | 8049a8e: 89 44 24 38 mov %eax,0x38(%esp) 2108 | 8049a92: 8b 44 24 58 mov 0x58(%esp),%eax 2109 | 8049a96: 89 44 24 04 mov %eax,0x4(%esp) 2110 | 8049a9a: 8b 44 24 5c mov 0x5c(%esp),%eax 2111 | 8049a9e: 89 44 24 08 mov %eax,0x8(%esp) 2112 | 8049aa2: 8b 44 24 60 mov 0x60(%esp),%eax 2113 | 8049aa6: 89 44 24 0c mov %eax,0xc(%esp) 2114 | 8049aaa: 8b 44 24 64 mov 0x64(%esp),%eax 2115 | 8049aae: 89 44 24 10 mov %eax,0x10(%esp) 2116 | 8049ab2: 8b 44 24 68 mov 0x68(%esp),%eax 2117 | 8049ab6: 89 44 24 14 mov %eax,0x14(%esp) 2118 | 8049aba: 8b 44 24 6c mov 0x6c(%esp),%eax 2119 | 8049abe: 89 44 24 18 mov %eax,0x18(%esp) 2120 | 8049ac2: 8b 44 24 70 mov 0x70(%esp),%eax 2121 | 8049ac6: 89 44 24 1c mov %eax,0x1c(%esp) 2122 | 8049aca: 8b 44 24 74 mov 0x74(%esp),%eax 2123 | 8049ace: 89 44 24 20 mov %eax,0x20(%esp) 2124 | 8049ad2: 8b 44 24 78 mov 0x78(%esp),%eax 2125 | 8049ad6: 89 44 24 24 mov %eax,0x24(%esp) 2126 | 8049ada: 8b 44 24 7c mov 0x7c(%esp),%eax 2127 | 8049ade: 89 44 24 28 mov %eax,0x28(%esp) 2128 | 8049ae2: 8b 84 24 80 00 00 00 mov 0x80(%esp),%eax 2129 | 8049ae9: 89 44 24 2c mov %eax,0x2c(%esp) 2130 | 8049aed: 8b 84 24 84 00 00 00 mov 0x84(%esp),%eax 2131 | 8049af4: 89 44 24 30 mov %eax,0x30(%esp) 2132 | 8049af8: 8b 84 24 88 00 00 00 mov 0x88(%esp),%eax 2133 | 8049aff: 89 44 24 34 mov %eax,0x34(%esp) 2134 | 8049b03: 8b 44 24 50 mov 0x50(%esp),%eax 2135 | 8049b07: 89 04 24 mov %eax,(%esp) 2136 | 8049b0a: e8 af f8 ff ff call 80493be 2137 | 2138 | return 0; 2139 | 8049b0f: b8 00 00 00 00 mov $0x0,%eax 2140 | } 2141 | 8049b14: 8b 94 24 8c 00 00 00 mov 0x8c(%esp),%edx 2142 | 8049b1b: 65 33 15 14 00 00 00 xor %gs:0x14,%edx 2143 | 8049b22: 74 05 je 8049b29 2144 | 8049b24: e8 07 ea ff ff call 8048530 <__stack_chk_fail@plt> 2145 | 8049b29: c9 leave 2146 | 8049b2a: c3 ret 2147 | 8049b2b: 90 nop 2148 | 8049b2c: 90 nop 2149 | 8049b2d: 90 nop 2150 | 8049b2e: 90 nop 2151 | 8049b2f: 90 nop 2152 | 2153 | 08049b30 <__libc_csu_init>: 2154 | 8049b30: 55 push %ebp 2155 | 8049b31: 57 push %edi 2156 | 8049b32: 56 push %esi 2157 | 8049b33: 53 push %ebx 2158 | 8049b34: e8 69 00 00 00 call 8049ba2 <__i686.get_pc_thunk.bx> 2159 | 8049b39: 81 c3 bb 24 00 00 add $0x24bb,%ebx 2160 | 8049b3f: 83 ec 1c sub $0x1c,%esp 2161 | 8049b42: 8b 6c 24 30 mov 0x30(%esp),%ebp 2162 | 8049b46: 8d bb 20 ff ff ff lea -0xe0(%ebx),%edi 2163 | 8049b4c: e8 53 e9 ff ff call 80484a4 <_init> 2164 | 8049b51: 8d 83 20 ff ff ff lea -0xe0(%ebx),%eax 2165 | 8049b57: 29 c7 sub %eax,%edi 2166 | 8049b59: c1 ff 02 sar $0x2,%edi 2167 | 8049b5c: 85 ff test %edi,%edi 2168 | 8049b5e: 74 29 je 8049b89 <__libc_csu_init+0x59> 2169 | 8049b60: 31 f6 xor %esi,%esi 2170 | 8049b62: 8d b6 00 00 00 00 lea 0x0(%esi),%esi 2171 | 8049b68: 8b 44 24 38 mov 0x38(%esp),%eax 2172 | 8049b6c: 89 2c 24 mov %ebp,(%esp) 2173 | 8049b6f: 89 44 24 08 mov %eax,0x8(%esp) 2174 | 8049b73: 8b 44 24 34 mov 0x34(%esp),%eax 2175 | 8049b77: 89 44 24 04 mov %eax,0x4(%esp) 2176 | 8049b7b: ff 94 b3 20 ff ff ff call *-0xe0(%ebx,%esi,4) 2177 | 8049b82: 83 c6 01 add $0x1,%esi 2178 | 8049b85: 39 fe cmp %edi,%esi 2179 | 8049b87: 75 df jne 8049b68 <__libc_csu_init+0x38> 2180 | 8049b89: 83 c4 1c add $0x1c,%esp 2181 | 8049b8c: 5b pop %ebx 2182 | 8049b8d: 5e pop %esi 2183 | 8049b8e: 5f pop %edi 2184 | 8049b8f: 5d pop %ebp 2185 | 8049b90: c3 ret 2186 | 8049b91: eb 0d jmp 8049ba0 <__libc_csu_fini> 2187 | 8049b93: 90 nop 2188 | 8049b94: 90 nop 2189 | 8049b95: 90 nop 2190 | 8049b96: 90 nop 2191 | 8049b97: 90 nop 2192 | 8049b98: 90 nop 2193 | 8049b99: 90 nop 2194 | 8049b9a: 90 nop 2195 | 8049b9b: 90 nop 2196 | 8049b9c: 90 nop 2197 | 8049b9d: 90 nop 2198 | 8049b9e: 90 nop 2199 | 8049b9f: 90 nop 2200 | 2201 | 08049ba0 <__libc_csu_fini>: 2202 | 8049ba0: f3 c3 repz ret 2203 | 2204 | 08049ba2 <__i686.get_pc_thunk.bx>: 2205 | 8049ba2: 8b 1c 24 mov (%esp),%ebx 2206 | 8049ba5: c3 ret 2207 | 8049ba6: 90 nop 2208 | 8049ba7: 90 nop 2209 | 8049ba8: 90 nop 2210 | 8049ba9: 90 nop 2211 | 8049baa: 90 nop 2212 | 8049bab: 90 nop 2213 | 8049bac: 90 nop 2214 | 8049bad: 90 nop 2215 | 8049bae: 90 nop 2216 | 8049baf: 90 nop 2217 | 2218 | 08049bb0 <__do_global_ctors_aux>: 2219 | 8049bb0: 55 push %ebp 2220 | 8049bb1: 89 e5 mov %esp,%ebp 2221 | 8049bb3: 53 push %ebx 2222 | 8049bb4: 83 ec 04 sub $0x4,%esp 2223 | 8049bb7: a1 14 bf 04 08 mov 0x804bf14,%eax 2224 | 8049bbc: 83 f8 ff cmp $0xffffffff,%eax 2225 | 8049bbf: 74 13 je 8049bd4 <__do_global_ctors_aux+0x24> 2226 | 8049bc1: bb 14 bf 04 08 mov $0x804bf14,%ebx 2227 | 8049bc6: 66 90 xchg %ax,%ax 2228 | 8049bc8: 83 eb 04 sub $0x4,%ebx 2229 | 8049bcb: ff d0 call *%eax 2230 | 8049bcd: 8b 03 mov (%ebx),%eax 2231 | 8049bcf: 83 f8 ff cmp $0xffffffff,%eax 2232 | 8049bd2: 75 f4 jne 8049bc8 <__do_global_ctors_aux+0x18> 2233 | 8049bd4: 83 c4 04 add $0x4,%esp 2234 | 8049bd7: 5b pop %ebx 2235 | 8049bd8: 5d pop %ebp 2236 | 8049bd9: c3 ret 2237 | 8049bda: 90 nop 2238 | 8049bdb: 90 nop 2239 | 2240 | Disassembly of section .fini: 2241 | 2242 | 08049bdc <_fini>: 2243 | 8049bdc: 53 push %ebx 2244 | 8049bdd: 83 ec 08 sub $0x8,%esp 2245 | 8049be0: e8 00 00 00 00 call 8049be5 <_fini+0x9> 2246 | 8049be5: 5b pop %ebx 2247 | 8049be6: 81 c3 0f 24 00 00 add $0x240f,%ebx 2248 | 8049bec: e8 3f ea ff ff call 8048630 <__do_global_dtors_aux> 2249 | 8049bf1: 83 c4 08 add $0x8,%esp 2250 | 8049bf4: 5b pop %ebx 2251 | 8049bf5: c3 ret 2252 | -------------------------------------------------------------------------------- /hola/text.S: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheCodeArtist/elf-parser/ebd6f1e0dcc1108c9f0b0872c5dc74097898a424/hola/text.S -------------------------------------------------------------------------------- /meson.build: -------------------------------------------------------------------------------- 1 | project('elf-parser', 'c', 2 | version : '1.0.0') 3 | 4 | libelfparser = library('elf-parser', 5 | 'elf-parser.c', 6 | include_directories : include_directories('.'), 7 | install : true) 8 | 9 | install_headers('elf-parser.h') 10 | 11 | pkgconfig = import('pkgconfig') 12 | pkgconfig.generate( 13 | libraries : libelfparser, 14 | version : '1.0', 15 | name : 'libelfparser', 16 | description : 'A library for parsing elf files') 17 | 18 | libelfparser_dep = declare_dependency( 19 | include_directories : include_directories('.'), 20 | link_with : libelfparser, 21 | ) 22 | 23 | executable('elf-parser', 24 | 'elf-parser-main.c', 25 | 'disasm.c', 26 | dependencies : [libelfparser_dep], 27 | ) 28 | --------------------------------------------------------------------------------