Linux??????????????

???????????? ???????[ 2014/12/16 14:47:17 ] ????????Linux ??????

?????????????(PIC?? position independent code)
???????????????????????????λ?????????
????????????????????????????
???????????????????????????λ??????????????????????????????
???????????Щ????ELF ???????????????????????????????y?????????????????????????????????????????????
????1.??????????????
??????????????????????????static ??????????????????????????????????? static ?????????????????????????????????????????????????? x86 ??????????????????????????????????λ??????????У????????????????????鷳????????????????????????????????????????δ???????????????????????????????
????ELF ??????????????С??????????? IP ???????????????????????????????????????????????е?????Σ?????ε????λ?????????????????????????????????????????????ε???????????????????????????????????????????????????????ù????λ???????????????????????????????????????????????￡?
int g_share = 1;
static int g_share2 = 2;
int g_func(int a)
{
g_share += a;
return a * 2;
}
int g_func2()
{
int a = 2;
int b = g_func(3);
return a + b;
}
static int g_fun3()
{
g_share2 += 3;
return g_share2 - 1;
}
static int g_func4()
{
int a = g_fun3();
a + 2;
return a;
}
?????????????x86 linux ?±??????????????????????
????-bash-3.00$ gcc -o liba.so -fPIC -shared a.c
????-bash-3.00$ objdump -S liba.so
????//skip some of the output
????00000564 <g_fun3>:
????564: 55                   push   %ebp
????565: 89 e5                mov    %esp??%ebp
????567: e8 00 00 00 00       call   56c <g_fun3+0x8>
????56c: 59                   pop    %ecx
????56d: 81 c1 60 11 00 00    add    $0x1160??%ecx
????573: 83 81 20 00 00 00 03 addl   $0x3??0x20(%ecx)
????57a: 8b 81 20 00 00 00    mov    0x20(%ecx)??%eax
????580: 48                   dec    %eax
????581: c9                   leave
????582: c3                   ret
????//skip some of the output
???????????????????????￡????????? 567 ???????Щ???????????????????x86 ??????????????? ip ??????????????????????????????????? ip ?(x86_64?2???????鷳)???????????????????к????????????????????????????????????????????????????????????????????????????? 56c ??к?%ecx ?а?????????????????? 0x56c????? 56d ?? 573 ?????????? %ecx + 0x1160 + 0x20 = 0x16ec ?? 573 ???????????????????????????????????
????-bash-3.00$ objdump -s liba.so
????Contents of section .data:
????16e0 e0160000 f4150000 01000000 02000000 ................
????????????????????? int????? g_share2!
????2.???????????
??????????????????????????????鷳?????????????????????????????δ????????????????????????????????????????????????????????????ELF ?????????????????????м???????????? GOT(global offset table)?? GOT ????з????????????????????????????????????????????????г????????????????ж??????????????????????????????????????????????????????????????????????????????????????????????????????????
????????????????????????????? g_func ????????? g_share ???????
00000504 <g_func>:
504: 55                   push   %ebp
505: 89 e5                mov    %esp??%ebp
507: 53                   push   %ebx
508: e8 00 00 00 00       call   50d <g_func+0x9>
50d: 5b                   pop    %ebx
50e: 81 c3 bf 11 00 00    add    $0x11bf??%ebx
514: 8b 8b f0 ff ff ff    mov    0xfffffff0(%ebx)??%ecx
51a: 8b 93 f0 ff ff ff    mov    0xfffffff0(%ebx)??%edx
520: 8b 45 08             mov    0x8(%ebp)??%eax
523: 03 02                add    (%edx)??%eax
525: 89 01                mov    %eax??(%ecx)
527: 8b 45 08             mov    0x8(%ebp)??%eax
52a: d1 e0                shl    %eax
52c: 5b                   pop    %ebx
52d: c9                   leave
52e: c3                   ret
?????????????У?508 ?? 50d ????????????? ip ??? ????? 50d ?? %ebx ?з???? 0x50d?? ??? 50e ??????? g_share ?? GOT ?е??? 0x50d + 0x11bf + 0xfffffff0 = 0x16bc?? ????????????????? GOT??
????-bash-3.00$ objdump -h liba.so
????liba.so:     file format elf32-i386
????Sections:
????Idx Name          Size      VMA       LMA       File off Algn
????//skip some of the output
????16 .got          00000010 000016bc 000016bc 000006bc 2**2
????CONTENTS?? ALLOC?? LOAD?? DATA
?????????0x16bc ?? GOT ??????
??????????ELF ????л?????????????λ?Σ???????????Щ??????????????λ?????????????????????????????????????
????-bash-3.00$ objdump -R liba.so
????liba.so:     file format elf32-i386
????DYNAMIC RELOCATION RECORDS
????OFFSET   TYPE              VALUE
????000016e0 R_386_RELATIVE    *ABS*
????000016e4 R_386_RELATIVE    *ABS*
????000016bc R_386_GLOB_DAT    g_share
????000016c0 R_386_GLOB_DAT    __cxa_finalize
????000016c4 R_386_GLOB_DAT    _Jv_RegisterClasses
????000016c8 R_386_GLOB_DAT    __gmon_start__
????000016d8 R_386_JUMP_SLOT   g_func
????000016dc R_386_JUMP_SLOT   __cxa_finalize
????????????? g_share ?????? 0x16bc??????????????????
?????′??????????????????????????????????????????????????????????????????? GOT ?????????????????????????ELF ????????ν????????????????????????????????