Linux:从可执行文件更新嵌入式资源 [英] Linux: update embedded resource from executable

问题描述

我有一个可执行文件，其中使用objcopy方法嵌入了二进制文件资源

I have an executable in which I embed a binary file resource using the objcopy method

objcopy --input binary --output elf32-i386 --binary-architecture i386 data.txt data.o

链接到data.o并使用

extern char _binary_data_txt_start
extern char _binary_data_txt_end

现在可以在可执行文件中更新此数据吗?更新后的数据可以具有相同的确切大小，我只需要更改一些位即可.

Is it possible now to update this data inside the executable? The updated data can have the same exact size, I just need to change some of the bits.

在Windows PE文件中，使用UpdateResource()

In windows PE files this is very simple to do using UpdateResource()

推荐答案

没什么特别的，没什么难的.我将在下面为您提供正确的顺序，但首先让我稍微更正您的嵌入方法.我们不要显式使用objcopy，而要使用GNU LD来获取ELF文件中的正确条目.

Nothing special and nothing hard at all. I'll give you correct sequence below, but first let me to correct slightly your embedding method. Lets not use objcopy explicitly, lets use GNU LD instead to got correct entry inside ELF file.

让我们开始吧.这是test-emb.c文件:

Lets begin. This is test-emb.c file:

#include <stdio.h>

extern unsigned char data[] asm("_binary_data_txt_start");

int
main (void)
{
  fprintf(stderr, "%u, %u, %u\n", data[0] - '0', data[1] - '0', data[2] - '0');
  return 0;
}

这是称为data.txt

12345678

这是另一个名为newdata.txt

98765432

现在编译并链接:

$ gcc test-emb.c -c -m32
$ gcc -o test-emb test-emb.o -Wl,--format=binary -Wl,data.txt -Wl,--format=default -m32

尝试:

$ ./test-emb 
1, 2, 3

现在开始跳舞.第一步:确定数据段的逻辑和物理地址:

Now start dancing. Step one: determine logical and physical address of data section:

$ readelf -S test-emb | grep "\.data" | awk '{print $4}'
080496b8

$ readelf -S test-emb | grep "\.data" | awk '{print $5}'
0006b8

第二步:二进制数据的开始和大小:

Step two: start and size fo binary data:

$ readelf -s test-emb | grep _binary_data_txt_start | awk '{print $2}'
080496c0

$readelf -s test-emb | grep _binary_data_txt_size | awk '{print $2}'
00000009

第三步:做数学.我们确实需要:在数据中找到二进制数据的偏移量，并将其转换为物理起点:

Step three: doing math. We do need: find offset of binary data in data, and convert it to physical starting point:

$ echo $((0x080496c0 - 0x080496b8))
8
echo $((0x0006b8 + 8))
1728

第四步:实际替换(计数值为二进制数据大小，taht为9):

Step four: actual replacement (count value is binary data size, taht is 9):

cat newdata.txt | dd of=test-emb bs=1 seek=1728 count=9 conv=notrunc

现在再次检查:

$ ./test-emb 
9, 8, 7

一切正常.您可以轻松地将此方法折叠为Windows下的UpdateResource脚本，而不是更难使用，但是我想让您了解事情的进展.

Everything works. You may easily fold this method into script, not harder in use, that UpdateResource under Windows, but I want to give you understanding of how things are going on.

这篇关于Linux:从可执行文件更新嵌入式资源的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！