使文本段可写，E​​LF [英] Make text segment writable, ELF

问题描述

我需要一个可执行ELF可写的文本段。
该方案我需要修改是用C语言，我可以编译它。有任何想法吗？

I need to make .text segment of an executable ELF writable. The program i need to modify is written in C and i can compile it. Any ideas?

非常感谢。

推荐答案

对于下面的答案，我要利用这个测试程序：

For the answer below, I'm going to use this test program:

#include <stdio.h>
#include <stdlib.h>

int
main (int argc, char **argv)
{
  printf ("Hello world\n");
  void *m = main;
  *((char *) m) = 0;
  exit (0);
}

与编译：

$ gcc -g -o test test.c

正如预期的那样：

As expected:

$ gdb test
...
(gdb) run
Starting program: /home/amb/so/test
Hello world

Program received signal SIGSEGV, Segmentation fault.
0x00000000004005a2 in main (argc=1, argv=0x7fffffffe628) at test.c:9
9       *((char *)m) = 0;
(gdb)

在这里最明显的途径是使用 -Wl 标志 GCC 通过 -N 或（又名 - OMAGIC ）的连接器，即 GCC ...轮候册， - OMAGIC ... ，尽管这可能有其他不良结果（如禁用共享库）。从手册页：

The obvious route here is to use the -Wl flag to gcc to pass -N or (aka --omagic) to the linker, i.e. gcc ... -Wl,--omagic ..., though this may have other undesirable results (e.g. disabling shared libraries). From the man page:

   -N
   --omagic
       Set the text and data sections to be readable and writable.  Also, do not page-align the
       data segment, and disable linking against shared libraries.  If the output format
       supports Unix style magic numbers, mark the output as "OMAGIC". Note: Although a
       writable text section is allowed for PE-COFF targets, it does not conform to the format
       specification published by Microsoft.

让我们给一个去：

$ gcc --static -g -Wl,--omagic -o test test.c
$ ./test
Hello world
$

这工作得很好，但你已经失去了动态库的支持。

That works fine, but you've lost dynamic library support.

要保持动态库的支持，并保留一个可写的文本段，你应该能够使用：

To keep dynamic library support, and retain a writable text segment, you should be able to use:

objcopy --writable-text ...

从手册页：

   --writable-text
       Mark the output text as writable.  This option isn't meaningful for all object file
       formats.

这应该工作，但不会，因为 objdump的将验证。因此，这里的进一步变得有点不是的解决方案 - 可写文本这是OP在评论中曾表示不会出现做它在锡说^ Wmanpage。

This ought to work, but doesn't, as objdump will verify. So here's a solution that gets a bit further than --writable-text which as OP has stated in the comments does not appear to do what it says on the tin^Wmanpage.

让我们来看看各部分是如何注明：

Let's see how the sections are marked:

$ gcc -g -o test test.
$ objdump -h test | fgrep -A1 .text
  12 .text         00000192  0000000000400490  0000000000400490  00000490  2**4
                  CONTENTS, ALLOC, LOAD, READONLY, CODE

现在，让我们摆脱了 READONLY 标记：

Now let's get rid of that READONLY flag:

$ objcopy --set-section-flags .text=contents,alloc,load,code test test1
$ objdump -h test1 | fgrep -A1 .text
 12 .text         00000192  0000000000400490  0000000000400490  00000490  2**4
                  CONTENTS, ALLOC, LOAD, CODE

现在 READONLY 已经按要求。

不过：<​​/ P>

 $ gdb test1
 ...
(gdb) run
Starting program: /home/amb/so/test1
Hello world

Program received signal SIGSEGV, Segmentation fault.
0x00000000004005a2 in main (argc=1, argv=0x7fffffffe628) at test.c:9
9       *((char *)m) = 0;
(gdb)

我怀疑这里的问题是，比ELF节名称别的其他正在使部分只读实际加载的时候。这可能是为什么人们都建议你使用则mprotect 。对不起，不以己更多的帮助。

I suspect the issue here is that something else other than the ELF section name is making the section read-only when actually loaded. Which is probably why people are suggesting you use mprotect. Sorry not to have been more help.

这篇关于使文本段可写，E​​LF的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！