1.ELF之Elf Header

時間 2019-12-13

標籤 1.elf elf header 简体版

原文原文鏈接

1.ELF的三個文件頭架構

每一個ELF文件有三個文件頭，用來索引信息。app

(1).EH = ELF file Header　可在此讀到PH，SH在文件中的offset。ide

(2).PH = Program Header　與load program有關的索引，.o的PH爲空。spa

(3).SH = Section Header　組成此文件的全部section的索引。操作系統

2. elf.hcode

先以32位的.o文件爲例。blog

/usr/include/elf.h中能夠查到三個文件頭的組成結構，以及各個值對應的意義。索引

/* The ELF file header.  This appears at the start of every ELF file.  */

#define EI_NIDENT (16)

typedef struct
{
  unsigned char    e_ident[EI_NIDENT];    /* Magic number and other info */
  Elf32_Half    e_type;            /* Object file type */
  Elf32_Half    e_machine;        /* Architecture */
  Elf32_Word    e_version;        /* Object file version */
  Elf32_Addr    e_entry;        /* Entry point virtual address */
  Elf32_Off     e_phoff;        /* Program header table file offset */
  Elf32_Off     e_shoff;        /* Section header table file offset */
  Elf32_Word    e_flags;        /* Processor-specific flags */
  Elf32_Half    e_ehsize;        /* ELF header size in bytes */
  Elf32_Half    e_phentsize;        /* Program header table entry size */
  Elf32_Half    e_phnum;        /* Program header table entry count */
  Elf32_Half    e_shentsize;        /* Section header table entry size */
  Elf32_Half    e_shnum;        /* Section header table entry count */
  Elf32_Half    e_shstrndx;        /* Section header string table index */
} Elf32_Ehdr;