How to create a section in ELF?

[asmman]

Not sure if it's the right are to ask for this, if didn't please move for me. I'm reading about ELF file format and trying to create one without any library, to really understand how the things works. In fact, I was able to create one by setting all needed headers and put some op code to it print a string on std out. But how to create the string table and then the sections, to be honest, I have no code to show because I didn't understand even how to create the string table myself and set it to sh_name. I'd love any code example how to do this. I've search a lot on internet without luck. Even libelf doesn't show how to do it directly the explanation actually I get it's same as from standard elf document.

[encryptor256]

Try debug already existing ELF files or find an ELF file format specification.
Debug existing ELF file and follow debug process with ELF file format specification.
Debug with some HEX editor.

[Frank Kotler]

There's some discussion about the ELF header here:

http://www.muppetlabs.com/~breadbox/software/tiny/teensy.html

It has links to the ELF documentation, but it sounds as if you're well beyond that point. There's an example from Stephen Pelc (apparently well-known in Forth circles) showing how to call printf from an "-f bin" file. That may get into "string table". I can't find it at the moment. If you haven't seen that, I'll look again.

What little I ever knew about string tables - if anything - is "paged out" right now. It would be obsolete at this point anyway. Speaking of which... are you interested in 32-bit code or 64-bit? (I know nothing of the latter) I'd be interested in hearing more about what you're trying to do, and how far you've gotten, but I probably can't be much help. I'm pretty much resigned to "let the linker do its job". I hope your question stimulates some discussion!

Edit: I see that Encryptor 256 has already come up with an idea how to approach it...

Edit2: http://www.mpeforth.com/arena/cwgtLinux.txt

Best,
Frank

[asmman]

Try debug already existing ELF files or find an ELF file format specification.
Debug existing ELF file and follow debug process with ELF file format specification.
Debug with some HEX editor.

Actually I'm already using both approaches.

[Rob Neff]

Not sure if you thought of this already but for authoritative info you could study the source to the GNU binutils programs nm, objcopy, readelf, objdump, etc.

[asmman]

There's some discussion about the ELF header here:

http://www.muppetlabs.com/~breadbox/software/tiny/teensy.html

It has links to the ELF documentation, but it sounds as if you're well beyond that point. There's an example from Stephen Pelc (apparently well-known in Forth circles) showing how to call printf from an "-f bin" file. That may get into "string table". I can't find it at the moment. If you haven't seen that, I'll look again.

What little I ever knew about string tables - if anything - is "paged out" right now. It would be obsolete at this point anyway. Speaking of which... are you interested in 32-bit code or 64-bit? (I know nothing of the latter) I'd be interested in hearing more about what you're trying to do, and how far you've gotten, but I probably can't be much help. I'm pretty much resigned to "let the linker do its job". I hope your question stimulates some discussion!

Edit: I see that Encryptor 256 has already come up with an idea how to approach it...

Edit2: http://www.mpeforth.com/arena/cwgtLinux.txt

Best,
Frank

I don't know what happend but now I see my answer to this disappeared. Funny, I was having sure the post sent successfully. Was this removed by any reason?

[Frank Kotler]

I'm pretty sure your post was not removed intentionally. Sometimes things disappear for no known reason. I hate it when that happens. Usually I'm too ticked off to repost immediately. If and when you get to it, post again.

The only worthwhile part to my post is the link to Stephen Pelc's work. I get confused about the "hash table" and his "cheating" alternative to it. As Rob points out, the "official" source code is available, and may be the best guidance. Helps if you understand C better than I do.

As I understand it, the "stringtable" itself is simple enough - a zero, followed by some zero-terminated strings, ending in another zero. But to access it, we get the index to the string we want from the "hashtable". This is where I get lost. If what you're doing is not "access a dynamic library", I may be wrong even before this!

I hope no more of your posts go missing, and I hope we're actually able to give you some help. This is not a "beginner question" so there's no guarantee!

Best,
Frank

[encryptor256]

I don't know what happend but now I see my answer to this disappeared. Funny, I was having sure the post sent successfully. Was this removed by any reason?

I'm pretty sure your post was not removed intentionally. Sometimes things disappear for no known reason. I hate it when that happens. Usually I'm too ticked off to repost immediately. If and when you get to it, post again.

He he, sounds like some mystery is going on. My "weird posts" have never disappeared, so, i don't know what's wrong with you there.
* Insert GPS code, tracking device code, into your posts, so you know, where are they, when disappear.
* Insert flag counter, so you know, in which country they are located on disappearance.

Make sure you copy all contents before you post, so you don't have to rewrite all the things you wanted to say.
* onPostButtonPress: { CTRL + A, -A, +C // (Select all, copy, and that's it). };

Maybe they disappear, because, you typed some invalid symbols that "poster-scanner module" can't process.
* Once it happened for me, poster halted in some loop, because there was some unfriendly symbols.

Maybe there is malicious code, that happens very rare, like:

Code: [Select]

unsigned long number = random(0,9999);
if( number > 9900 )
{
removePost();
printf("Karma: This time jokes on YOU!");
};


[asmman]

I'm pretty sure your post was not removed intentionally. Sometimes things disappear for no known reason. I hate it when that happens. Usually I'm too ticked off to repost immediately. If and when you get to it, post again.

The only worthwhile part to my post is the link to Stephen Pelc's work. I get confused about the "hash table" and his "cheating" alternative to it. As Rob points out, the "official" source code is available, and may be the best guidance. Helps if you understand C better than I do.

As I understand it, the "stringtable" itself is simple enough - a zero, followed by some zero-terminated strings, ending in another zero. But to access it, we get the index to the string we want from the "hashtable". This is where I get lost. If what you're doing is not "access a dynamic library", I may be wrong even before this!

I hope no more of your posts go missing, and I hope we're actually able to give you some help. This is not a "beginner question" so there's no guarantee!

Best,
Frank

That's ok so. I was  through I did something wrong. What I had said was basically I got some progress and you could e-mail me if you're really interested in these stuff and I could send to you source code if you want to. Your link was such a big help but using hex editor was the only way to really get some advancing.

[asmman]

I don't know what happend but now I see my answer to this disappeared. Funny, I was having sure the post sent successfully. Was this removed by any reason?

I'm pretty sure your post was not removed intentionally. Sometimes things disappear for no known reason. I hate it when that happens. Usually I'm too ticked off to repost immediately. If and when you get to it, post again.

In my case there was no such a similar contents. No even a line of code but only a request to Frak email me. Maybe it's the reason?

He he, sounds like some mystery is going on. My "weird posts" have never disappeared, so, i don't know what's wrong with you there.
* Insert GPS code, tracking device code, into your posts, so you know, where are they, when disappear.
* Insert flag counter, so you know, in which country they are located on disappearance.

Make sure you copy all contents before you post, so you don't have to rewrite all the things you wanted to say.
* onPostButtonPress: { CTRL + A, -A, +C // (Select all, copy, and that's it). };

Maybe they disappear, because, you typed some invalid symbols that "poster-scanner module" can't process.
* Once it happened for me, poster halted in some loop, because there was some unfriendly symbols.

Maybe there is malicious code, that happens very rare, like:

Code: [Select]

unsigned long number = random(0,9999);
if( number > 9900 )
{
removePost();
printf("Karma: This time jokes on YOU!");
};


[HD1920.1]

Actually, it's better to use a linker.