elf-experiment

greetings.c

int greetings_count = 3;

const char* greetings[] = {
    "hello",
    "good morning",
    "good night"
};

main.c

#include <stdio.h>

extern int greetings_count;
extern const char* greetings[];

int main(void) {
    printf("greetings list:\n");
    for(int i=0; i < greetings_count; i++) {
        printf("%s\n", greetings[i]);
    }
}

Makefile

main: main.c greetings.c
	gcc -c greetings.c
	gcc -c main.c
	gcc -o main greetings.o main.o

readelf.py

import lief
import struct

PTR='Q'

def unpack_sym(fmt, binary, sym):
    assert struct.calcsize(fmt) == sym.size
    return unpack_addr(fmt, binary, sym.value)

def unpack_addr(fmt, binary, addr):
    size = struct.calcsize(fmt)
    content = main.get_content_from_virtual_address(addr, size)
    content = map(chr, content)
    content = ''.join(content)
    return struct.unpack(fmt, content)[0]

def unpack_cstr(binary, addr):
    # very inefficient, but who cares
    s = ''
    while True:
        ch = unpack_addr('c', binary, addr)
        if ch == '\x00':
            break
        s += ch
        addr += 1
    return s

main = lief.parse('main')
greetings_count = main.get_symbol('greetings_count')
N = unpack_sym('i', main, greetings_count)
greetings = main.get_symbol('greetings')

print 'greetings_count is at 0x%X' % greetings_count.value
print 'greetings is at 0x%X' % greetings.value

import pdb;pdb.set_trace()

addr = greetings.value
for i in range(N):    
    p = unpack_addr(PTR, main, addr)
    addr += struct.calcsize(PTR)
    print unpack_cstr(main, p)