linux – 如何获取有关不执行的二进制文件的信息?
发布时间:2020-12-13 16:45:51 所属栏目:Linux 来源:网络整理
导读:当我运行一个名为“myfile”的用户应用程序时. $./myfile 我收到以下输出 bash: ./myfile: cannot execute binary file 我的用户希望运行二进制文件.我认为这是一个编译错误,但无法确认.我运行了文件命令 $file myfilemyfile: ELF 64-bit LSB relocatable,x8
|
当我运行一个名为“myfile”的用户应用程序时.
$./myfile 我收到以下输出 bash: ./myfile: cannot execute binary file 我的用户希望运行二进制文件.我认为这是一个编译错误,但无法确认.我运行了文件命令 $file myfile myfile: ELF 64-bit LSB relocatable,x86-64,version 1 (SYSV),not stripped 我的RHEL6操作系统是64位的 $uname -p -o x86_64 GNU/Linux 因此,我认为它符合正确的架构.我不明白文件命令的输出中“可重定位”是什么意思,并且无法从手册页中获得解释. 为了更好的衡量,我检查了共享库依赖项 $ldd myfile not a dynamic executable 有没有什么方法可以让我的文件运行或给我的用户一些有关它不会运行的建设性信息(例如他需要使用x重新编译)? strace的 $strace ./myfile
execve("./myfile",["./myfile"],[/* 22 vars */]) = -1 ENOEXEC (Exec format error)
dup(2) = 3
fcntl(3,F_GETFL) = 0x8002 (flags O_RDWR|O_LARGEFILE)
fstat(3,{st_mode=S_IFCHR|0620,st_rdev=makedev(136,0),...}) = 0
mmap(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0) = 0x7f7a9fc93000
lseek(3,SEEK_CUR) = -1 ESPIPE (Illegal seek)
write(3,"strace: exec: Exec format errorn",32strace: exec: Exec format error
) = 32
close(3) = 0
munmap(0x7f7a9fc93000,4096) = 0
exit_group(1) = ?
readelf输出 readelf -S ./myfile There are 13 section headers,starting at offset 0x1e8:
Section Headers:
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
[ 1] .text PROGBITS 0000000000000000 00000040
0000000000000098 0000000000000000 AX 0 0 4
[ 2] .rela.text RELA 0000000000000000 000006e0
0000000000000120 0000000000000018 11 1 8
[ 3] .data PROGBITS 0000000000000000 000000d8
0000000000000010 0000000000000000 WA 0 0 4
[ 4] .bss NOBITS 0000000000000000 000000e8
0000000000000000 0000000000000000 WA 0 0 4
[ 5] .rodata PROGBITS 0000000000000000 000000e8
0000000000000033 0000000000000000 A 0 0 1
[ 6] .comment PROGBITS 0000000000000000 0000011b
000000000000002d 0000000000000001 MS 0 0 1
[ 7] .note.GNU-stack PROGBITS 0000000000000000 00000148
0000000000000000 0000000000000000 0 0 1
[ 8] .eh_frame PROGBITS 0000000000000000 00000148
0000000000000038 0000000000000000 A 0 0 8
[ 9] .rela.eh_frame RELA 0000000000000000 00000800
0000000000000018 0000000000000018 11 8 8
[10] .shstrtab STRTAB 0000000000000000 00000180
0000000000000061 0000000000000000 0 0 1
[11] .symtab SYMTAB 0000000000000000 00000528
0000000000000180 0000000000000018 12 9 8
[12] .strtab STRTAB 0000000000000000 000006a8
0000000000000037 0000000000000000 0 0 1
Key to Flags:
W (write),A (alloc),X (execute),M (merge),S (strings)
I (info),L (link order),G (group),x (unknown)
O (extra OS processing required) o (OS specific),p (processor specific)
解决方法
听起来像可重定位与非可执行文件的目标文件有关.
可执行文件应该如下所示 ELF 64-bit LSB executable,dynamically linked,interpreter /lib64/ld-linux-x86-64.so.2,for GNU/Linux 2.6.32,BuildID[sha1]=a8ff57737fe60fba639d91d603253f4cdc6eb9f7,stripped 对象文件看起来像这样 # file /usr/lib/x86_64-linux-gnu/crtn.o /usr/lib/x86_64-linux-gnu/crtn.o: ELF 64-bit LSB relocatable,not stripped 如果需要,您也可以通过这种方式获得更多信息 # objdump -x myfile 或者拆卸 # objdump -d myfile 列出目标文件中的符号(未剥离)
# nm /usr/lib/x86_64-linux-gnu/gcrt1.o
U atexit
0000000000000000 b called.4237
0000000000000000 D __data_start
0000000000000000 W data_start
U etext
0000000000000030 T __gmon_start__
0000000000000000 R _IO_stdin_used
U __libc_csu_fini
U __libc_csu_init
U __libc_start_main
U main
U _mcleanup
U __monstartup
0000000000000000 T _start
试图列出可执行文件中的符号(剥离) # nm /bin/bash nm: /bin/bash: no symbols (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |