I compiled a C code using gcc and when I check the sections of the ELF using readelf I can see that the flags for .data section are set to WA (Writable and Allocatable).
Is it possible to modify these flags? Can I make this section executable?
I am using gdb to debug this binary and I would like to set the flags for .data section as Executable at a certain point. So, can this be done using either gdb or gcc?
Is it possible to modify these flags? Can I make this section executable?
Yes. If you want to do this as a one-off, the simplest approach may be to compile source to assembly, and modify section attributes there, then compile assembly into object file and link as usual.
I am using gdb to debug this binary and I would like to set the flags for .data section as Executable at a certain point.
You also could call mprotect(addr, len, PROT_READ|PROT_WRITE|PROT_EXEC) from within GDB.
Note: modifying the flags in the .data section after the binary has been linked will have no effect whatsoever: the kernel doesn't look at sections, only at PT_LOAD segments.
how to mark the data section as executable in the assembly code? I think, something like this: .section .data,"awx",#progbits.
Yes, that looks correct. Did it not work?
mprotect() not found
Is your executable statically linked? If not, mprotect should be found (in libc.so), and you possibly have a GDB bug. It may help to nudge GDB into finding mprotect if you print &mprotect first.
Also note: mprotect(0x0804a020, 80, PROT_READ, PROT_WRITE, PROT_EXEC) is very different from what I suggested (mprotect takes 3 parameters, not 5). You also need to read man mprotect carefully -- it requires start address to be page-aligned.
Related
I recently started learning assembly and was wondering if it is possible for us to have our own defined entry point for an assembly code when compiling with gcc?
For example the standard code that compiles with gcc is
global main
section .data
section .bss
section .text
main:
I would like to change the entry point to a more defined name such as "addition", something like this below.
global addition
section .data
section .bss
section .text
addition:
A reason for why im using gcc to compile in the first place as well is that im using c libraries in my assembly code for "printf" and "scanf", and everytime I tried to change the entry point, I would get an undefined reference to main error.
If you are writing in assembly and not using the C runtime library, then you can call your entry point whatever you want. You tell the linker what the name of the entry point is, using either the gcc command line option -Wl,--entry=<symbol> or the ENTRY directive in the linker script. The linker writes the address of this entry point in the executable file.
If you are using the C runtime library, then the entry point in the executable file needs to be the entry point of the C runtime library, so that it can perform initialization. This entry point is typically called crt0. When crt0 finishes initializing, it calls main, so in this case, you cannot change the name.
You can put multiple labels on the same address. So you can stick the main label at whatever place you want the CRT startup code to call.
global main
main:
addition:
lea eax, [rdi+rdi] ; return argc*2
ret
I checked, and GDB chooses to show main in the disassembly for the block of code following the label, regardless of which one you declare first. (`global addition doesn't help either.)
Of if you want to be able to change one line at the top of your file to select which function is the main entry point, you could maybe do
%define addition main
I'm not sure if NASM lets you create an alias or weak-alias for a symbol, like with GAS
.weakref main, addition. (Call a function in another object file without using PLT within a shared library?)
In my code, I have a special section and some data in it:
#pragma section("dead",read,discard)
__declspec(allocate("dead"))
static const char dead_str[] = "DEAD";
doSomething(dead_str);
That section may or may not be loaded with the program, but is still part of the binary image. What I want to do is completely remove it from the image so it's guaranteed to not be loaded, and so that it cannot be found in the binary. Basically, I want:
strings myprogram.exe | grep DEAD
to have no hits. I'm fine with the program crashing when I try to reference the string.
In GNU, I'd do:
objcopy --remove-section=dead myprogram.exe
and Cygwin's objcopy actually does that, but corrupts the executable so it can no longer load. editbin.exe from MSVC can just change the flags for the section, but it stays in the image. And linker optimizations will not remove dead_str because it is referenced in doSomething().
Is there some way (ideally as a linker flag) I can remove an entire section from PE/COFF files?
I was searching for a linker setting too, but it seems this is not possible at all with MSVC.
What you can do is either writing your own tool to strip sections from PE files, or use CFF Explorer for example.
I am writing a program which encrypt/decrypts itself in memory and then writes the .text memory region to a copy of the executable so I can change the encryption key each time.
This is mainly for a challenge as I am not great with C, and I'm incorporating parts in assembly as well.
My system is x86_64 Linux but I'm compiling with -m32
I am also using -nostartfiles (with gcc) so that I can write my own _start function. This function is written in assembly and this decrypts/encrypts the rest of the .text section. My problem is that the external functions are being compiled in the wrong order, such that when I try to dump the memory after it has been encrypted it calls an encrypted function which therefore doesn't work.
This is the current order of the functions:
some from -static
my functions which are in the correct order (assembly functions and then the ones from the main C file)
some more from -static
This doesn't work becuase the assembly encrypts from the main C file 'downwards', also encrypting some -static functions which are needed from the assembly functions.
This is the order I would like the functions to be in:
all -static functions & anything from an #include <>
functions from the .S assembly file (the whole .S in order)
functions from the .c main file (the whole .c in order)
any non-standard includes for the .c main file (ie not stdio.h etc, things from #include "")
Is there any way, short of manually mangling the ELF file, for me to reorder these functions so that the functions I need are not encrypted while the ones I want encrypted can be easily?
edit upon compiling with the musl (alternative libc) I can get all of my functions at the start, and the rest of the static functions following. However, This is the wrong way around still.
The "wrong" order of functions inside the binary comes from optimization efforts of the compiler. Functions that are used often (or often together) are near each other, so that no pagefault is generated by calling them.
You can turn off part of these optimizations with the flag -fno-toplevel-reorder. You can also use the attribute section to order only a subset of functions together (eg to encrypt them) or you can write your own linker scripts.
See also this question.
Is there any way to tell the compiler (gcc/mingw32) when building an object file (lib*.o) to only expose certain functions from the .c file?
The reason I want to do this is that I am statically linking to a 100,000+ line library (SQLite), but am only using a select few of the functions it offers. I am hoping that if I can tell the compiler to only expose those functions, it will optimize out all the code of the functions that are never needed for those few I selected, thus dratically decreasing the size of the library.
I found several possible solutions:
This is what I asked about. It is the gcc equivalent of Windows' dllexpoort:
http://gcc.gnu.org/onlinedocs/gcc-4.6.1/gcc/Code-Gen-Options.html (-fvisibility)
http://gcc.gnu.org/wiki/Visibility
I also discovered link-time code-generation. This allows the linker to see what parts of the code are actually used and get rid of the rest. Using this together with strip and -fwhole-program has given me drastically better results.
http://gcc.gnu.org/onlinedocs/gcc-4.6.1/gcc/Optimize-Options.html (see -flto and -fwhole-program)
Note: This flag only makes sense if you are not compiling the whole program in one call to gcc, which is what I was doing (making a sqlite.o file and then statically linking it in).
The third option which I found but have not yet looked into is mentioned here:
How to remove unused C/C++ symbols with GCC and ld?
That's probably the linkers job, not the compilers. When linking that as a program (.exe), the linker will take care of only importing the relevant symbols, and when linking a DLL, the __dllexport mechanism is probably what you are looking for, or some flags of ld can help you (man ld).
In assembly language, it's easy to define a section like:
.section foo
How can this be done in C code? I want to put a piece of C code in a special section rather than .text, so I will be able to put that section in a special location in the linker script.
I'm using GCC.
The C standard doesn't say anything about "sections" in the sense that you mean, so you'll need to use extensions specific to your compiler.
With GCC, you will want to use the section attribute:
extern void foobar(void) __attribute__((section("bar")));
There is some limited documentation here, including a warning:
Some file formats do not support
arbitrary sections so the section
attribute is not available on all
platforms. If you need to map the
entire contents of a module to a
particular section, consider using the
facilities of the linker instead.