开发者

ELF x86 executable entry point

开发者 https://www.devze.com 2023-03-21 05:23 出处：网络

void*entrypoint; /*virtual address of process*/ fscanf(debuggedfile, \"%p\", &entrypoint); where debuggedfile is the stream to an elf f开发者_如何学Goile at the offset where int entry point is.

相关专题：elf ptrace

void  *entrypoint;
/*virtual address of process*/
fscanf(debuggedfile, "%p", &entrypoint);

where debuggedfile is the stream to an elf f开发者_如何学Goile at the offset where int entry point is. when i use ptrace(PTRACE_PEEKTEXT, 0, entrypoint, 0) it returns -1

ELF is a binary file format. fscanf is for reading from text files. Try fread instead.

If you are writing code that parses ELF files, I would suggest using a standard library like libelf instead of coding your own ELF parser by hand.

That way you would let libelf handle the corner cases that arise occasionally, for example, ELF objects that use extended section numbering.

There are active open-source projects developing BSD licensed and GPL'ed implementations of libelf---take your pick.