search

serge1 / ELFIO

ELFIO - ELF (Executable and Linkable Format) reader and producer implemented as a header only C++ library
http://serge1.github.io/ELFIO
MIT License
729 stars 158 forks source link

Rewriting the symbol table #45

Closed BullyWiiPlaza closed 4 years ago

BullyWiiPlaza commented 4 years ago

I want to use this library to rewrite the symbol table of an existing ELF file. In particular I would like to replace every function name with another one. The examples and documentation were very helpful to show me how to parse everything but it doesn't seem to explain how to "flush" changes back. The symbol_section_accessor does not have methods for writing, only get_symbol. Do I need to create a new .symtab and add all symbols I want into it? That seems pretty cumbersome and I'm not sure if the ELF will then still work seamlessly. In fact, getting the file offsets of the function names respectively would be enough as well but that also doesn't seem to be easily doable with ELFIO.

serge1 commented 4 years ago

Hi,

I am not sure that what I am proposing is the best way to solve your problem, but here it goes anyway.

You may wish to look at the 'anonymizer' example of the ELFIO library. https://github.com/serge1/ELFIO/blob/master/examples/anonymizer/anonymizer.cpp

The most recent version of the example renames a single function name in an executable ELF file. You may extend this example according to your requirements.

Best regards, Serge

From: BullyWiiPlaza notifications@github.com Sent: Sunday, August 9, 2020 6:12 PM To: serge1/ELFIO ELFIO@noreply.github.com Cc: Subscribed subscribed@noreply.github.com Subject: [serge1/ELFIO] Rewriting the symbol table (#45)

I want to use this library to rewrite the symbol table of an existing ELF file. In particular I would like to replace every function name with another one. The examples and documentation were very helpful to show me how to parse everything but it doesn't seem to explain how to "flush" changes back. The symbol_section_accessor does not have methods for writing, only get_symbol. Do I need to create a new .symtab and add all symbols I want into it? That seems pretty cumbersome and I'm not sure if the ELF will then still work seamlessly. In fact, getting the file offsets of the function names respectively would be enough as well but that also doesn't seem to be easily doable with ELFIO.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/serge1/ELFIO/issues/45, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AAQKJOF7EZITEUNAR5KQ33LR724HLANCNFSM4PZHNNXQ.

BullyWiiPlaza commented 4 years ago

Yeah, that looks good. Thank you 👍