Hacker News new | past | comments | ask | show | jobs | submit login
Anatomy of an ELF executable (kishuagarwal.github.io)
241 points by kishu18 on April 30, 2019 | hide | past | favorite | 23 comments



Strongly recommend reading "How To Write Shared Libraries" by Ulrich Drepper https://software.intel.com/sites/default/files/m/a/1/e/dsoho...

I recently dove into ELF files so I could convert ELF binaries to DOS EXE, for a little bit of retro programming with modern compilers. Not that I couldn't have used DJGPP.


> I recently dove into ELF files so I could convert ELF binaries to DOS EXE, for a little bit of retro programming with modern compilers. Not that I couldn't have used DJGPP.

That sounds pretty cool, did you make anything you could share?


Going to post it to GitHub when I have a moment. I literally wrote the code a couple weeks ago.

Edit: https://github.com/depp/elf2dos


Thanks for the suggestion @dietrichepp. Will definitely read.


Interesting article. When I was studying the elf format myself in the past I've also found very useful this poster. https://github.com/corkami/pics/blob/master/binary/elf101/el... The author has made many more for similar binary formats.


COM files are great... no headers, you just sort of start. Data, code... whatever.


> You can ignore the directives starting with cfi. They are used for call stack unwinding in case of exceptions.

It might be worth compiling with -fno-asynchronous-unwind-tables, which will get rid of those.


Thanks for the suggestion. Do you have any good reference for reading about this feature?


GCC's option page lists what it does: https://gcc.gnu.org/onlinedocs/gcc/Code-Gen-Options.html. However, it's not all that obvious that this is the flag that controls whether the "cfi" labels are emitted. Here's a more general Stack Overflow question about creating nice assembly output: https://stackoverflow.com/questions/38552116/how-to-remove-n...


Nice. Thanks for sharing the stackoverflow link. Will check that.


Are you the author? Great job for the detailed writeup. Small nit, I noticed you misspelled the interpreter section, it should be .interp instead of .intrep


Thanks @ddcc7. Yes, I am the author. Fixed the spelling mistake.


ELF may find new life as a format for data structures in persistent RAM, given a few extensions.


Mods fix title: "Life of a binary"


I don't see any option to edit the title now. Anyways, I don't see it would change any meaning of the article.


I would suggest "Anatomy of a Linux ELF executable" for the title. A binary file could be anything.


I agree. You know of any way to edit now? Edit option is disabled now.


OK, we've done that now!


thanks @sctb


Looks like a mod has taken care of it.


Should be "Life of a Linux executable (2017)"


Title should have (2017).


A lot has changed in the world of ELF executables, this information is just soo misleading.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: