Menu
How to open the file and copy the info into another file. I just need to copy the magic number and version. void read_header(FILE *file, File *file2);
891
To find them the ELF header is used, which is located at the very start of the file. The first bytes contain the elf magic "\x7fELF" , followed by the class ID (32 or 64 bit ELF file), the data format ID (little endian/big endian), the machine type, etc. Finally, the entry point of this file is at address 0x0.
gcc produces executable files in the ELF file format. you can use readelf and objdump to read parts of an elf file. You can also use 'hexdump filename' to get a hexdump of the contents of a binary file (this is likely only useful if you like reading machine code or you are writing an assembler).
The ELF header is always located at the beginning of the ELF file. It describes the ELF file organization and contains the actual sizes of the object file control structures. The initial bytes of an ELF header specify how the file is to be interpreted. The ELF header contains the following information: ehsize.
Depending on the platform, a header file already defining this structure might be available. For instance you can try to include elf.h if you're running linux:
#include <elf.h>
#include <stdio.h>
#include <string.h>
#if defined(__LP64__)
#define ElfW(type) Elf64_ ## type
#else
#define ElfW(type) Elf32_ ## type
#endif
void read_elf_header(const char* elfFile) {
// Either Elf64_Ehdr or Elf32_Ehdr depending on architecture.
ElfW(Ehdr) header;
FILE* file = fopen(elfFile, "rb");
if(file) {
// read the header
fread(&header, sizeof(header), 1, file);
// check so its really an elf file
if (memcmp(header.e_ident, ELFMAG, SELFMAG) == 0) {
// this is a valid elf file
}
// finally close the file
fclose(file);
}
}
If you system does not already include the elf.h you can check how the elf header is structured here.
Then you can create a struct to hold your data and simply read it like this:
typedef struct {
uint8 e_ident[16]; /* Magic number and other info */
uint16 e_type; /* Object file type */
uint16 e_machine; /* Architecture */
uint32 e_version; /* Object file version */
uint64 e_entry; /* Entry point virtual address */
uint64 e_phoff; /* Program header table file offset */
uint64 e_shoff; /* Section header table file offset */
uint32 e_flags; /* Processor-specific flags */
uint16 e_ehsize; /* ELF header size in bytes */
uint16 e_phentsize; /* Program header table entry size */
uint16 e_phnum; /* Program header table entry count */
uint16 e_shentsize; /* Section header table entry size */
uint16 e_shnum; /* Section header table entry count */
uint16 e_shstrndx; /* Section header string table index */
} Elf64Hdr;
void read_elf_header(const char* elfFile, const char* outputFile) {
struct Elf64Hdr header;
FILE* file = fopen(elfFile, "rb");
if(file) {
// read the header
fread(&header, 1, sizeof(header), file);
// check so its really an elf file
if(header.e_type == 0x7f &&
header.e_ident[1] == 'E' &&
header.e_ident[2] == 'L' &&
header.e_ident[3] == 'F') {
// write the header to the output file
FILE* fout = fopen(outputFile, "wb");
if(fout) {
fwrite(&header, 1, sizeof(header), fout);
fclose(fout);
}
}
// finally close the file
fclose(file);
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
