Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

In a DWARF file, what's the difference between .debug_str and .strtab?

Tags:

elf

dwarf

I'm working with DWARF parser that looks for string data in the .debug_str section. In the ELF files I'm parsing, the string data is in the .strtab section. What's the difference between these two sections? Both contain strings, right?

like image 888
watkipet Avatar asked Jan 05 '17 21:01

watkipet

1 Answers

What's the difference between these two sections?

They have ~nothing to do with each other.

Both contain strings, right?

Well, yes. And every section contains bytes, so next you'll be asking "what's the difference between .text and .data?".

The .debug_str section contains debug strings, which are needed for debugging. The .strtab section contains symbol names which are needed for (static) linking.

Neither section (in fact no section) is needed at runtime.

why .strtab is present in final executable linked with -g (even though it won't be used for static linking anymore)?

  1. The .strtab is usually present in final executable built with or without -g and
  2. It's present to help with debugging. Consider:
int foo() { abort(); }
int bar() { return foo(); }
int main() { return bar(); }

gcc t.c
strip a.out -o a.stripped

gdb -q ./a.stripped
(gdb) run
Starting program: /tmp/a.stripped

Program received signal SIGABRT, Aborted.
0x00007ffff7a4bc37 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
56  ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0  0x00007ffff7a4bc37 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007ffff7a4f028 in __GI_abort () at abort.c:89
#2  0x0000000000400536 in ?? ()
#3  0x0000000000400544 in ?? ()
#4  0x0000000000400554 in ?? ()
#5  0x00007ffff7a36f45 in __libc_start_main (main=0x400546, argc=1, argv=0x7fffffffde58, init=, fini=, rtld_fini=, stack_end=0x7fffffffde48) at libc-start.c:287
#6  0x0000000000400469 in ?? ()

Not very useful, is it? Compare to unstripped binary:

gdb -q ./a.out
(gdb) r
Starting program: /tmp/a.out

Program received signal SIGABRT, Aborted.
0x00007ffff7a4bc37 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
56  ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0  0x00007ffff7a4bc37 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007ffff7a4f028 in __GI_abort () at abort.c:89
#2  0x0000000000400536 in foo ()
#3  0x0000000000400544 in bar ()
#4  0x0000000000400554 in main ()
like image 95
Employed Russian Avatar answered Oct 12 '22 14:10

Employed Russian
Sign in to Comment

Related questions

What's the difference between data and data1 sections and the difference between rodata and rodata1 sections in a ELF file?
Forcing a binary to use a specific (newer) version of a shared library (.so)
ELF Imports and Exports
Why are elf segments not page aligned?
Is there a linker script directive that allows me to move my stack start address?
Edit variable values in ELF file?
find address of PLT stub
How can I find CALL and RET number using ptrace?
How to map the section to the segment from an ELF output file?
How to create a statically linked position independent executable ELF in Linux?
Memory location of variables defined in a shared library
how to make small binaries using assembly?
When setting execution bit on PT_GNU_STACK program header, why do all segments of the process become executable
Shared library symbol conflicts and static linking (on Linux)
how to save modified ELF by pyelftools
Understanding section headers ELF
Analyzing an ELF binary to minimize its size
how __libc_start_main@plt works?
ELF dynamic symbol table
ELF loading when VMA != LMA

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!