Hacker News new | ask | show | jobs
Anatomy of an ELF executable (kishuagarwal.github.io)
241 points by kishu18 2613 days ago
7 comments
dietrichepp 2613 days ago
Strongly recommend reading "How To Write Shared Libraries" by Ulrich Drepper https://software.intel.com/sites/default/files/m/a/1/e/dsoho...

I recently dove into ELF files so I could convert ELF binaries to DOS EXE, for a little bit of retro programming with modern compilers. Not that I couldn't have used DJGPP.

link
unqueued 2613 days ago
> I recently dove into ELF files so I could convert ELF binaries to DOS EXE, for a little bit of retro programming with modern compilers. Not that I couldn't have used DJGPP.

That sounds pretty cool, did you make anything you could share?

link
dietrichepp 2612 days ago
Going to post it to GitHub when I have a moment. I literally wrote the code a couple weeks ago.

Edit: https://github.com/depp/elf2dos

link
kishu18 2613 days ago
Thanks for the suggestion @dietrichepp. Will definitely read.
link
zonovar 2613 days ago
Interesting article. When I was studying the elf format myself in the past I've also found very useful this poster. https://github.com/corkami/pics/blob/master/binary/elf101/el... The author has made many more for similar binary formats.
link
russellbeattie 2612 days ago
COM files are great... no headers, you just sort of start. Data, code... whatever.
link
saagarjha 2613 days ago
> You can ignore the directives starting with cfi. They are used for call stack unwinding in case of exceptions.

It might be worth compiling with -fno-asynchronous-unwind-tables, which will get rid of those.

link
kishu18 2613 days ago
Thanks for the suggestion. Do you have any good reference for reading about this feature?
link
saagarjha 2613 days ago
GCC's option page lists what it does: https://gcc.gnu.org/onlinedocs/gcc/Code-Gen-Options.html. However, it's not all that obvious that this is the flag that controls whether the "cfi" labels are emitted. Here's a more general Stack Overflow question about creating nice assembly output: https://stackoverflow.com/questions/38552116/how-to-remove-n...
link
kishu18 2613 days ago
Nice. Thanks for sharing the stackoverflow link. Will check that.
link
ddcc7 2613 days ago
Are you the author? Great job for the detailed writeup. Small nit, I noticed you misspelled the interpreter section, it should be .interp instead of .intrep
link
kishu18 2612 days ago
Thanks @ddcc7. Yes, I am the author. Fixed the spelling mistake.
link
ncmncm 2613 days ago
ELF may find new life as a format for data structures in persistent RAM, given a few extensions.
link
tantalor 2613 days ago
Mods fix title: "Life of a binary"
link
kishu18 2613 days ago
I don't see any option to edit the title now. Anyways, I don't see it would change any meaning of the article.
link
js2 2613 days ago
I would suggest "Anatomy of a Linux ELF executable" for the title. A binary file could be anything.
link
kishu18 2613 days ago
I agree. You know of any way to edit now? Edit option is disabled now.
link
sctb 2613 days ago
OK, we've done that now!
link
kishu18 2613 days ago
thanks @sctb
link
js2 2613 days ago
Looks like a mod has taken care of it.
link
paulddraper 2613 days ago
Should be "Life of a Linux executable (2017)"
link
hk__2 2613 days ago
Title should have (2017).
link
sk0g 2612 days ago
A lot has changed in the world of ELF executables, this information is just soo misleading.
link