const char * vs char[]
const char * se guarda en .rodata y char[] en data.
1. Demostración
char desctypes[][27] = {"EfiReservedMemoryType",
"EfiLoaderCode",
"EfiLoaderData",
"EfiBootServicesCode",
"EfiBootServicesData",
"EfiRuntimeServicesCode",
"EfiRuntimeServicesData",
"EfiConventionalMemory",
"EfiUnusableMemory",
"EfiACPIReclaimMemory",
"EfiACPIMemoryNVS",
"EfiMemoryMappedIO",
"EfiMemoryMappedIOPortSpace",
"EfiPalCode"};
const char *desctypes2[] = {"EfiReservedMemoryType",
"EfiLoaderCode",
"EfiLoaderData",
"EfiBootServicesCode",
"EfiBootServicesData",
"EfiRuntimeServicesCode",
"EfiRuntimeServicesData",
"EfiConventionalMemory",
"EfiUnusableMemory",
"EfiACPIReclaimMemory",
"EfiACPIMemoryNVS",
"EfiMemoryMappedIO",
"EfiMemoryMappedIOPortSpace",
"EfiPalCode"};
- Compilamos
- Abrimos el binario con radare2
r2 a.out Buscamos referencias a un string
[0x000010a0]> / EfiReservedMemoryType Searching 21 bytes in [0x4270-0x43b0] hits: 0 Searching 21 bytes in [0x3d98-0x4270] hits: 1 Searching 21 bytes in [0x2000-0x22d4] hits: 1 Searching 21 bytes in [0x1000-0x13e1] hits: 0 Searching 21 bytes in [0x0-0xae8] hits: 0 0x00004080 hit0_0 .EfiReservedMemoryTypeEfiLoaderC. 0x000020a6 hit0_1 .sion: %i.%i.%iEfiReservedMemoryTypeEfiLoaderCodeE.
Vemos las secciones del ELF
readelf --sections a.outThere are 30 section headers, starting at offset 0x3c48: Encabezados de Sección: [Nr] Nombre Tipo Dirección Despl Tamaño TamEnt Opts Enl Info Alin [ 0] NULL 0000000000000000 00000000 0000000000000000 0000000000000000 0 0 0 [ 1] .interp PROGBITS 0000000000000318 00000318 000000000000001c 0000000000000000 A 0 0 1 [ 2] .note.gnu.pr[...] NOTE 0000000000000338 00000338 0000000000000040 0000000000000000 A 0 0 8 [ 3] .note.gnu.bu[...] NOTE 0000000000000378 00000378 0000000000000024 0000000000000000 A 0 0 4 [ 4] .note.ABI-tag NOTE 000000000000039c 0000039c 0000000000000020 0000000000000000 A 0 0 4 [ 5] .gnu.hash GNU_HASH 00000000000003c0 000003c0 0000000000000028 0000000000000000 A 6 0 8 [ 6] .dynsym DYNSYM 00000000000003e8 000003e8 0000000000000198 0000000000000018 A 7 1 8 [ 7] .dynstr STRTAB 0000000000000580 00000580 00000000000001a8 0000000000000000 A 0 0 1 [ 8] .gnu.version VERSYM 0000000000000728 00000728 0000000000000022 0000000000000002 A 6 0 2 [ 9] .gnu.version_r VERNEED 0000000000000750 00000750 0000000000000050 0000000000000000 A 7 2 8 [10] .rela.dyn RELA 00000000000007a0 000007a0 00000000000002a0 0000000000000018 A 6 0 8 [11] .rela.plt RELA 0000000000000a40 00000a40 00000000000000a8 0000000000000018 AI 6 23 8 [12] .init PROGBITS 0000000000001000 00001000 000000000000001b 0000000000000000 AX 0 0 4 [13] .plt PROGBITS 0000000000001020 00001020 0000000000000080 0000000000000010 AX 0 0 16 [14] .text PROGBITS 00000000000010a0 000010a0 0000000000000332 0000000000000000 AX 0 0 16 [15] .fini PROGBITS 00000000000013d4 000013d4 000000000000000d 0000000000000000 AX 0 0 4 [16] .rodata PROGBITS 0000000000002000 00002000 00000000000001b8 0000000000000000 A 0 0 8 [17] .eh_frame_hdr PROGBITS 00000000000021b8 000021b8 000000000000003c 0000000000000000 A 0 0 4 [18] .eh_frame PROGBITS 00000000000021f8 000021f8 00000000000000dc 0000000000000000 A 0 0 8 [19] .init_array INIT_ARRAY 0000000000003d98 00002d98 0000000000000018 0000000000000008 WA 0 0 8 [20] .fini_array FINI_ARRAY 0000000000003db0 00002db0 0000000000000008 0000000000000008 WA 0 0 8 [21] .dynamic DYNAMIC 0000000000003db8 00002db8 0000000000000210 0000000000000010 WA 7 0 8 [22] .got PROGBITS 0000000000003fc8 00002fc8 0000000000000038 0000000000000008 WA 0 0 8 [23] .got.plt PROGBITS 0000000000004000 00003000 0000000000000050 0000000000000008 WA 0 0 8 [24] .data PROGBITS 0000000000004060 00003060 0000000000000210 0000000000000000 WA 0 0 32 [25] .bss NOBITS 0000000000004280 00003270 0000000000000130 0000000000000000 WA 0 0 64 [26] .comment PROGBITS 0000000000000000 00003270 0000000000000012 0000000000000001 MS 0 0 1 [27] .symtab SYMTAB 0000000000000000 00003288 00000000000004f8 0000000000000018 28 22 8 [28] .strtab STRTAB 0000000000000000 00003780 00000000000003b2 0000000000000000 0 0 1 [29] .shstrtab STRTAB 0000000000000000 00003b32 0000000000000116 0000000000000000 0 0 1 Key to Flags: W (write), A (alloc), X (execute), M (merge), S (strings), I (info), L (link order), O (extra OS processing required), G (group), T (TLS), C (compressed), x (unknown), o (OS specific), E (exclude), D (mbind), l (large), p (processor specific)
Vemos que los inicios de las secciones son:
.data -> 0x0000000000004060 .rodata -> 0x0000000000002000
Y como hemos visto con radare, un string está en una sección y otro en la otra:
0x00004080 hit0_0 .EfiReservedMemoryTypeEfiLoaderC. 0x000020a6 hit0_1 .sion: %i.%i.%iEfiReservedMemoryTypeEfiLoaderCodeE.