How to create an “empty” space in an executable at a definite address (gcc,linux)?
-
19-09-2019 - |
Question
What I essentially want to do is have another program write data into this "empty space" for the executable to "work" on
I thought of appending a signature to the application and then writing the data, searching for it later, but that doesn't quite sound right...
Now, other important thing ... I know it should be possible to create a code cave by using code like :
void function(void) {
__asm {
nop
nop
nop
nop
};
}
then, even this is practically the same (apart from the fact that it will be in the .data section, so not executable):
const char data[3];
The problem then is that the other application will not have a definite address to write to.
Solution
At least for PEs and ELFs, you can append data to the end of the executable without affecting the program at all.
A standard approach is to append your data to the executable, and then append a number indicating how many bytes have been appended. The executable then opens itself for reading, looks at the last N bytes indicating the data length, and then seek
s backwards by that value, to the beginning of the appended data.
This article goes into pretty good detail on how to use the above method to make a self-extracting executable. That's a little different from what you want, but the principle of reading data contained in the executable remains the same.
OTHER TIPS
Use an ld linker script to make a new section, and to reserve actual space in the file image. You also need to associate a symbol with the new data section. Perhaps it would be even easier to create a short assembly file instead, like this:
.section .myresource
.align 4
.globl myres
myres:
.fill 1048576
Then in your C code you would use the symbol to get the data, like this:
extern const int* myres;
Check out the binutils documentation here: http://sourceware.org/binutils/docs-2.19/
you can do what you asked by using linker scripts.
basically, function_name = address in the script.