Can't find .dtors and .ctors in binary

StackOverflow https://stackoverflow.com/questions/16569495

Question

I am reading the book Hacking, the art of exploitation. In the book there is a section that explain the use of .dtors and .ctors.

I'm trying to reproduce one of the exercises of the book but in my executable I do not have this sections. At first I thought the problem was that I was compiling for 64-bit, but now I'm compiling for 32-bit and .dtors and .ctors are still not appearing in the section table. Here is the code:

#include <stdio.h>
#include <stdlib.h>

static void
miConstructor(void) __attribute__ ((constructor));
static void
miDestructor(void) __attribute__ ((destructor));

int
main(void) {
printf("En main() \n");
return 0;
}

void
miConstructor(void) {
printf("En el constructor\n");
}

void
miDestructor(void) {
    printf("En el destructor\n");
}

I am compiling with:

 gcc -m32 -o a.out dtors_example.c

This is the output of nm:

080495f0 d _DYNAMIC
080496e4 d _GLOBAL_OFFSET_TABLE_
080484dc R _IO_stdin_used
     w _ITM_deregisterTMCloneTable
     w _ITM_registerTMCloneTable
     w _Jv_RegisterClasses
080485d8 r __FRAME_END__
080495ec d __JCR_END__
080495ec d __JCR_LIST__
08049704 D __TMC_END__
08049704 A __bss_start
080496fc D __data_start
080483c0 t __do_global_dtors_aux
080495e4 t __do_global_dtors_aux_fini_array_entry
08049700 D __dso_handle
080495dc t __frame_dummy_init_array_entry
     w __gmon_start__
080484ba T __i686.get_pc_thunk.bx
080495e4 t __init_array_end
080495dc t __init_array_start
08048450 T __libc_csu_fini
08048460 T __libc_csu_init
     U __libc_start_main@@GLIBC_2.0
08049704 A _edata
08049708 A _end
080484c0 T _fini
080484d8 R _fp_hw
080482b8 T _init
08048320 T _start
08049704 b completed.5730
080496fc W data_start
08048350 t deregister_tm_clones
080483e0 t frame_dummy
0804840c T main
08048428 t miConstructor
0804843c t miDestructor
     U puts@@GLIBC_2.0
08048380 t register_tm_clones

The output of objdump neither show .dtors or .ctors

Maybe the sections __init_array_end, __init_array_start or __do_global_dtors_aux are related with the behavior of .ctors and .dtors?

Was it helpful?

Solution

The issue is likely gcc. under gcc 4.7 version can generate .ctors sections, but gcc 4.7 use .init_array instead of .ctors. you can confirm this by doing command which list below. objdump -dr -j .ctors a.out.if no sections found, try objdump -dr -j .init_array a.out or you can do this readelf -S a.out to list all sections. then you'll find .ctors or(and) .init_array.

OTHER TIPS

Use objdump command with -x option to see the full available header info, symbol table and relocation entries.

objdump -x ./yourcommand
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top