Reputation: 9073
GCC entrypoint address
I am compiling a very basic "hello world" program with gcc, with this command line:
gcc -m32 prog_cible.c -o prog_cible
I am very surprised of the entry point address:
readelf -h prog_cible
...
Entry point: 0x420
I have tunrned off alsr with this command:
echo 0 | sudo tee /proc/sys/kernel/randomize_va_space
I think this cannot be the real entry point. I suppose a base address is added to 0x420 ? In the past, 10 years ago, readelf gave me the good entry point. What has changed since ?
Thanks
Upvotes: 2
Views: 263
Answers (1)
Reputation: 213386
I think this cannot be the real entry point.
You are correct. Your gcc is likely configured to build PIE binaries by default. PIE binary is really a special form of a shared library.
If you look at the type of the binary (which readelf -h also printed), you'll see that it's a DYN, not EXEC.
You can disable PIE with gcc -m32 -no-pie ..., and then your entry point will look something like 0x8048420.
Upvotes: 1
Related Questions
- How do you get the start and end addresses of a custom ELF section?
- ELF program header virtual address and file offset
- Position independent executable and fixed entry point address
- Base Address of ELF
- What is the difference between Entry point address and __executable_start
- Change entry point with gnu linker
- How set set entry point in a elf target using ld script
- ELF - entry point address changed at runtime
- gcc linker description file force symbol to be at specific address
- assignment of addresses in shared library