armelfarmv6pyelftools

pyelftool get symbol absolute address


My Goal: use pyelftool to retrieve variables absolute placement and functions absolute address from an elf file to automatize breakpoint placement for whitebox testing.

my code:

import elftools
from elftools.elf.elffile import ELFFile
filename="./DemoBm.elf"
with open(filename, 'rb') as f:
    elffile = ELFFile(f)
    if not elffile.has_dwarf_info():
        print('  file has no DWARF info')
        exit()
    dwarfinfo = elffile.get_dwarf_info()
    pubnames = dwarfinfo.get_pubnames()
    pubtypes = dwarfinfo.get_pubtypes()
    for elem in pubnames:
        print(elem, pubnames[elem])

My issue: the code aboves returns cu_ofs and die_ofs, like

memSegment NameLUTEntry(cu_ofs=47377, die_ofs=47586)
Eep_GetData NameLUTEntry(cu_ofs=78737, die_ofs=78936)

the cu_ofs and the die_ofs are not the real address on the target (e.g. I can inspect using Ozone, jumping from the source code to the disassembly view) - the address of the first assembly instruction of the function on the target is 0x2524.

How can I retrieve the address of a function and a variable from the elf file using pyelftool?


Solution

  • Found the answer I was seeking,at least for my purposes:

    def bkpt_addr_get(self, funcname):
        info = self.dwarfinfo.get_DIE_from_lut_entry(self.pubnames[funcname])
        funct_addr=info.attributes["DW_AT_low_pc"].value
        if self.verbose:
            print(hex(funct_addr))
        return hex(funct_addr)