242
edits
Changes
Jump to navigation
Jump to search
Line 80:
Line 80: − + − + − + − + Line 104:
Line 104: − + Line 128:
Line 128: − + − + − + − + − + − + Line 212:
Line 212: − + − + Line 230:
Line 230: − + Line 265:
Line 265: − + Line 288:
Line 288: − +
no edit summary
| 0xD0
| 0xD0
| 0x04
| 0x04
| Export Table 1 offset
| Named Export Table offset
|-
|-
| 0xD4
| 0xD4
| 0x04
| 0x04
| Export Table 1 num (size = num * 8)
| Named Export Table num (size = num * 8)
|-
|-
| 0xD8
| 0xD8
| 0x04
| 0x04
| Export Table 2 offset
| Indexed Export Table offset
|-
|-
| 0xDC
| 0xDC
| 0x04
| 0x04
| Export Table 2 num (size = num * 4)
| Indexed Export Table num (size = num * 4)
|-
|-
| 0xE0
| 0xE0
| 0xE8
| 0xE8
| 0x04
| 0x04
| Export Tree offset (fast lookups based on strlen)
| Export Tree offset (fast lookups based on a trie-like structure)
|-
|-
| 0xEC
| 0xEC
| 0x100
| 0x100
| 0x04
| 0x04
| Import Table 1 offset
| Named Import Table offset
|-
|-
| 0x104
| 0x104
| 0x04
| 0x04
| Import Table 1 num (size = num * 8)
| Named Import Table num (size = num * 8)
|-
|-
| 0x108
| 0x108
| 0x04
| 0x04
| Import Table 2 offset
| Indexed Import Table offset
|-
|-
| 0x10C
| 0x10C
| 0x04
| 0x04
| Import Table 2 num (size = num * 8)
| Indexed Import Table num (size = num * 8)
|-
|-
| 0x110
| 0x110
| 0x04
| 0x04
| Import Table 3 offset
| Anonymous Import Table offset
|-
|-
| 0x114
| 0x114
| 0x04
| 0x04
| Import Table 3 num (size = num * 8)
| Anonymous Import Table num (size = num * 8)
|-
|-
| 0x118
| 0x118
| 0x8
| 0x8
| 0x4
| 0x4
| Segment id (0, 1, 2..)
| Segment id (0 = .text, 1 = .rodata, 2 = .data, 3 = .bss)
|}
|}
Export Table entry (8 bytes)
Named Export Table entry (8 bytes)
{| class="wikitable" border="1"
{| class="wikitable" border="1"
! Offset
! Offset
|}
|}
Import Table entry (8 bytes)
Named Import Table entry (8 bytes)
{| class="wikitable" border="1"
{| class="wikitable" border="1"
! Offset
! Offset
| 0x6
| 0x6
| 0x1
| 0x1
| 1 is written to last entry if all symbols loaded successfully.
| 1 is written to first entry if all symbols loaded successfully.
|-
|-
| 0x7
| 0x7
The first hash-table entry hashes the 0x100-byte header following the hash-table. The following hash-table entries hash the sections specified in the header.
The first hash-table entry hashes the 0x100-byte header following the hash-table. The following hash-table entries hash the sections specified in the header.
When the RO module loads the entire CRO into process memory(mapped in the 0x00100000-0x04000000 region), it modifies the mapped CRO data. The magic field is also changed to "FIXD".
When the RO module loads the entire CRO into process memory(mapped in the 0x00100000-0x04000000 region), it modifies the mapped CRO data. The magic field is also changed to "FIXD" if fix level is not 0.
Upon loading, the RO module will look for symbol "__aeabi_atexit" or "nnroAeabiAtexit_".
Upon loading, the RO module will look for symbol "__aeabi_atexit" or "nnroAeabiAtexit_".
For dumping symbols and loading a CRO into IDA, see [https://github.com/plutooo/ctr/].
For dumping symbols and loading a CRO into IDA, see [https://github.com/plutooo/ctr/].