int test() { static int i = 0x4567; // 靜態局部變量 return ++i; }
int main(int argc, char** argv) { int i = test() + x; // i: 局部變量 s = "Hello, World!";
char* p = (char*)malloc(10); // 動態分配地址
return 0; }
在分析 ELF 文件結構時我們就已經知道全局變量和靜態局部變量在編譯期就決定了其內存地址。
$ readelf -s hello
Symbol table '.symtab' contains 84 entries: Num: Value Size Type Bind Vis Ndx Name ... ... 50: 0804a024 4 OBJECT LOCAL DEFAULT 24 i.2347 57: 0804a030 4 OBJECT GLOBAL DEFAULT 25 s 65: 0804a020 4 OBJECT GLOBAL DEFAULT 24 x
$ readelf -S hello
There are 38 section headers, starting at offset 0x1a10:
Section Headers: [Nr] Name Type Addr Off Size ES Flg Lk Inf Al ... ... [16] .rodata PROGBITS 08048618 000618 000030 00 A 0 0 4 [24] .data PROGBITS 0804a018 001018 000010 00 WA 0 0 4 [25] .bss NOBITS 0804a028 001028 00000c 00 WA 0 0 4 Key to Flags: W (write), A (alloc), X (execute), M (merge), S (strings) I (info), L (link order), G (group), x (unknown) O (extra OS processing required) o (OS specific), p (processor specific)
