24.27 在main()之前执行的函数

A: alert7 2001-09-10

$ vi test_0.c

#include <stdio.h> #include <stdlib.h>

attribute ((constructor)) static void foo ( void ) { printf( "Before main()\n" ); return; }

attribute ((destructor)) static void bar ( void ) { printf( "After main()\n" ); return; }

int main ( int argc, char * argv[] ) { printf ( "foo() = %p\n" "bar() = %p\n", &foo, &bar ); return( EXIT_SUCCESS ); } /* end of main */

$ gcc --version gcc (Debian 4.9.2-10) 4.9.2

$ gcc -Wall -pipe -O3 -s -o test_0 test_0.c $ ./test_0 Before main() foo() = 0x8048350 bar() = 0x8048330 After main()

$ readelf -WS test_0 | grep -E ".(init|fini)" [11] .init PROGBITS 080482b4 0002b4 000023 00 AX 0 0 4 [14] .fini PROGBITS 08048514 000514 000014 00 AX 0 0 4 [18] .init_array INIT_ARRAY 08049698 000698 000008 00 WA 0 0 4 [19] .fini_array FINI_ARRAY 080496a0 0006a0 000008 00 WA 0 0 4

foo、bar的函数体在.init中，函数指针在.init_array中。

foo()和bar()的函数原型不是必须如上例所示，可以有形参，关于这点，参看:

《Unix系列(4)--Unix反调试技术》(Unix_1.txt) before _start()

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

201507251602.txt.md

201507251602.txt.md

int main ( int argc, char * argv[] ) { printf ( "foo() = %p\n" "bar() = %p\n", &foo, &bar ); return( EXIT_SUCCESS ); } /* end of main */

Files

201507251602.txt.md

Latest commit

History

201507251602.txt.md

File metadata and controls

int main ( int argc, char * argv[] ) { printf ( "foo() = %p\n" "bar() = %p\n", &foo, &bar ); return( EXIT_SUCCESS ); } /* end of main */