I am writting a standalone loader for Linux executables (as an alternative to
emx for running simple Linux programs under DOS). Anyway, while testing
things I wrote a program that runs other a.out executables without calling any
of exec*() and just thought someone might find it fun. Sorry if you feel
boring. :)
Note that this program also can run files with no executable bits set,
programs from filesystems mounted as noexec, block devices and POSIX.4 shared
memory segments when they are implemented. Also it can be changed to start
programs in non-standard environment, like with some signals handled.
The program itself should be compiled as ELF, so that the loader itself is in
memory on 2GB mark, where it doesn't conflict with an a.out executable. I
could also solve the problem with moving things around and asm code, but who
cares so much about a test program? :)
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/mman.h>
#include <a.out.h>
#include <fcntl.h>
#include <errno.h>
main(int argc, char **argv)
{
int fd;
struct exec ex;
if(argc < 2) {
fputs("Usage: loader program [args].\n", stderr);
return -1;
}
if((fd = open(argv[1], O_RDONLY)) == -1 ||
read(fd, &ex, sizeof(ex)) != sizeof(ex)) {
perror(argv[1]);
return -1;
}
if(N_MAGIC(ex) != QMAGIC && N_MAGIC(ex) != ZMAGIC) {
fprintf(stderr,"%s: Bad magic number.\n", argv[1]);
return -1;
}
if(mmap(N_TXTADDR(ex),ex.a_text,PROT_READ,MAP_SHARED|MAP_FIXED,fd,N_TXTOFF(ex)) == -1
|| mmap(N_DATADDR(ex),ex.a_data,PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED,fd,N_DATOFF(ex)) == -1 ||
mmap(N_BSSADDR(ex),ex.a_bss,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_ANON,fd,0) == -1) {
perror(argv[1]);
return -1;
}
close(fd);
argc--;
argv++;
asm(""::"g"(&argc),"g"(&argv));
((int *)&argc)[-1] = ex.a_entry;
}
--
Snow ^oo^ Cat <snowcat@gd.cs.CSUFresno.EDU>
_ -> <- aka Oleg Kibirev <oleg@gd.cs.CSUFresno.EDU>
___(_) _ _)_
/ _)
\_.-._
|___/ Purr!