可以用readelf命令来查看elf文件内容，跟objdump相比，这个命令更详细。

1、 readelf -h SimpleSection.o

ELF Header:  Magic:   7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00       45为E 4C为L  46为F  Class:                             ELF64  Data:                              2's complement, little endian  Version:                           1 (current)  OS/ABI:                            UNIX - System V  ABI Version:                       0  Type:                              REL (Relocatable file)  Machine:                           Advanced Micro Devices X86-64  Version:                           0x1  Entry point address:               0x0  Start of program headers:          0 (bytes into file)  Start of section headers:          1056 (bytes into file)        段表在文件中的偏移  Flags:                             0x0  Size of this header:               64 (bytes)                    文件头大小  Size of program headers:           0 (bytes)  Number of program headers:         0  Size of section headers:           64 (bytes)                     每个段表结构大小  Number of section headers:         13　　　　　　　　　　　　　　　　　　段表头数目  Section header string table index: 12

 2、readelf -S   查看段表结构

 

There are 13 section headers, starting at offset 0x420:Section Headers:  [Nr] Name              Type             Address           Offset       Size              EntSize          Flags  Link  Info  Align  [ 0]                   NULL             0000000000000000  00000000       0000000000000000  0000000000000000           0     0     0  [ 1] .text             PROGBITS         0000000000000000  00000040       0000000000000054  0000000000000000  AX       0     0     1  [ 2] .rela.text        RELA             0000000000000000  00000310       0000000000000078  0000000000000018   I      10     1     8  [ 3] .data             PROGBITS         0000000000000000  00000094       0000000000000008  0000000000000000  WA       0     0     4  [ 4] .bss              NOBITS           0000000000000000  0000009c       0000000000000004  0000000000000000  WA       0     0     4  [ 5] .rodata           PROGBITS         0000000000000000  0000009c       0000000000000004  0000000000000000   A       0     0     1  [ 6] .comment          PROGBITS         0000000000000000  000000a0       000000000000002e  0000000000000001  MS       0     0     1  [ 7] .note.GNU-stack   PROGBITS         0000000000000000  000000ce       0000000000000000  0000000000000000           0     0     1  [ 8] .eh_frame         PROGBITS         0000000000000000  000000d0       0000000000000058  0000000000000000   A       0     0     8  [ 9] .rela.eh_frame    RELA             0000000000000000  00000388       0000000000000030  0000000000000018   I      10     8     8  [10] .symtab           SYMTAB           0000000000000000  00000128       0000000000000180  0000000000000018          11    11     8  [11] .strtab           STRTAB           0000000000000000  000002a8       0000000000000066  0000000000000000           0     0     1  [12] .shstrtab         STRTAB           0000000000000000  000003b8       0000000000000061  0000000000000000           0     0     1Key to Flags:  W (write), A (alloc), X (execute), M (merge), S (strings), I (info),  L (link order), O (extra OS processing required), G (group), T (TLS),  C (compressed), x (unknown), o (OS specific), E (exclude),  l (large), p (processor specific)

 

There are 13 section headers, starting at offset 0x420: 目标文件大小1888字节，段表在0x420开始，每个section header 64 bytes(见头文件) 因而: 0x420  +  64*13(dec)=1056 + 832 =1888正好。 3、查看字符串表与段表字符串表内容 od --skip-bytes 0x000002a8 --read-bytes 0x66 -t x2z SimpleSection.o（参数见2中段表信息 偏移与大小）

0001250 5300 6d69 6c70 5365 6365 6974 6e6f 632e  >.SimpleSection.c<0001270 7300 6174 6974 5f63 6176 2e72 3731 3033  >.static_var.1730<0001310 7300 6174 6974 5f63 6176 3272 312e 3337  >.static_var2.173<0001330 0031 6c67 626f 6c61 695f 696e 5f74 6176  >1.global_init_va<0001350 0072 6c67 626f 6c61 755f 696e 696e 5f74  >r.global_uninit_<0001370 6176 0072 7566 636e 0031 7270 6e69 6674  >var.func1.printf<0001410 6d00 6961 006e                           >.main.<0001416

 

4、查看段表字符串表内容

 od --skip-bytes 0x000003b8 --read-bytes 0x61 -t x1z SimpleSection.o

0001670 00 2e 73 79 6d 74 61 62 00 2e 73 74 72 74 61 62  >..symtab..strtab<0001710 00 2e 73 68 73 74 72 74 61 62 00 2e 72 65 6c 61  >..shstrtab..rela<0001730 2e 74 65 78 74 00 2e 64 61 74 61 00 2e 62 73 73  >.text..data..bss<0001750 00 2e 72 6f 64 61 74 61 00 2e 63 6f 6d 6d 65 6e  >..rodata..commen<0001770 74 00 2e 6e 6f 74 65 2e 47 4e 55 2d 73 74 61 63  >t..note.GNU-stac<0002010 6b 00 2e 72 65 6c 61 2e 65 68 5f 66 72 61 6d 65  >k..rela.eh_frame<0002030 00                                               >.<0002031

5、查看符号表信息

readelf -s SimpleSection.c  （小 写 s）

Symbol table '.symtab' contains 16 entries:   Num:    Value(符号值)    Size Type    Bind   Vis   Ndx Name     0: 0000000000000000     0 NOTYPE  LOCAL  DEFAULT  UND      1: 0000000000000000     0 FILE    LOCAL  DEFAULT  ABS SimpleSection.c     2: 0000000000000000     0 SECTION LOCAL  DEFAULT    1      3: 0000000000000000     0 SECTION LOCAL  DEFAULT    3      4: 0000000000000000     0 SECTION LOCAL  DEFAULT    4      5: 0000000000000000     0 SECTION LOCAL  DEFAULT    5      6: 0000000000000004     4 OBJECT  LOCAL  DEFAULT    3 static_var.1730     7: 0000000000000000     4 OBJECT  LOCAL  DEFAULT    4 static_var2.1731     8: 0000000000000000     0 SECTION LOCAL  DEFAULT    7      9: 0000000000000000     0 SECTION LOCAL  DEFAULT    8     10: 0000000000000000     0 SECTION LOCAL  DEFAULT    6     11: 0000000000000000     4 OBJECT  GLOBAL DEFAULT    3 global_init_var     全局变量，定义在第 3 段 （.data）    12: 0000000000000004     4 OBJECT  GLOBAL DEFAULT  COM global_uninit_var    13: 0000000000000000    33 FUNC    GLOBAL DEFAULT    1 func1    14: 0000000000000000     0 NOTYPE  GLOBAL DEFAULT  UND printf    15: 0000000000000021    51 FUNC    GLOBAL DEFAULT    1 main