Binary Hacks from O'Reilly Japan is a book about low-level programming on GNU/Linux systems. The goal of the book is to offer useful but not necessarily very well-known techniques as many as we can to readers.

Table of Contents

Chapter 1. Introduction

1. Introduction to Binary Hacks

2. Terminology of Binary Hacks

3. Using "file" to tell file types

4. Using "od" to dump binary files

Chapter 2. Object Files Hacks

5. Introduction to ELF

6. Static libraries and dynamic libraries

7. Using "ldd" to check dependencies of shared libraries

8. Using "readelf" to see information of ELF files

9. Using "objdump" to dump object files

10. Using "objdump" to disassemble object files

11. Using "objcopy" to embed data in executables

12. Using "nm" to see lists of symbols in object files

13. Using "strings" to extract strings from binary files

14. Using "c++filt" to demangle C++ symbols

15. Using "addr2line" to get file names and line numbers by addresses

16. Using "strip" to delete symbols from object files

17. Using "ar" to modify static libraries

18. How to link C and C++ programs

19. How to avoid symbol collision issues

20. Why PIC code is used for shared libraries on GNU/Linux systems

21. Using "statifier" to create pseudo static executables from dynamic executables

Chapter 3. GNU Programming Hacks

22. Introduction to GCC extensions

23. Using inline assembler with GCC

24. Using GCC's builtin functions for optimization

25. Writing "Hello World" without using glibc

26. Using TLS (Thread Local Storage)

27. Switching glibc's internal libraries by system capabilities

28. Changing behavior of programs by linked libraries

29. Reducing exported symbols of libraries

30. Using versioned symbols to manage compatibility

31. Calling functions before main()

32. How GCC generates trampoline code at runtime

33. Allowing and disallowing executable flags of code on stacks

34. Running code on heaps

35. Creating PIE (Position Independent Executable)

36. Writing synchronized methods in C++

37. Creating singletons in C++

38. Understanding g++'s exceptions (throw)

39. Understanding g++'s exceptions (SjLj)

40. Understanding g++'s exceptions (DWARF2)

41. Understanding runtime cost of g++'s exceptions

Chapter 4. Secure Programming Hacks

42. Introduction to GCC secure programming

43. Using "-ftrapv" to detect integer overflows

44. Using "Mudflap" to detect buffer overflows

45. Using "-D_FORTIFY_SOURCE" to detect buffer overflows

46. Using "-fstack-protector" to protect stacks

47. Why you should use unsigned constants to do bitmask

48. Why big shift operations are dangerous

49. Why you should care difference between 0 and NULL on 64-bit systems

50. Thread-safe functions defined by POSIX

51. Writing signal handlers in a safe manner

52. Using "sigwait" to process async signals synchronously

53. Using "sigsafe" to write signal processing safely

54. Using "Valgrind" to detect memory leaks

55. Using "Valgrind" to detect invalid memory access

56. Using "Helgrind" to debug multi-threaded programs

57. Using "fakeroot" to run programs with fake root privilege

Chapter 5. Runtime Hacks

58. How programs reach main()

59. How system calls are called

60. Using "LD_PRELOAD" to switch shared libraries

61. Using "LD_PRELOAD" to wrap existing functions

62. Using "dlopen" to do dynamic linking

63. Showing backtraces with C programs

64. Checking running process's absolute path

65. Checking loaded shared libraries of running programs

66. Checking memory maps of running programs

67. Using "libbfd" to list symbols

68. Demangling C++ symbols at runtime

69. Using "ffcall" to call functions with dynamic signatures

70. Using "libdwarf" to get debug information

71. Using "dumper" to pretty-print struct variables

72. How to load object files yourself

73. Using "libunwind" to control call chains

74. Using "GNU lightning" to generate code in a portable manner

75. Getting addresses of stacks

76. Using "sigaltstack" to handle stack overflows

77. Hooking entering and exiting of functions

78. Modifying contexts of programs in signal handlers

79. Getting values of program counters

80. Rewriting your programs at runtime

81. Using "SIGSEGV" to validate accessibility of addresses

82. Using "strace" to trace system calls

83. Using "ltrace" to trace function calls in shared libraries

84. Using "Jockey" to record and replay programs

85. Using "prelink" to improve programs starting up time

86. Using 'livepatch" to patch running programs

Chapter 6. Profilers and Debuggers Hacks

87. Using "gprof" to profile programs

88. Using "sysprof" to profile systems very easily

89. Using "oprofile" to profile systems

90. Using "GDB" to control running programs

91. Using debugging support of hardware

92. Setting break points in your C programs

Chapter 7. Misc Hacks

93. How Boehm GC works

94. Why you should be careful about memory ordering of processors

95. Light-weight concurrent processing with PCL (Portable Coroutine Library)

96. Counting clock counts of CPUs

97. How floating numbers are expressed in bits

98. What's special about x86's floating numbers instructions

99. Raising signals for operations resulting infinite or NAN.

100. Further reading