Send in your ideas. Deadline February 1, 2025

Last update: 2017-08-01

ELF Linking

Analytic tools for UNIX' Executable and Linkable Format

The Executable and Linkable Format is a common standard file format for executable files, object code, shared libraries, and core dumps. Understanding dynamic links is important but hard without the proper tools. This is a problem, because the actual details can have significant technical and legal implications.

    First published in the specification for the application binary interface (ABI) of the Unix operating system version named System V Release 4 (SVR4),[2] and later in the Tool Interface Standard, ELF is now the most common binary file format for Unix and Unix-like systems on x86 processors. There are some existing tools to generate ELF graphs, which are used by for instance lawyers interested in finding out if programs really can be considered derivative works, but also by engineers trying to find defects (bloat, build system configuration errors).

    One thing that is missing is "search", which would allow for answering questions like "which programs use this particular library" or "which symbols from a particular library are actually used by programs", which could be very relevant in a software engineering context (to discover if it is safe to remove libraries, or replace them with equivalent libraries, or to lift parts of a library into separate libraries to decrease bloat). This project will leverage existing tools, such as radare2 (ELF analysis) and Neo4j (graph database), add missing functionality in order to create a better set of analytical tools.

    The project is led by Armijn Hemel.