| description |
|---|
06/09/2024 |
Why revisit?
I needed a little refresher and wanted to share some quick/easy ways to remember both the PLT and GOT.
🚨 These are a MUST understand when working with dynamically-linked executables in Linux.
This can be looked at as a table of "stubs" (trampolines) that are used to call functions defined within shared libraries, like libc.
"PLT is a 'jump table' for function calls"
It simply helps a program jump to "external" functions defined within shared libraries.
This acts as a "storage area" for globals and functions for their corresponding virtual addresses.
When the program needs to access a global variable or call a function, it looks up the address in the GOT. These addresses are all resolved at runtime.
PLT -> GOT -> Linker (ld)
- When the program first calls a dynamically-linked function, it will store it in the PLT.
- PLT Entry for the function will then point to the linker
- The linker finds the address of the function, stores it in the GOT, and updates the PLT to point at the GOT for future calls
- This is for fast acquisition and accessibility to these functions for future use
- Meaning, the first call will always take slightly longer due to the lookup
- Subsequent calls will be blazingly faster
- Subsequent calls PLT -> GOT
- The PLT accesses the GOT for quick access
- Example:
foo@plt
Ultimately, remember this, the PLT is a jump table, possessing stubs (trampoline code) for corresponding function calls stored in dynamic libraries. Meanwhile, the GOT is a "storage area" for all resolved addresses.