[BUGFIX] Find the correct segment on Debian Unstable

[cbayet]

Since binutils 2.31, the options --enable-separate-code is enabled by default for Linux x86 binaries. (see changelog https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob_plain;f=ld/NEWS;hb=refs/tags/binutils-2_31) This new version of binutils is the version of last Debian Unstable.

You can still compile your binaries with the option "-z no-separate-code" in gcc, but pyflame should be able to support this.

This breaks pyflame, in the parsing of the ELF, in the function GetBaseAddress : we're looking for the start of the .text section, but because of this change into binutils, the first PT_LOAD segment found is the ELF header segment, and not the .text.

The patch now look for a PT_LOAD segment with the executable flags, since the ELF header segment is not executable.

I already found a bug with the same root cause in frida and patched it: https://github.com/frida/frida-core/pull/208

Tested on python 2.7.15 and 3.6.7.

Thanks for the project, and don't use Debian Unstable !

[CLAassistant]

All committers have signed the CLA.

[randomstuff]

I think my fix (#170) is the correct fix for this.

ELF::GetBaseAddress() computs the base address of the SO. This is supposed to be the address of the first (well, in fact, the lower) PT_LOAD entry.

The problem is that the offset of the SO in the process VMA is not computed correctly.