I am playing with a linux (ELF) file server programmed in C. Unfortunately I do not have the source, so I've been poking around in it with IDA, in hopes to add some additional functionality.

I am wanting to increase the size of the following data structure:

[code].bss:081960C8 ; void dword_81960C8
.bss:081960C8 dword_81960C8  dd ?                    ; DATA XREF: sub_8049694+76o
.bss:081960C8                                        ; sub_8049694+FBCo ...
.bss:081960CC                db    ? ;
.bss:081960CD                db    ? ;
.bss:081960CE                db    ? ;
.bss:081960CF                db    ? ;
.bss:081960D0                db    ? ;
.bss:081960D1                db    ? ;
.bss:081960D2                db    ? ;
.bss:081960D3                db    ? ;
.bss:081960D4                db    ? ;
.bss:081960D5                db    ? ;
.bss:081960D6                db    ? ;
.bss:081960D7                db    ? ;
.bss:081960D8                db    ? ;
.bss:081960D9                db    ? ;
.bss:081960DA                db    ? ;
.bss:081960DB                db    ? ;
.bss:081960DC                db    ? ;
.bss:081960DD                db    ? ;
.bss:081960DE                db    ? ;
.bss:081960DF                db    ? ;
.bss:081960E0                db    ? ;
.bss:081960E1                db    ? ;
.bss:081960E2                db    ? ;
.bss:081960E3                db    ? ;
.bss:081960E4                db    ? ;
.bss:081960E5                db    ? ;
.bss:081960E6                db    ? ;
.bss:081960E7                db    ? ;
.bss:081960E8 dword_81960E8  dd ?                    ; DATA XREF: sub_804E688+38w
[/code]

It is currently 32 bytes (081960C8 - 081960E7), and I'd like to extend it to 64 bytes. I'm not really sure on how to go about doing this.

I am guessing that I'll have to (in theory) edit the ELF header, increase the size of my .bss section, and accordingly update the affected offsets? I don't know how to start doing this, and I'd appreciate any information.

Thanks.

(SOLVED)

Solution:

I had to read up on the format of the elf header. It took some time figuring out how it worked and how to edit it.
I edited the ELF header to increase the size of the .bss section by 100 bytes. Then I relocated my data structure to my newly created space and updated all the offsets to point to my newly created data structure.

Works like a charm.

I have to ask: how'd you manage to end up with a Linux program that you can modify, yet not have its source?  Most closed source things specify no tampering.  I'd be surprised to see a closed source file server outside a corporate environment, and a corporate setup would be a lot more worried about violating anti-tampering provisions than a home user would.

Actually, the file server is a "demo" application developed by some guys in the "Georgia Tech's Reverse Engineering Group". They have submitted various challenges and reverse-me's on the local newsgroups on campus. I've also posted this question on the newsgroups, but they haven't been very active lately, probably due to the semester ending soon.

I'm just doing this for the sake of learning.