LibELF currently obtains the address for the dynamic string table from the STRTAB entry in the dynamic section. However, that entry lists the mapped address instead of the offset within the file. For most files, this isn't a problem, as .dynstr is allocated early enough in the file so that both values don't differ.

However, if .dynstr has a different loading address compared to the file offset (example: .dynstr is at the very end of the file; a test file for this is easily obtained by using patchelf --add-needed, as this generates a new string table at the very end of the file), we end up applying the address on top of our in-memory copy of the ELF file, which ends up reading from the wrong address.