Every Linux program loader, from the kernel's binfmt_elf to musl's dynamic linker, starts by parsing exactly the fields you are decoding here; readelf -h and objdump -f are thin wrappers around this same struct. Malware analysts hand-parse corrupted or intentionally malformed ELF headers when automated tools like readelf choke on them.