开发者

Adding own symbols for file in gdb

Ok.. so I'm working doing debugging on x86 with gdb. The particular files in question are stripped so I have no symbols from the binary itself. I have no access to the source code, but a rough idea of what's happening under the hood.

My asm knowledge is just about good enough to decide the purpose of a function and decide its purpose. Thus I can decide on my own appropriate names for functions after looking at them for a while, but I would like to be able to inject these as symbols so that once decided upon they can be used in later debugging..

Does anybody know how to load custom symbols into gdb? I've considered recompiling gdb with and adding an extra command to the UI to allow loading of a symbol at an address.. I was wondering if it would be possible to create a dummy object file with the symbols I've defined and then load it using add-symbol-file? Or would it be possible to compile a c program with dummy fun开发者_开发百科ction and so how force them to be the correct size and at the correct location and then simply load that??


This sounds like it should be an easy task, but it turns out to be surprisingly annoying, mostly because ELF as a file format is annoying to generate, so most tools are content with parsing it.

As described here, GDB reads the symbol information from two places, first some minimal information from the symbols in the .symtab and/or .dynsym sections, and afterwards more detailed information from the .debug_info section if it is present.

This immediately suggests two possible ways to add the information, either add the symbol to .symtab or generate your own DWARF info including the symbol.

However, generating DWARF from scratch seems to be a really uncommon use case, so the only working approach I've found so far is to use objcopy to add the symbol to the binary itself:

objcopy a.out --add-symbol function_name=.text:0x900,function,global a.out2

Note that gdb doesn't like absolute symbols for functions, I had to specify it as an offset into the .text section to be useful (i.e., be able to set breakpoints on the function and have it appear in backtraces)

Also, I wasn't able to find any way to modify the "size" field of the symbol.


I wouldn't look for a solution in gdb. I would instead try to figure out how to put the symbols back to the binary. Logically, if it is possible to strip the symbols, then it must be possible to add them back. I'd expect linker (ld) or some other tool to allow that.

I recommend to check all the tools in binutils package (objdump, objcopy, nm, ld, ...) - they are capable of many almost miraculous things!

Tomas

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜