从a.out文件中提取全局变量 [英] Extract global variables from a.out file

问题描述

编辑（更新问题）

我有一个简单的C程式：

  //不重要知道什么代码可以跳过代码
  

main.c

  #include< bsp.h> 
 
 unsigned int AppCtr; 
 unsigned char AppFlag; 
 int SOME_LARGE_VARIABLE; 
 
 static void AppTest（void）; 
 
 void main（void）
 {
 AppCtr = 0; 
 AppFlag = 0; 
 AppTest（）; 
} 
 
 static void Foo（void）{
 SOME_LARGE_VARIABLE = 15; 
} 
 
 
 static void AppTest（void）
 {
 unsigned int i; 
 i = 0; 
 while（i <200000）{
 i ++; 
} 
 
 BSP_Test（）; 
 SOME_LARGE_VARIABLE = 3; 
 Foo（）; 
} 
  

bsp.c
$ b

  extern int SOME_LARGE_VARIABLE; 
 extern unsigned char AppFlag; 
 
 unsigned int long My_GREAT_COUNTER; 
 
 void BSP_Test（void）{
 SOME_LARGE_VARIABLE = 5; 
 My_GREAT_COUNTER = 4; 
} 
  

（程序不起任何作用... 是提取变量名称他们的位置，他们被声明和它们的内存地址）

当我编译程序，我得到文件 a.out 这是一个包含调试信息的elf文件。

5年前，公司有人在.net中写了一个程序，将从a.out文件中获取所有这些信息。这是代码返回的：

  //名称显示名称类型大小地址
  

对于这个小程序，它非常适用于其他大型项目。

代码长度为2000行，错误，它不支持.NET版本4.这就是为什么我试图重新创建它。

---

所以我的问题是，我的意思是我不知道采取什么方法来解决这个问题。这些是我一直在考虑的选项：

1. 整理我在第一张图片上显示的程序的错误代码，并尝试看看它做什么，以及如何解析a.out文件以获取该信息。一旦我完全理解它试图找出为什么它不支持版本3和4。




2. 我可以创建regex表达式，所以可能试图寻找a.out文件中的模式通过执行以下操作：到目前为止，我找到了其中只有一个文件（main.c）的模式。但是，当有几个文件，它得到更复杂。我还没有尝试过。




3. 安装 Cygwin ，以便我可以在Windows上使用linux命令，例如 objdump ， nm 或 elfread 。我使用命令，当我使用那些命令，如 readelf -w a.out 我玩得不够，我得到更多的信息，我需要。有一些缺点，为什么我没有花这么多时间这种方法：

   
   
   
   
   

   • 缺点：需要一段时间才能安装cygwin在Windows上，当给我们的客户我们不希望他们必须安装它的应用程序。也许有一种方法只是安装命令objdump和elfread而不必安装整个事情

   
   

   • 优点：如果我们找到正确的命令，不要重新发明轮子，节省一些时间。也许这是一个解析命令结果的问题，例如 objdump -w a.out

   
   
   / li>
   

---

如果您想要下载a.out文件以进行解析， a href =http://soundeliverance.com:8080/temp/elf/a.out =noreferrer>这里是。

---

摘要

以获取a.out文件上的全局变量。我想知道什么类型每个变量（int，char，..），它们有什么内存地址，我也想知道什么文件的变量被声明（main.c或someOtherFile.c）。我将很感激，如果我不必使用cygwin，因为这将使它更容易部署。由于这个问题要求很多，我试图拆分成更多：

• objdump / readelf获取变量信息< a>


• 获取位置在a.out文件中的符号

也许我应该删除其他问题。对不起冗余。

解决方案

这里是我会做的。为什么重新发明轮子！

1. 从这里

   
   
   

   在bin目录应该有： readelf.exe

   
   
   

   注意我们不需要




2. 一旦我们在cmd中执行该文件：

     // cdpath其中readelf.exe是
    readelf.exe -s a.out 
     

   这是将出来的列表：
   

   
   
   

   所以如果你看看，我们感兴趣的是获取所有的OBJECT类型的大小大于0的变量。




3. 一旦我们得到变量，我们可以使用 readelf.exe -w a.out 命令在树上，它看起来像：让我们开始寻找在步骤中找到的变量之一2（SOME_GREAT_COUNTER）注意，在顶部，我们知道变量被声明的位置，我们得到更多的信息，例如声明的行和内存地址




4. 最后我们缺少的是获取类型。如果你看看，我们看到类型是=< 0x522>。这意味着我们必须去树的522来获得关于那个时间的更多信息。如果我们去那个部分，这是我们得到的：从看树，我们知道SOME_LARGE_VARIABLE类型为unsigned long

Edit (updated question)

I have a simple C program:

   // it is not important to know what the code does you may skip the code 

main.c

#include <bsp.h>

unsigned int   AppCtr;
unsigned char  AppFlag;
int SOME_LARGE_VARIABLE;

static  void  AppTest (void);

void  main (void)
{
    AppCtr  = 0;
    AppFlag = 0;        
    AppTest();
}

static void Foo(void){
    SOME_LARGE_VARIABLE=15; 
}


static  void  AppTest (void)
{
    unsigned int  i;
    i = 0;
    while (i < 200000) {
        i++;
    }

    BSP_Test();      
    SOME_LARGE_VARIABLE=3;    
    Foo();
}

bsp.c

extern int SOME_LARGE_VARIABLE;
extern unsigned char  AppFlag;

unsigned int long My_GREAT_COUNTER;

void  BSP_Test (void) {
  SOME_LARGE_VARIABLE = 5;
  My_GREAT_COUNTER = 4;
}

(the program does not do anything useful... My goal is to extract the variable names their location where they are being declared and their memory address)

When I compile the program I get the file a.out which is an elf file containing debug information.

Someone on the company wrote a program in .net 5 years ago that will get all this information from the a.out file. This is what the code returns:

   //  Name          Display Name                    Type      Size     Address

For this small program it works great and also for other large projects.

That code is 2000 lines long with several bugs and it does not support .NET version 4. That's why I am trying to recreate it.

---

So my question is, I am lost in the sense that I don't know what approach to take in order to solve this problem. These are the options I have been considering:

1. Organize the buggy code of the program I showed on the first image and try to see what it does and how it parses the a.out file in order to get that information. Once I fully understand it try to figure out why it does not support version 3 and 4.

2. I am ok at creating regex expressions so maybe try to look for the pattern in the a.out file by doing something like: So far I was able to find the pattern where there is just one file (main.c). But when there are several files it get's more complicated. I haven't tried it yet. Maybe it will be not that complicated and it will be possible to find the pattern.

3. Install Cygwin so that I can use linux commands on windows such as objdump, nm or elfread. I have't played enough with the commands when I use those commands such as readelf -w a.out I get way more information that I need. There are some cons why I have not spend that much time with this approach:

   • Cons: It takes a while to install cygwin on windows and when giving this application to our customers we don't want them to have to install it. Maybe there is a way of just installing the commands objdump and elfread without having to install the whole thing

   • Pros: If we find the right command to use we will not be reinventing the wheel and save some time. Maybe it is a matter of parsing the results of a command such as objdump -w a.out

---

In case you want to download the a.out file in order to parse it here it is.

---

Summary

I will to be able to get the global variables on a.out file. I will like to know what type each variable is (int, char, ..), what memory address they have and I will also like to know on what file the variable is being declared (main.c or someOtherFile.c). I will appreciate if I don't have to use cygwin as that will make it more easy to deploy. Since this question asks for a lot, I attempted to split it into more:

• objdump/readelf get variables information
• Get location of symbols in a.out file

perhaps I should delete the other questions. sorry being redundant.

解决方案

Here is what I will do. Why reinvent the wheel!

1. Download linux commands that will be needing on windows from here.

   on the bin directory there should be: readelf.exe

   Note we will not need Cygwin or any program so deploying will be simple!

2. Once we have that file execute in cmd:

   // cd "path where readelf.exe is"
   readelf.exe -s a.out
   

   and this is the list that will come out:

   so if you take a look we are interested in getting all the variables that are of type OBJECT with size greater than 0.

3. Once we got the variables we can use the readelf.exe -w a.out command to take a look at the tree and it looks like: let's start looking for one of the variable we found on step 2 (SOME_GREAT_COUNTER) Note that at the top we know the location where the variable is being declared, we got more information such as the line where it was declared and the memory address

4. The last thing we are missing to do is to get the type. if you take a look we see that the type is = <0x522>. What that means is that we have to go to 522 of the tree to get more info about that time. If we go to that part this is what we get: From looking at the tree we know that SOME_LARGE_VARIABLE is of type unsigned long

这篇关于从a.out文件中提取全局变量的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！