在剥离的ELF可执行文件中设置断点 [英] set breakpoint in an stripped ELF executable
问题描述
我有一个我想调试的ELF 32位动态链接,剥离文件。尝试在地址处设置断点时,会显示一条消息,指出符号表未加载。
我的问题是:
- 当你说ELF文件是
剥离究竟发生了什么? - 您是否剥离了ELF文件?
- 是否有可能以某种方式重建符号表?
- 是否可以在gdb中设置断点剥离可执行文件?
剥离ELFs是用gnu binutils工具条完成的, strip man page:
GNU strip丢弃
目标文件objfile中的所有符号。
目标文件的列表可能包含档案。在
中,必须给出至少一个对象文件。
当你说ELF文件被剥离时,究竟发生了什么?
剥离从二进制文件中删除不重要的信息。这可能只是调试数据或不是导出的符号。
你如何剥离一个ELF文件?
你可以通过使用像 strip -s yourLittleBinary 这样的条带去除一个二进制文件,它将用一个剥离的版本替换文件。选项 -s 告诉strip删除所有符号。地带可以以多种方式运行。再次从它的手册页:
-R节名
--remove-section = sectionname
从输出文件中删除名为sectionname的任何部分。
这个
选项可以多次提供。请注意,使用此
选项
可能会导致输出文件不可用。
-s
--strip-all
删除所有符号。
-g
-S
-d
--strip-debug
仅删除调试符号。
--strip-unneeded
删除重定位处理不需要的所有符号。
是否有可能以某种方式重建符号表?
据我所知,这是不可能的。然而,在剥离之前,可以从可执行文件创建一种映射文件,以便保留调试所需的信息。
是否无法设置断点gdb放在剥离的可执行文件上?
这是可能的。这只是一个可执行文件 - 删除了它的符号名称。然而,由于没有符号,除了具有提供地址名称映射的地图文件之外,唯一的事情是在特定地址处设置中断点。然而,您可以在共享库的任何函数中设置中断点,该问题可执行文件使用该中断点。
在地图文件中
您可以使用 nm 实用程序从可执行文件创建映射文件:
nm -Cn myLittleExecutable> myLittleExecutable.map
这会转储所有符号,C ++ - demangled(选项-C)并按数字顺序排序选项-n)。
$ b
链接
这可能会给你一些想法: http://www.linuxsa.org.au/meetings/reveng-0.2.pdf
GNU binutils文档: http://sourceware.org/binutils/docs -2.21 / binutils / index.html
GDB文档: http://www.gnu.org/software/gdb/documentation/
I have an ELF 32-bit dynamically linked, stripped file which I wish to debug. While trying to set a breakpoint at an address a message saying that the symbol table is not loaded.
My questions are:
- When you say that an ELF file is
strippedwhat exactly is happening? - How do you strip an ELF file?
- Is it possible to reconstruct the symbol table somehow?
- Is it not possible to set breakpoints in gdb on a stripped executable?
Stripping ELFs is is done with the gnu binutils tool strip, from the strip man page:
GNU strip discards all symbols from object files objfile. The list of object files may include archives. At least one object file must be given.
When you say that an ELF file is stripped what exactly is happening?
Stripping removes not-essential information from the binary. That may be just the debug-data or not exported symbols.
How do you strip an ELF file?
You can strip a binary by using strip like strip -s yourLittleBinary - which will replace the file with a stripped version. The option -s tells strip to remove all symbols. Strip can operate in a number of ways. Again, from it's man page:
-R sectionname --remove-section=sectionname Remove any section named sectionname from the output file.This option may be given more than once. Note that using this option inappropriately may make the output file unusable.
-s --strip-all Remove all symbols. -g -S -d --strip-debug Remove debugging symbols only. --strip-unneeded Remove all symbols that are not needed for relocation processing.
Is it possible to reconstruct the symbol table somehow?
As far as I know, it is not possible. It is however possible to create a kind of map file from the executable before stripping, in order to retain the information needed for debugging.
Is it not possible to set breakpoints in gdb on a stripped executable?
It is possible. It's just an executable - stripped of it's symbol names. However, as there are no symbols the only thing that (apart from having a map file that provides you with an address <-> name mapping) remains is setting break points at specific addresses. You can however set break points at any function of shared libraries that the executable in question uses.
On map files
You can create a map file from an executable using the nm utility:
nm -Cn myLittleExecutable > myLittleExecutable.map
This will dump all symbols, C++-demangled (option -C) and sorted numerically (option -n).
Links
This might give you some ideas: http://www.linuxsa.org.au/meetings/reveng-0.2.pdf
GNU binutils docs: http://sourceware.org/binutils/docs-2.21/binutils/index.html
GDB documentation: http://www.gnu.org/software/gdb/documentation/
这篇关于在剥离的ELF可执行文件中设置断点的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
