Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Adding own symbols for file in gdb

Tags:

symbols

gdb

elf

Ok.. so I'm working doing debugging on x86 with gdb. The particular files in question are stripped so I have no symbols from the binary itself. I have no access to the source code, but a rough idea of what's happening under the hood.

My asm knowledge is just about good enough to decide the purpose of a function and decide its purpose. Thus I can decide on my own appropriate names for functions after looking at them for a while, but I would like to be able to inject these as symbols so that once decided upon they can be used in later debugging..

Does anybody know how to load custom symbols into gdb? I've considered recompiling gdb with and adding an extra command to the UI to allow loading of a symbol at an address.. I was wondering if it would be possible to create a dummy object file with the symbols I've defined and then load it using add-symbol-file? Or would it be possible to compile a c program with dummy function and so how force them to be the correct size and at the correct location and then simply load that??

like image 349
Jimmy Avatar asked Mar 30 '11 15:03

Jimmy

1 Answers

This sounds like it should be an easy task, but it turns out to be surprisingly annoying, mostly because ELF as a file format is annoying to generate, so most tools are content with parsing it.

As described here, GDB reads the symbol information from two places, first some minimal information from the symbols in the .symtab and/or .dynsym sections, and afterwards more detailed information from the .debug_info section if it is present.

This immediately suggests two possible ways to add the information, either add the symbol to .symtab or generate your own DWARF info including the symbol.

However, generating DWARF from scratch seems to be a really uncommon use case, so the only working approach I've found so far is to use objcopy to add the symbol to the binary itself:

objcopy a.out --add-symbol function_name=.text:0x900,function,global a.out2

Note that gdb doesn't like absolute symbols for functions, I had to specify it as an offset into the .text section to be useful (i.e., be able to set breakpoints on the function and have it appear in backtraces)

Also, I wasn't able to find any way to modify the "size" field of the symbol.

like image 157
Benno Avatar answered Oct 09 '22 06:10

Benno
Sign in to Comment

Related questions

solib-absolute-prefix vs. solib-search-path in GDB
List loaded modules using gdb
How to detect the point of a stack overflow
Is it possible to "jump"/"skip" in GDB debugger?
Can GDB change the assembly code of a running program?
Invalid register eip?
gdb/ddd Program received signal SIGILL
how to use gdb to catch "exit" of a program
Determining the correct thread to debug in GDB
Unable to create a core file for my crashed program
GDB print all values in char array
C/C++ need a clever way to track function calls
Is there any enhanced gdb console for Eclipse?
Abort trap 6: when running gdb on Mac OS
GDB - how to get into stepping mode from the very beginning
How to build GDB on Windows
Weird behavior in GDB when defaulting copy/move constructors
How to debug the openjdk9 by netbeans8.2 in win10?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!