Hi all.

I have been debugging an issue, and the code sources we have are as follows :

a. Our product source code, plus the build environment (obviously !! ;-) )

b. One of our product feature, used third-party shared libraries (".so" extension). These third-party shared libraries have been obtained from an outsourced service-provider, which has made custom tweaks to its own source code, so that the third-party libraries fit in into our product feature.





I think it's confusing. Let me try again.

1. Let's say, we are organisation "A", building product "AP".

2. There is another organisation "B", building product "BP".

3. Both "A" and "B" have the source codes and build infrastuctures for their respective products.

4. Now, "A" has integrated "BP", with custom tweaks, in its product "AP",but "A" only has the built-shared libraries of "BP", and does not have the source code for "BP" (obviously).
But what "A" does have is a list of patches, that were applied to the original source code for "BP", so that it could be customized to fit into "AP".

5. Now, "A" is facing some problems with the customised-integrated "BP".

6. "A" has done a lot of head-banging , trial and errors; and believed the issue lies in one of the patches that were applied to "BP". "A" uses git, and so has come to know the possible culprit code-source-file and the code-source-file-line. But "A" is not sure, as it hasn't been confirmed.

7. "A" wants to confirm that the issue lies in that particular code-source- file-line.

8. Now, the only possibility is that "A" somehow makes the changes in assembly during run-time (only a flag needs to be changed in the culprit code-source-file-line).



I wish to know how to do the last point. In particular,

1. How to know which shared library to debug, given the names of culprit code-source-file and code-source-file-line, but not actually the complete-code-source-file?

2. Provided the shared library has been identified, how to actually change the flag value during runtime?



Looking forward to a reply.

Thanks and Regards,
Ajay

Well, solved the first part.
Did a simple grep for the function name in the list of shared libraries.

Fortunately, found the "so"


Still waiting to resolve the second query, though..



Regards,
Ajay

Hi all.

I managed to disassemble the shared library using ::

objdump -DR <shared library.so>


Now, yes, it can be debug in GDB.

However, I am curious, as to is there a way so that the assembly code be changed, and the shared-library be re-made, effecting that change?


Regards,
Ajay

Moved: This thread is more suitable in <Programming> and has been moved accordingly to help your thread/question get the exposure it deserves.

@onebuck

Thanks a ton, sir


Regards,
Ajay

Well, just to elaborate, all I need is change one nibble in the text section of the shared library binary.
Thus, any unix software, that disassembles, and allows modification-and-saving of disassembled code, will do the job for me.

Ultimately, all I am looking is to change some bits (one nibble) of the on-disk binary.


I will be grateful for any help. I am just not able to pounce upon the required software :-|


Regards,
Ajay

This is probably one of the rare cases where a 'hex editor' is actually useful. Using such a tool, you can edit arbitrary bytes within any binary image (such as a shared object library). Google should turn up a good-sized list of these. If you are using a major Linux distro, you probably have one already installed.

--- rod.

EDIT: In fact, you almost certainly have vi: See Using vi as a Hex Editor

1 members found this post helpful.

@theNbomr

That worked Sir.
Thanks a ton!!

Greatest Regards,
Ajay