LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
  Search this Thread
Old 10-08-2011, 04:56 AM   #1
ajaygarg
Member
 
Registered: Mar 2010
Location: New Delhi, India
Distribution: Fedora
Posts: 94

Rep: Reputation: 0
How to view assembly code of a third-party ".so" ?


Hi all.

I have been debugging an issue, and the code sources we have are as follows :

a. Our product source code, plus the build environment (obviously !! ;-) )

b. One of our product feature, used third-party shared libraries (".so" extension). These third-party shared libraries have been obtained from an outsourced service-provider, which has made custom tweaks to its own source code, so that the third-party libraries fit in into our product feature.





I think it's confusing. Let me try again.

1. Let's say, we are organisation "A", building product "AP".

2. There is another organisation "B", building product "BP".

3. Both "A" and "B" have the source codes and build infrastuctures for their respective products.

4. Now, "A" has integrated "BP", with custom tweaks, in its product "AP",but "A" only has the built-shared libraries of "BP", and does not have the source code for "BP" (obviously).
But what "A" does have is a list of patches, that were applied to the original source code for "BP", so that it could be customized to fit into "AP".

5. Now, "A" is facing some problems with the customised-integrated "BP".

6. "A" has done a lot of head-banging , trial and errors; and believed the issue lies in one of the patches that were applied to "BP". "A" uses git, and so has come to know the possible culprit code-source-file and the code-source-file-line. But "A" is not sure, as it hasn't been confirmed.

7. "A" wants to confirm that the issue lies in that particular code-source- file-line.

8. Now, the only possibility is that "A" somehow makes the changes in assembly during run-time (only a flag needs to be changed in the culprit code-source-file-line).



I wish to know how to do the last point. In particular,

1. How to know which shared library to debug, given the names of culprit code-source-file and code-source-file-line, but not actually the complete-code-source-file?

2. Provided the shared library has been identified, how to actually change the flag value during runtime?



Looking forward to a reply.

Thanks and Regards,
Ajay

Last edited by ajaygarg; 10-08-2011 at 04:58 AM.
 
Old 10-08-2011, 05:58 AM   #2
ajaygarg
Member
 
Registered: Mar 2010
Location: New Delhi, India
Distribution: Fedora
Posts: 94

Original Poster
Rep: Reputation: 0
Point 1 solved

Well, solved the first part.
Did a simple grep for the function name in the list of shared libraries.

Fortunately, found the "so"


Still waiting to resolve the second query, though..



Regards,
Ajay
 
Old 10-08-2011, 07:23 AM   #3
ajaygarg
Member
 
Registered: Mar 2010
Location: New Delhi, India
Distribution: Fedora
Posts: 94

Original Poster
Rep: Reputation: 0
Status Update on second query

Hi all.

I managed to disassemble the shared library using ::

objdump -DR <shared library.so>


Now, yes, it can be debug in GDB.

However, I am curious, as to is there a way so that the assembly code be changed, and the shared-library be re-made, effecting that change?


Regards,
Ajay
 
Old 10-08-2011, 08:12 AM   #4
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 12,870
Blog Entries: 27

Rep: Reputation: 2163Reputation: 2163Reputation: 2163Reputation: 2163Reputation: 2163Reputation: 2163Reputation: 2163Reputation: 2163Reputation: 2163Reputation: 2163Reputation: 2163
Moved: This thread is more suitable in <Programming> and has been moved accordingly to help your thread/question get the exposure it deserves.
 
Old 10-08-2011, 08:21 AM   #5
ajaygarg
Member
 
Registered: Mar 2010
Location: New Delhi, India
Distribution: Fedora
Posts: 94

Original Poster
Rep: Reputation: 0
Thanks

@onebuck

Thanks a ton, sir


Regards,
Ajay
 
Old 10-08-2011, 09:46 AM   #6
ajaygarg
Member
 
Registered: Mar 2010
Location: New Delhi, India
Distribution: Fedora
Posts: 94

Original Poster
Rep: Reputation: 0
Well, just to elaborate, all I need is change one nibble in the text section of the shared library binary.
Thus, any unix software, that disassembles, and allows modification-and-saving of disassembled code, will do the job for me.

Ultimately, all I am looking is to change some bits (one nibble) of the on-disk binary.


I will be grateful for any help. I am just not able to pounce upon the required software :-|


Regards,
Ajay
 
Old 10-08-2011, 01:00 PM   #7
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,397
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
This is probably one of the rare cases where a 'hex editor' is actually useful. Using such a tool, you can edit arbitrary bytes within any binary image (such as a shared object library). Google should turn up a good-sized list of these. If you are using a major Linux distro, you probably have one already installed.

--- rod.

EDIT: In fact, you almost certainly have vi: See Using vi as a Hex Editor

Last edited by theNbomr; 10-08-2011 at 01:05 PM.
 
1 members found this post helpful.
Old 10-09-2011, 07:00 AM   #8
ajaygarg
Member
 
Registered: Mar 2010
Location: New Delhi, India
Distribution: Fedora
Posts: 94

Original Poster
Rep: Reputation: 0
That worked !!

@theNbomr

That worked Sir.
Thanks a ton!!

Greatest Regards,
Ajay
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
"Multicolumn" or "tiles", or even "list" icon view on desktop, in any DE? the dsc Linux - Desktop 3 02-20-2010 09:25 AM
Microsoft "new" patent could "force" downloaders to view commercials!! Hitboxx General 12 12-27-2007 09:05 AM
In addition to "view new posts" about "View last 24 hours" KimVette LQ Suggestions & Feedback 3 10-30-2005 10:22 AM
How to convert Assembly code to "C" source code ssg14j Programming 2 08-01-2005 12:48 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 12:10 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration