This is the mail archive of the
gdb@sourceware.org
mailing list for the GDB project.
Add to symbol table for reverse engineering?
- From: Nate Eldredge <neldredge at math dot ucsd dot edu>
- To: gdb at sourceware dot org
- Date: Wed, 18 Jul 2007 14:56:39 -0700 (PDT)
- Subject: Add to symbol table for reverse engineering?
Hi all,
I am trying to reverse engineer a stripped binary using gdb. I wonder if
there is a way to interactively add symbols as I go. For example, suppose
I discover that 0xdeadbeef is the address of a function that does "foo".
Presumably the binary originally had an entry "foo = 0xdeadbeef" in its
symbol table, which is now gone. I would like to be able to "put it back"
and use it with gdb's convenient symbol features. For instance, if I come
across a "call 0xdeadbeef" instruction elsewhere in the program, I would
like the gdb disassembler to tag it as "call 0xdeadbeef <foo>". Is there
any way to do this? I didn't see such a thing in the manual.
I know I can do:
set $foo = 0xdeadbeef
so that at least the address is saved, but gdb won't do the reverse
translation in disassembly.
I suppose it is possible to keep an external symbol table which I load,
but then I would have to have a separate file which I have to paste in
stuff from gdb, and then reload it every time I add something new.
--
Nate Eldredge
neldredge@math.ucsd.edu