From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 7993 invoked by alias); 5 Aug 2019 09:43:20 -0000 Mailing-List: contact gdb-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-owner@sourceware.org Received: (qmail 7983 invoked by uid 89); 5 Aug 2019 09:43:19 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_00,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=no version=3.3.1 spammy=indepth, in-depth, sk:krishna, crypto X-HELO: mail-lj1-f176.google.com Received: from mail-lj1-f176.google.com (HELO mail-lj1-f176.google.com) (209.85.208.176) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 05 Aug 2019 09:43:18 +0000 Received: by mail-lj1-f176.google.com with SMTP id r9so78737609ljg.5 for ; Mon, 05 Aug 2019 02:43:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=8CeFFfaBTxk2xlIi75eU9dgrW4rRx5ifj0JNHg9e8Vo=; b=e7jhhk1EuK+yDxzREEyXhYM+Nt9MY42x1dLrdDKr1rEA4S9vpmA8TcE0e2dPKhfOea lneTJR9JubYCp0A3C5V1DeAmJSoj+xl7nVauJGEiG24qgMcfWmhLhP6V6JYmQUi5JHrj faOVeLkPQGSnEHdaIJ0SNrVrKISXUssA48Yc///eYpY4M5IbjrLvb29C4hx3JYz3U1xs UZtJLkxUNXdgl/G5oy80ztdnvMcwNFtZdddPJo5a7eWgeLBn5SUNy6rI4cFjv8hEYZ/4 WUMhkwJrcLpOQds2MZI2u7pIma+s17AA3rdCEosqsfawaKOirc+gEBhXw+FSK5t8nvUP MlUg== MIME-Version: 1.0 References: In-Reply-To: From: Ruslan Kabatsayev Date: Mon, 05 Aug 2019 09:43:00 -0000 Message-ID: Subject: Re: Facing challenge in making some changes in GDB for my personal project To: krishnan gosakan Cc: gdb@sourceware.org Content-Type: text/plain; charset="UTF-8" X-IsSubscribed: yes X-SW-Source: 2019-08/txt/msg00001.txt.bz2 Hi, On Sun, 4 Aug 2019 at 19:14, krishnan gosakan wrote: > > Hi, > This is my first message in this mailing group. I am pretty new to gdb code > base. I am thinking of implementing something similar to findcrypt in IDA > pro in GDB. I first tried to script it in python but it took so long that > it is impractical. So, I decided to get the GDB source and make a few > modifications such that I can add a new command(like run,step etc..) which > does the same. > This command has two parts: It should do a single step execution. After > each step, I should disassemble the current instruction and find if any > crypto constants are used. > I am facing difficulty in disassembling the instructions. As far as I > analysed the source code, there is no option for returning the disassembled > information as some kind of object to caller. All that is available is > functions which can print the disassembled instruction. So, I would like to > know how I could get the disassembled instruction as some kind of object, > which I can use for future analysis. I'm afraid binutils' disassembler doesn't provide such in-depth information on the instructions as their operands, affected registers etc.: it can only format the disassembly string. I suggest you to try a specialized disassembler like e.g. Capstone [1] to do the analysis. I have actually used it to implement some instruction analysis in another debugger (EDB) and, although some quirks are sometimes required, Capstone does do its job generally. [1]: https://github.com/aquynh/capstone Regards, Ruslan > Thank you in advance for any help. > > Regards, > G.Krishnan.