Mirror of the gdb mailing list
 help / color / mirror / Atom feed
* Add to symbol table for reverse engineering?
@ 2007-07-19  3:09 Nate Eldredge
  2007-07-19  5:26 ` Daniel Jacobowitz
  0 siblings, 1 reply; 2+ messages in thread
From: Nate Eldredge @ 2007-07-19  3:09 UTC (permalink / raw)
  To: gdb

Hi all,

I am trying to reverse engineer a stripped binary using gdb.  I wonder if 
there is a way to interactively add symbols as I go.  For example, suppose 
I discover that 0xdeadbeef is the address of a function that does "foo". 
Presumably the binary originally had an entry "foo = 0xdeadbeef" in its 
symbol table, which is now gone.  I would like to be able to "put it back" 
and use it with gdb's convenient symbol features.  For instance, if I come 
across a "call 0xdeadbeef" instruction elsewhere in the program, I would 
like the gdb disassembler to tag it as "call 0xdeadbeef <foo>".  Is there 
any way to do this?  I didn't see such a thing in the manual.

I know I can do:

set $foo = 0xdeadbeef


so that at least the address is saved, but gdb won't do the reverse 
translation in disassembly.

I suppose it is possible to keep an external symbol table which I load, 
but then I would have to have a separate file which I have to paste in 
stuff from gdb, and then reload it every time I add something new.

-- 

Nate Eldredge
neldredge@math.ucsd.edu


^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-07-19  3:10 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-07-19  3:09 Add to symbol table for reverse engineering? Nate Eldredge
2007-07-19  5:26 ` Daniel Jacobowitz

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox