Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Post by Dan Kore » Wed, 23 Feb 2005 17:38:57



Sorry, I meant "extracting".

This is a good example of
what 3 days of skiing can
do to one's typing ability.


dk
 
 
 

Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Post by roger.faul » Thu, 24 Feb 2005 03:47:31


There isn't any. You can't do it.

Roger Faulkner
XXXX@XXXXX.COM

 
 
 

Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Post by Dan Kore » Thu, 24 Feb 2005 15:36:13


Thanks.




"Can't do it" as in no off-the-shelf tools?

Or "can't do it" as in technically impossible?

Surely there must be enough linkage info saved
in an *.so to pull out routines one by one, no?



dk
 
 
 

Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Post by roger.faul » Thu, 24 Feb 2005 16:05:23


No. "You can't do it" as in technically impossible.
A shared library is not a collection of objects
like an archive (*.a) file. It is a single object.

Roger Faulkner
Sun Microsystems
 
 
 

Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Post by Dan Kore » Thu, 24 Feb 2005 16:48:29


I am aware of the fact a *.so is a single
"object".

It is not obvious to me however that within
that object there is not enough information
to extract a routine. After all, the entry
points and all exported symbols must be in
the symbol tables, right? And we can figure
out the code paths through statis code flow
analysis, right? It may not be as straight-
forward as in the case of *.a archives, but
it would be difficult to imagine why it might
not be feasible at all (not to mention all
the *** things that can be done under a
good de *** ).

Can you elaborate a little?


Thx,



dk

PS. I never take "no" for an answer ;-)
 
 
 

Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Post by Casper H.S » Thu, 24 Feb 2005 17:49:08


XXXX@XXXXX.COM writes:






And precisely because "a lot of information is lost"
in the process. You can pull routines out, but they've
been relocated against the PLT and cannot be relinked;
the relocation information is not preserved.

Casper
--
Expressed in this posting are my opinions. They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.
 
 
 

Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Post by Dan Kore » Thu, 24 Feb 2005 18:26:01


Fine, but I don't need to relocate any of
the said routines. All I need is to figure
out how they work ;-)



dk
 
 
 

Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Post by APA » Thu, 24 Feb 2005 18:41:18


In which case you could use dis to disassemble the whole thing, or
perhaps the mdb ::dis dcmd to disassemble the routine in question.

alan.
--
Alan Hargreaves - http://www.yqcomputer.com/
Kernel/VOSJEC/Performance Engineer
Product Technical Support (APAC)
Sun Microsystems
 
 
 

Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Post by Thomas Dic » Thu, 24 Feb 2005 19:39:49


It's not technically impossible - Sun does not provide a tool to do it.
(so for the people who've responded so far, of course it's impossible -
classical not invented here syndrome).

As hinted, one can disassemble the object and manipulate the source. The
instruction set is known, and a good tool could easily resolve the majority of
the jumps into symbols, associate symbols with offset expressions, etc. I have
in mind some interactive tools which I wrote quite a while ago for different
architectures to do exactly this.

--
Thomas E. *** ey
http://www.yqcomputer.com/
ftp://invisible-island.net
 
 
 

Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Post by Casper H.S » Thu, 24 Feb 2005 21:32:31

"Dan Koren" < XXXX@XXXXX.COM > writes:



routine::dis

in mdb.

Casper
--
Expressed in this posting are my opinions. They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.
 
 
 

Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Post by Richard.L. » Thu, 24 Feb 2005 23:09:09

In article <421c4c45$ XXXX@XXXXX.COM >,
"Dan Koren" < XXXX@XXXXX.COM > writes:




So now you're beyond a single command line and into the
realm of reverse-engineering. Even with a suite of
tools meant specifically for that purpose (and there's
probably enough with Solaris to help do the job, although
there's probably a lot more available for the purpose
elsewhere), that tends to require a certain amount of
knowledgable human involvement, well beyond rtfm a single
man page and type a single command.


--
mailto: XXXX@XXXXX.COM http://www.yqcomputer.com/ ~rlhamil

Lasik/PRK theme music:
"In the Hall of the Mountain King", from "Peer Gynt"
 
 
 

Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Post by Dan Kore » Fri, 25 Feb 2005 11:35:31


"Richard L. Hamilton" < XXXX@XXXXX.COM > wrote in


Of course ;-)

Not quite exactly "reverse engineering" since
I'm not trying to build a replacement of the
thing(s) I would like to disassemble. All I
need is to understand how they work.



Of course.

Last time I counted, there still were a
couple of grey cells inside my skull... ;-)



dk
 
 
 

Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Post by Michael Vi » Fri, 25 Feb 2005 17:38:31

In article < XXXX@XXXXX.COM >, "Dan Koren" < XXXX@XXXXX.COM >




I'm sure the DCMA litigation chasers trolling in this group are just
dying for more details. Care to enlighten us further?

--
DeeDee, don't press that button! DeeDee! NO! Dee...
 
 
 

Extracting routines from shared libraries (was Exreacting routines from shared libraries)

Post by js » Fri, 25 Feb 2005 18:17:36


If you are talking about Sun code and do not already you have access
to Solaris sources, why not just wait a few weeks and then check
the OpenSolaris source code?

--
EMail: XXXX@XXXXX.COM (home) Jg Schilling D-13353 Berlin
XXXX@XXXXX.COM (uni)
XXXX@XXXXX.COM (work) Blog: http://www.yqcomputer.com/
URL: http://www.yqcomputer.com/ ://ftp.berlios.de/pub/schily