mk-project code investigating, debugging and disassembling

Introduction

You want to investigate in deep your binary cause of it bugs or simply per curiosity.

mk-project provide a lot of targets which will make your investigation easier.

The make info target

The make info target display simple informations about your program.

Using the file, size, ls -s -h utilities.

The file utility

The file utility print out the details about any file-type.

So if an executable file is given, the file utility will display informations about it.

The size utility

The size utility print out the byte length of the main binary components:

.text, .data and .bss.

The make gdb target

At first you can use the famous GNU/Debugger gdb for investigating your program,

by simply launching the target make gdb.

This will launch gdb in the ./bin folder where your binary is located

with your program as argument.

Note

Given options to gdb:

For given supplementary options to gdb, which will be passed to gdb at every target call, edit the GDB_OPTS variable.

Else if you want to change the options for a unique call of gdb, by using the target.

Simply set the wanted options into the GDB_OPTS variable on the command line:

$ make gdb GDB_OPTS="--option value"

The make ldd target

The ldd utility show the complete list of dynamic libraries which your program will try to load (i.e. The load time dependencies).

Note

Given options to ldd:

For given supplementary options to ldd, which will be passed to ldd at every target call, edit the LDD_OPTS variable.

Else if you want to change the options for a unique call of ldd, by using the target.

Simply set the wanted options into the LDD_OPTS variable on the command line:

$ make ldd LDD_OPTS="--option value"

Warning

Limitations of ldd:

  • ldd cannot identify the libraries dynamically loaded at runtime using dlopen().
Be aware, however, that in some circumstances, some version of ldd may attempt to obtain the dependencies informations
by directly executing the program. Thus, you should never employ ldd on untrusted executables,
since this may result in the execution of arbitrary code.

A safer alternative when dealing with untrusted executables is following:

$ objdump -p /path/to/binary | grep NEEDED

# The same result result can be achieve using the readelf utility.

$ readelf -d /path/to/binary | grep NEEDED

The make nm target

The nm utility is used to list the symbols of a binary or object file(s).

It can also find the indicated symbol type.

Note

Given options to nm:

For given supplementary options to nm, which will be passed to nm at every target call, edit the NM_OPTS variable.

Else if you want to change the options for a unique call of nm, by using the target.

Simply set the wanted options into the NM_OPTS variable on the command line:

$ make nm NM_OPTS="--option value"
note:You can give the $(OBJECT) make variable as argument to nm instead of the binary.

Note

If the binary contains some C++ code, the symbols are printed by default in mangled form.

Usage examples:

$ nm /path/to/prg

# List all symbols of prg (a binary or object file(s)).

$ nm -D /path/to/prg

# List only the symbols contains into the dynamic section(s) (exported or visible).

$ nm -C /path/to/prg

# List symbols in demangled form.

$ nm -D --no-demangle /path/to/prg

# List symbols in not demangled form.

$ nm -u /path/to/prg

# List undefined symbols.

Look at The 20 best nm commands

The make objdump target

objdump is one of the most versatile utility program, so it can support about 50 others binary formats other than the ELF format.

Note

Given options to objdump:

For given supplementary options to objdump, which will be passed to objdump at every target call, edit the OBJDUMP_OPTS variable.

Else if you want to change the options for a unique call of objdump, by using the target.

Simply set the wanted options into the OBJDUMP_OPTS variable on the command line:

$ make objdump OBJDUMP_OPTS="--option value"
note:You can give the $(OBJECT) make variable as argument to objdump instead of the binary.

Usage examples:

$ objdump -f /path/to/prg

# Is used to obtain an insight into the object file(s) header.
# The header provide plenty of informations like
#
# * binary type
# * entry point (The start of the .text section)
# * etc..

$ objdump -h /path/to/prg

# Is used to list the available sections from the prg.

$ objdump -T /path/to/prg

# List dynamic symbols only.

# Is equivalent to running: $ nm -D /path/to/prg

$ objdump -t /path/to/prg

# Examines the dynamic section(s).

$ objdump -R /path/to/prg

# Examines the relocation section(s).

$ objdump -S -j <section name> /path/to/prg

# Provide the hex-dump of the values carried by the given section.

$ objdump -p /path/to/prg

# Display informations about the ELF binary segments.

Usage example for code disassembling using objdump:

$ objdump -d -M intel /path/to/prg

# Used to disassemble a binary using the Intel syntax.

$ objdump -d -S -M intel /path/to/prg

# Like above but interspercing the original source code.

$ objdump -d -M intel -j <section name> /path/to/prg

# This only works if the binary is compiled with the -g (debugging) option.

The make strace target

The strace utility tracks down the system calls made by the process as well as the signals received by the process.

Note

Given options to strace:

For given supplementary options to strace, which will be passed to strace at every target call, edit the STRACE_OPTS variable.

Else if you want to change the options for a unique call of strace, by using the target.

Simply set the wanted options into the STRACE_OPTS variable on the command line:

$ make strace STRACE_OPTS="--option value"

The make ltrace target

The ltrace utility tracks down the libraries calls made by the process.

Note

Given options to ltrace:

For given supplementary options to ltrace, which will be passed to ltrace at every target call, edit the LTRACE_OPTS variable.

Else if you want to change the options for a unique call of ltrace, by using the target.

Simply set the wanted options into the LTRACE_OPTS variable on the command line:

$ make ltrace LTRACE_OPTS="--option value"

The make strip target

The strip utility can be used to eliminated all the symbols not needed in the process.

Note

Given options to strip:

For given supplementary options to strip, which will be passed to strip at every target call, edit the STRIP_OPTS variable.

Else if you want to change the options for a unique call of strip, by using the target.

Simply set the wanted options into the STRIP_OPTS variable on the command line:

$ make strip STRIP_OPTS="--option value"

Oprofile targets

The program collection Oprofile is a profiling system for systems running Linux 2.6.31 and greater.

OProfile makes use of the hardware performance counters provided on Intel, AMD, and other processors.

OProfile can profile a selected program or process or the whole system.

OProfile can also be used to collect cumulative event counts at the application, process, or system level.

Begin to show at:

$ man Oprofile

$ ophelp

:program:`ophelp` lists the available performance counter options.

If you give it a symbolic event name, it will return  the  hardware  value (e.g. "ophelp DATA_MEM_REFS").

:note: :program:`mk-project` use the version >= 1.0 of Oprofile.

And the available Oprofile programs are:

* :program:`operf`

* :program:`ocount`

* :program:`opreport`

* :program:`opannotate`

* :program:`oparchive`

* :program:`opgprof`

:program:`mk-project` provides wrapper around this programs except :program:`oparchive`.

Simply remember that operf and ocount generate a ``profile_specification``.

And the other are done to interpret the datas.

:warning: You must run this programs as root.

Valgrind targets

If valgrind is present on your system mk-project provide you 4 targets for the most common usage of valgrind:

make valgrind-memcheck   # Launch the valgrind memcheck tool on your binary.

make valgrind-cachegrind # Launch the valgrind cachegrind tool on your binary.

make valgrind-callgrind  # Launch the valgrind callgrind tool on your binary.

make valgrind-helgrind   # Launch the valgrind helgrind tool on your binary.
note:You can fill the VALGRIND_OPTS variable with the wanted options.

Alternative to *_OPTS

note:You can export *_OPTS the corresponding variable before launching the make target.

Documentation Source

  • GNU Make manual (A very good manual from the GNU manuals serie).
authors:Stallman, McGrath, Smith.
  • C/C++ Compiling (A very good book about libraries and machine code investigation).
author:Milan Stevanovic.