2018-10-12 18:39:09 +02:00
|
|
|
# dwarf-synthesis
|
|
|
|
|
|
|
|
A tool for automatic synthesis of DWARF.
|
|
|
|
|
|
|
|
The purpose of this tool is to take any given binary program or library,
|
|
|
|
examine its assembly code and, based solely on that, generate the corresponding
|
|
|
|
`.eh_frame` DWARF data.
|
|
|
|
|
|
|
|
## Dependencies
|
|
|
|
|
|
|
|
This tool relies on [BAP](https://github.com/BinaryAnalysisPlatform/bap), which
|
|
|
|
is available through OPAM.
|
2019-03-18 14:20:53 +01:00
|
|
|
|
2019-03-18 14:27:24 +01:00
|
|
|
## Compiling
|
2019-03-18 14:20:53 +01:00
|
|
|
|
2019-03-18 14:27:24 +01:00
|
|
|
Simply run `make` to compile all the necessary tools, including compiling and
|
|
|
|
installing the BAP plugin `dwarfsynth`.
|
|
|
|
|
|
|
|
## Running with a wrapper script
|
|
|
|
|
|
|
|
To generate an `.eh_frame` section for some binary `foo.bin` and write the
|
|
|
|
output as `foo.eh.bin`, you can run
|
|
|
|
|
|
|
|
```
|
|
|
|
./synthesize_dwarf foo.bin foo.eh.bin
|
|
|
|
```
|
|
|
|
|
|
|
|
You can also omit the second parameter to simply overwrite `foo.bin`.
|
|
|
|
|
|
|
|
## Running by hand
|
|
|
|
|
|
|
|
If you want, for some reason, to run by hand the multiple components, you can
|
|
|
|
follow this procedure (by using more appropriate file names, and, possibly, a
|
|
|
|
temporary directory -- see `mktemp -d`).
|
2019-03-18 14:20:53 +01:00
|
|
|
|
|
|
|
### Running the BAP plugin
|
|
|
|
|
|
|
|
`bap prog_to_analyze.bin -p dwarfsynth --dwarfsynth-output tmp.marshal`
|
|
|
|
|
|
|
|
### Running `ml_dwarf_write`
|
|
|
|
|
|
|
|
You can get a help text with `./ml_dwarf_write.bin`. Otherwise, you can run
|
|
|
|
|
|
|
|
```
|
|
|
|
./ml_dwarf_write.bin tmp.marshal prog_to_analyze.bin eh_frame_section`
|
|
|
|
```
|
|
|
|
|
|
|
|
### Stitching the section into a binary
|
|
|
|
|
|
|
|
```
|
|
|
|
objcopy --add-section .eh_frame=eh_frame_section prog_to_analyze.bin prog_to_analyze.eh.bin
|
|
|
|
```
|
|
|
|
|
|
|
|
## Commonly used commands
|
|
|
|
|
|
|
|
### List a binary sections
|
|
|
|
|
|
|
|
`objdump -h blah.bin`
|
|
|
|
|
|
|
|
### Strip a binary of its `eh_frame`
|
|
|
|
|
|
|
|
`objcopy --remove-section '.eh_frame' --remove-section '.eh_frame_hdr' blah.bin`
|