All geek questions in one place

Find function call in binary list

I have a list of executables that can call a specific function. I need to find out what all execs call this function. I know that I can make "strings", but is there any other way to find this. The full code is written in C.

+4
source share
3 answers

You can use the nm utility in conjunction with grep to find which executables refer to a character, for example:

  nm name_of_executable |  grep symbol

So, for example, if I had a list of executables that could use "strcat", I could check this using:

  for file in exectuble1 executable2 ... executableN;  do
     references_to_strcat = `nm" $ file "|  grep strcat -c`
     if [$ references_to_strcat -ne 0];  then
        echo "$ file"
     fi
 done

The small loop above (subject to BASH) will print a list of all files referencing "strcat". Note that this will only tell you which executable is actually associated with the symbol ... I do not know how to determine which executables can refer to a function using dynamic loading (e.g. dlopen / dlsym / dlcose ).

Please note: if you have source code, not just executables, you can use Doxygen to create a complete call schedule (in addition to the documentation) for your source code, so this is another possibility.

+4
source

strace and ltrace may also be useful.

+1
source

As an option, Michael Aaron Safyan answers , you can use objdump -d to generate a list of assembler files. Then you can grep -wn determine the line numbers in your assembly list where the desired function call takes place. After you have line numbers, you can look at your entry and determine the function / subroutine in which they are called / used and how they are used (called, forked, pushed onto the stack, ...).

0
source

Source: https://habr.com/ru/post/1306655/

More articles:


All Articles