Disassembly תרגול 9 ניתוח קוד
How to - Disassembly of code Compilation of code: gcc code.c We get the file: a.out Disassembly: objdump -d a.out We get an assembly-like code that represents the c code appeared in file code.c Objdump –t a.out This will print out the symbol table of the file. The symbol table includes the names of all functions and global variables in the file, the names of all the functions being called by the file, and their addresses.
Basic: Many times we work with an executive file and we are interested in the code that behind it. We can use the disassembly option or the debugger option in order to analyze the executive file, and understand what is does. Some time we will want to use both options. Disassembly enable us to get an assembly-like file that represent the activity of the executive file.
Important aspects In disassembly we only get the code of the functions in the files and functions that were used by the files. We don’t get the code of the system’s functions (printf, scanf…). We don’t get the values of global constants or strings. Many times there are optimizations or nops added by the compiler – what make is harder to understand. While using dissembler there are many global general functions added (init, start) usually we don’t care about them.
An example Show disass.asm
main:
hello: Address 0x does not appear in the disassembly code we can see. What does that tell us? How can we find out what is its value?
hello: Function “puts” is a simplified version of the printf() function. It doesn’t have all printf formats and it always put the newline character in the end of its strings.
main:
even: What kind of a loop is it?
main: Cleaning up the stack!
The C code: