April 2007The Deconstruction of Dyninst: Part 1- the SymtabAPI The Deconstruction of Dyninst Part 1: The SymtabAPI Giridhar Ravipati University of Wisconsin,

Slides:



Advertisements
Similar presentations
Extending Eclipse CDT for Remote Target Debugging Thomas Fletcher Director, Automotive Engineering Services QNX Software Systems.
Advertisements

.NET Technology. Introduction Overview of.NET What.NET means for Developers, Users and Businesses Two.NET Research Projects:.NET Generics AsmL.
Module 13: Performance Tuning. Overview Performance tuning methodologies Instance level Database level Application level Overview of tools and techniques.
Lots of content, the hope is that they will be used as reference material after the presentation.
1 Starting a Program The 4 stages that take a C++ program (or any high-level programming language) and execute it in internal memory are: Compiler - C++
RIVERSIDE RESEARCH INSTITUTE Helikaon Linux Debugger: A Stealthy Custom Debugger For Linux Jason Raber, Team Lead - Reverse Engineer.
® IBM Software Group © 2010 IBM Corporation What’s New in Profiling & Code Coverage RAD V8 April 21, 2011 Kathy Chan
Paradyn Project Paradyn / Dyninst Week Madison, Wisconsin May 2-4, 2011 ProcControlAPI and StackwalkerAPI Integration into Dyninst Todd Frederick and Dan.
Paradyn Project Paradyn / Dyninst Week College Park, Maryland March 26-28, 2012 Paradyn Project Upcoming Features in Dyninst and its Components Bill Williams.
Paradyn Project Paradyn / Dyninst Week Madison, Wisconsin May 2-3, 2011 Introduction to the PatchAPI Wenbin Fang, Drew Bernat.
Assembly Code Verification Using Model Checking Hao XIAO Singapore University of Technology and Design.
© 2006 Barton P. MillerFebruary 2006Binary Code Analysis and Editing A Framework for Binary Code Analysis, and Static and Dynamic Patching Barton P. Miller.
Sameer Shende Department of Computer and Information Science Neuro Informatics Center University of Oregon Tool Interoperability.
The Design of a Resourceable and Retargetable Binary Translator Cristina Cifuentes Sixth Working Conference on Reverse Engineering On page(s):
Compiler Summary Mooly Sagiv html://
Partial Automation of an Integration Reverse Engineering Environment of Binary Code Author : Cristina Cifuentes Reverse Engineering, 1996., Proceedings.
Dr. Kalpakis CMSC 461, Database Management Systems Introduction.
JCE A Java-based Commissioning Environment tool Hiroyuki Sako, JAEA Hiroshi Ikeda, Visible Information Center Inc. SAD Workshop.
Trying to like a boss… REVERSE ENGINEERING. WHAT EVEN IS… REVERSE ENGINEERING?? Reverse engineering is the process of disassembling and analyzing a particular.
Application Security Tom Chothia Computer Security, Lecture 14.
University of Maryland Compiler-Assisted Binary Parsing Tugrul Ince PD Week – 27 March 2012.
Paradyn Project Dyninst/MRNet Users’ Meeting Madison, Wisconsin August 7, 2014 The Evolution of Dyninst in Support of Cyber Security Emily Gember-Jacobson.
University of Maryland parseThat: A Robust Arbitrary-Binary Tester for Dyninst Ray Chen.
An intro to programming. The purpose of writing a program is to solve a problem or take advantage of an opportunity Consists of multiple steps:  Understanding.
THE GITB TESTING FRAMEWORK Jacques Durand, Fujitsu America | December 1, 2011 GITB |
DCS Overview MCS/DCS Technical Interchange Meeting August, 2000.
March 17, 2005 Roadmap of Upcoming Research, Features and Releases Bart Miller & Jeff Hollingsworth.
Andrew Bernat, Bill Williams Paradyn / Dyninst Week Madison, Wisconsin April 29-May 1, 2013 New Features in Dyninst
The Deconstruction of Dyninst: Experiences and Future Directions Drew Bernat, Madhavi Krishnan, Bill Williams, Bart Miller Paradyn Project 1.
CS266 Software Reverse Engineering (SRE) Reversing and Patching Java Bytecode Teodoro (Ted) Cipresso,
University of Maryland New APIs from P/D Separation James Waskiewicz.
Topic 2d High-Level languages and Systems Software
Debugging parallel programs. Breakpoint debugging Probably the most widely familiar method of debugging programs is breakpoint debugging. In this method,
1. 2 Preface In the time since the 1986 edition of this book, the world of compiler design has changed significantly 3.
Buffer Overflow Proofing of Code Binaries By Ramya Reguramalingam Graduate Student, Computer Science Advisor: Dr. Gopal Gupta.
© 2001 Barton P. MillerParadyn/Condor Week (12 March 2001, Madison/WI) The Paradyn Port Report Barton P. Miller Computer Sciences Department.
1 CSCD 326 Data Structures I Software Design. 2 The Software Life Cycle 1. Specification 2. Design 3. Risk Analysis 4. Verification 5. Coding 6. Testing.
November 2005 New Features in Paradyn and Dyninst Matthew LeGendre Ray Chen
Chapter 5: Software Re-Engineering Omar Meqdadi SE 3860 Lecture 5 Department of Computer Science and Software Engineering University of Wisconsin-Platteville.
Intermission. Binary parsing 2 The Deconstruction of Dyninst _lock_foo main foo dynamic instrumentation, debugger, static binary analysis tools, malware.
AMD64/EM64T – Dyninst & ParadynMarch 17, 2005 The AMD64/EM64T Port of Dyninst and Paradyn Greg Quinn Ray Chen
Paradyn Project Paradyn / Dyninst Week Madison, Wisconsin April 12-14, 2010 Binary Rewriting with Dyninst Madhavi Krishnan and Dan McNulty.
Introduction Why are virtual machines interesting?
Introduction to Information Security מרצים : Dr. Eran Tromer: Prof. Avishai Wool: מתרגלים : Itamar Gilad
Chapter 18 Object Database Management Systems. Outline Motivation for object database management Object-oriented principles Architectures for object database.
Source Level Debugging of Parallel Programs Roland Wismüller LRR-TUM, TU München Germany.
© 2006 Andrew R. BernatMarch 2006Generalized Code Relocation Generalized Code Relocation for Instrumentation and Efficiency Andrew R. Bernat University.
A Binary Agent Technology for COTS Software Integrity Anant Agarwal Richard Schooler.
Paradyn Project Paradyn / Dyninst Week Madison, Wisconsin May 2-4, 2011 Paradyn Project Deconstruction of Dyninst: Best Practices and Lessons Learned Bill.
From Use Cases to Implementation 1. Structural and Behavioral Aspects of Collaborations  Two aspects of Collaborations Structural – specifies the static.
Some of the utilities associated with the development of programs. These program development tools allow users to write and construct programs that the.
From Use Cases to Implementation 1. Mapping Requirements Directly to Design and Code  For many, if not most, of our requirements it is relatively easy.
The World Leader in High Performance Signal Processing Solutions Toolchain Basics.
Sung-Dong Kim, Dept. of Computer Engineering, Hansung University Java - Introduction.
Computer System Structures
New Features in Dyninst 5.1
Chapter 1 Introduction.
Compiler Construction (CS-636)
Chapter 1 Introduction.
CompSci 725 Presentation by Siu Cho Jun, William.
Workshop in Nihzny Novgorod State University Activity Report
PHP / MySQL Introduction
The HP OpenVMS Itanium® Calling Standard
A configurable binary instrumenter
Paradyn / Condor Week 2007 University of Wisconsin-Madison
New Features in Dyninst 6.1 and 6.2
CSE401 Introduction to Compiler Construction
Program Assembly.
Dynamic Binary Translators and Instrumenters
From Use Cases to Implementation
Presentation transcript:

April 2007The Deconstruction of Dyninst: Part 1- the SymtabAPI The Deconstruction of Dyninst Part 1: The SymtabAPI Giridhar Ravipati University of Wisconsin, Madison

– 2 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Motivation  Binary tools are increasingly common  Two categories of operation Analysis : Derive semantic meaning from the binary code –Symbol tables (if present) –Decode (disassemble) instructions –Control-flow information: basic blocks, loops, functions –Data-flow information: from basic register information to highly sophisticated (and expensive) analyses. Modification –Insert, remove, or change the binary code, producing a new binary.

– 3 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Wide Use of Binary Tools Binary Modification –Eel, Vulcan, Etch, Atom, Diablo, Diota Binary Matching –BMT Forensics –Fenris Reverse engineering –IDA Pro Binary Translation –Objcopy, UQBT Program tracing –QPT Program debugging –Total view, gdb, STAT Program testing –Eraser Performance modeling –METRIC Performance profiling –Paradyn, Valgrind, TAU, OSS  Analysis and Modification are used in a wide variety of applications

– 4 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Lack of Code Sharing  Some tools do analysis and some tools do modification Only a few do both  Tools usually depend on Similar analysis Similar modification techniques  Too many different interfaces Usually too low level  Developers are forced to reinvent the wheel rather than use existing code

– 5 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Lack of Portability  Myriad number of differences between File formats Architectures Operating systems Compilers …  Building a portable binary tool is highly expensive Many platforms in common use

– 6 – The Deconstruction of Dyninst: Part 1- the SymtabAPI High-level goals  To build a toolkit that Has components for analysis Has components for modification Is portable & extensible Has an abstract interfaces Encourage sharing of functionality  Deconstruct Dyninst into a toolkit that can achieve these goals

– 7 – The Deconstruction of Dyninst: Part 1- the SymtabAPI DyninstAPI  Library that provides a platform-independent interface to dynamic binary analysis and modification  Goal Simplify binary tool development  Why is Dyninst successful? Analysis and modification capabilities Portability Abstract interface

– 8 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Drawbacks of Dyninst  Dyninst is complex  Dyninst internal components are portable but not sharable  Sometimes Dyninst is not a perfect match for user requirements  Dyninst is feature-rich in some cases Provides unnecessary extra functionality

– 9 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Example Scenarios  Hidden functionality Statically parse and analyze a binary without executing it Just perform stackwalking on a binary compiled without frame pointer information  Build new tools Static binary rewriter Tool to add a symbol table to stripped binaries

– 10 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Our Approach  Deconstruct the monolithic Dyninst into a suite of components  Each component provides a platform- independent interface to a core piece of Dyninst functionality

April 2007The Deconstruction of Dyninst: Part 1- the SymtabAPI AST Binary Code Instrumentation Requests Monolithic Dyninst

April 2007The Deconstruction of Dyninst: Part 1- the SymtabAPI Binary Code Code Gen Stack Walker Process Control SymtabAPI Code Parser Idiom Detector Instrumentation Requests Instruction Decoder Instrumenter AST

April 2007The Deconstruction of Dyninst: Part 1- the SymtabAPI SymtabAPI Instruction Decoder AST Binary Code Parser Idiom Detector IA32 AMD64 POWER IA64 SPARC Instrumentation Requests Process Control Instrumenter IA32 AMD64 POWER IA64 SPARC Code Gen IA32 AMD64 POWER IA64 SPARC Stack Walker Linux AIX Solaris Windows PE ELF XCOFF IA32 AMD64 POWER IA64 SPARC

April 2007The Deconstruction of Dyninst: Part 1- the SymtabAPI SymtabAPI PE Instruction Decoder AST Binary Code ELF XCOFF Code Parser Idiom Detector IA32 AMD64 POWER IA64 SPARC Symbol Table Disassembly Function Objects Call Graph Intra Proc CFGs Idiom Signatures Instrumentation Requests Process Control Instrumenter IA32 AMD64 POWER IA64 SPARC Code Gen IA32 AMD64 POWER IA64 SPARC Stack Walker Linux AIX Solaris Windows IA32 AMD64 POWER IA64 SPARC

– 15 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Goals of Deconstruction  Separate the key capabilities of Dyninst  Each Component Is responsible for a specific functionality Provides a general solution  Encourage sharing Share our functionality when building new tools Share functionality of other tools

– 16 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Benefits of Deconstruction  Access to the hidden features of Dyninst  Interoperability with other tools Standardized interfaces and sharing of components  Finer grain testing of Dyninst

– 17 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Benefits of Deconstruction [contd.]  Code reuse among the tool community  Make tools more portable  Unexpected benefits with new application of components

– 18 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Our Plan 1.Identify the key functionality 2.Refine and generalize the abstract interfaces to these components 3.Extract and separate the functionality from Dyninst 4.Rebuild Dyninst on top of these components 5.Create new tools Multi-platform static binary rewriter

– 19 – The Deconstruction of Dyninst: Part 1- the SymtabAPI SymtabAPI  The first component of the deconstructed Dyninst  Multi platform library for parsing symbol table information from object files  Leverages the experience and implementation gained from building the DyninstAPI

– 20 – The Deconstruction of Dyninst: Part 1- the SymtabAPI SymtabAPI Goals  Abstraction Be file format-independent  Interactivity Update data incrementally  Extensibility User-extensible data structures  Generality Parse ELF/XCOFF/PE object files On-Disk/In-Memory parsing

– 21 – The Deconstruction of Dyninst: Part 1- the SymtabAPI SymtabAPI Abstractions  Represents an object file in a canonical format  Hides the multi-platform dependences Header Modules Symbols Relocations Excp Blocks Archive Debug Info Header Modules Symbols Relocations Excp Blocks Debug Info

– 22 – The Deconstruction of Dyninst: Part 1- the SymtabAPI SymtabAPI Extensibility  Abstractions are designed to be extensible  Can annotate particular abstractions with tool specific data e.g. : Store type information for every symbol in the symbol table

– 23 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Interactivity/Extensibility SymbolAddress func1 func20x0804cd1d variable1 0x0804cc84 0x0804cd00 RegisterIs Live? R1Yes R2No R3Yes R4Yes... Type Information int Size

– 24 – The Deconstruction of Dyninst: Part 1- the SymtabAPI SymtabAPI Interface  Information from a parsed-binary is kept in run time data structures  Intuitive query-based interface e.g. findSymbolByType(name,type) Returns matching symbols  Data can then be updated by the user  Modifications available for future queries

– 25 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Query/Update/Export/Emit SymtabAPI Parse Binary Tool Query Response UpdateExport/Emit Binary Code XML New Binary

– 26 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Summary of Operations  Parse the symbols in a binary  Query for symbols  Update existing symbol information  Add new symbols  Export/Emit symbols  More details/operations in the SymtabAPI programmer’s guide

– 27 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Current Status  Released the initial version of SymtabAPI with the 5.1 release of Dyninst  Dyninst on top of SymtabAPI  XML export  Emit on Linux and AIX

– 28 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Ongoing & Future Work  Import XML  Emit a new binary on windows  Debugging information for symbols  Interfaces for the remaining components  Multi-platform static binary rewriter

– 29 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Demo  Please stop by and see our demo of stripped binary parsing with the SymtabAPI’s emit functionality on Linux Tuesday, May 1, 2007 Room No – 206 2:00 PM – 3:00 PM

– 30 – The Deconstruction of Dyninst: Part 1- the SymtabAPI Downloads  SymtabAPI  SymtabAPI Programmer’s guide  Ravipati, G., Bernat, A., Miller, B.P. and Hollingsworth, J.K., "Toward the Deconstruction of Dyninst", Technical Report

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.