我想知道如何将二进制调用的外部函数与其链接的共享库进行匹配。 例如,我可以看到查看反汇编文件的.plt部分的函数,我可以使用ldd(或查看ELF动态部分)找出使用过的库;但是如何将每个函数与其库匹配?
答案 0 :(得分:0)
我遵循Laszio提示,我创建了一个小的python函数,它获取二进制文件名,通过混合ldd和nm,返回一个包含外部函数及其共享库的字典。 也许这有点令人困惑,但它的工作原理:) 这是代码
def get_dynamicOBJ(filename):
p_nm = subprocess.Popen(["nm", "-D", filename], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
result_nm = p_nm.stdout.readlines()
p_ldd = subprocess.Popen(["ldd", filename], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
result_ldd = p_ldd.stdout.readlines()
dyn = {}
for nm_out in result_nm:
sym_entry = nm_out.split()
if len(sym_entry) >= 2 and sym_entry[0 if len(sym_entry) == 2 else 1] == "U":
sym = sym_entry[1 if len(sym_entry) == 2 else 2]
for lld_out in result_ldd:
lib_entry = lld_out.split()
if "=>" in lld_out and len(lib_entry) > 3: # virtual library
lib = lib_entry[2]
ls_nm = subprocess.Popen(["nm", "-D", lib], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
result_lsnm = ls_nm.stdout.readlines()
for ls_nm_out in result_lsnm:
lib_symbol = ls_nm_out.split()
if len(lib_symbol) >= 2 and lib_symbol[0 if len(lib_symbol) == 2 else 1] == "T":
if sym == lib_symbol[1 if len(lib_symbol) == 2 else 2]:
dyn[sym] = lib
return dyn