RFC: Prevent disassembly beyond symbolic boundaries
Nick Clifton
nickc@redhat.com
Thu Jun 18 16:40:00 GMT 2015
Hi Guys,
Currently objdump will disassemble beyond a symbolic boundary if it
needs extra bytes to decode an instruction. For example (with x86):
.file "foo.c"
.text
.globl foo
.type foo, @function
foo:
.byte 0x24
.byte 0x2f
.byte 0x83
.size foo, .-foo
.globl bar
.type bar, @function
bar:
.byte 0x0f
.byte 0xba
.byte 0xe2
.byte 0x03
.size bar, .-bar
This will disassemble as:
0000000000000000 <foo>:
0: 24 2f and $0x2f,%al
2: 83 0f ba orl $0xffffffba,(%rdi)
0000000000000003 <bar>:
3: 0f ba e2 03 bt $0x3,%edx
Note how the instruction decoded at address 0x2 has stolen two bytes
from "foo", but these bytes are also decoded (correctly this time) as
part of the first instruction of foo.
I have a patch (attached) which changes this behaviour, so that the
disassembly would be:
0: 24 2f and $0x2f,%al
2: 83 .byte 0x83
00000003 <bar>:
3: 0f ba e2 03 bt $0x3,%edx
The patch works by adding an extra field to the end of the
disassemble_info structure, setting it inside objdump's
disassemble_bytes function and then checking it in the opcode
library's buffer_read_memory function. This means that other users of
the opcodes library will not be affected by the change.
The patch makes sure to only enable this feature when disassembling
code sections, data sections are unaffected. I have omitted adding a
new test for the feature since the gas/i386/x86_64-opcode-inval test
already covers this.
What do people think ? To me this seems like a good idea, but I
willing to consider alternative suggestions if people have them.
Cheers
Nick
PS. The patch only affects objdump. So if you disassemble a binary
using GDB for example, the old behaviour will still be seen. Changing
GDB's behaviour is possible, although it would be quite a big
job as there are lots of different places where the disassembler part
of the opcodes library is called and memory is read.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: objdump-disassemble-limit.patch
Type: text/x-patch
Size: 12089 bytes
Desc: not available
URL: <http://sourceware.org/pipermail/gdb-patches/attachments/20150618/936afae9/attachment.bin>
More information about the Gdb-patches
mailing list