By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
443,795 Members | 1,666 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 443,795 IT Pros & Developers. It's quick & easy.

How to disassemble with objdump and recompile the program ?

P: n/a
Anyone have hints for me on how I can disassemble a binary file using
objdump, do some modifications and then recompile everything ?

thanks,
--Ben
Dec 6 '07 #1
Share this Question
Share on Google+
11 Replies


P: n/a
Benoit Lefebvre wrote:
Anyone have hints for me on how I can disassemble a binary file using
objdump, do some modifications and then recompile everything ?
No. This cannot be done. Disassembly gives you assembler code which a C
compiler cannot compile. Also often disassembly is very difficult to
figure out and modifications might lead to errors. If source is not
accessible and you must modify the binary then ask in a platform
specific group. For example if you are disassembling x86 machine code
ask in <news:comp.lang.asm.x86or <news:alt.lang.asm>.

Dec 6 '07 #2

P: n/a
On Dec 6, 9:51 pm, Benoit Lefebvre <benoit.lefeb...@gmail.comwrote:
Anyone have hints for me on how I can disassemble a binary file using
objdump, do some modifications and then recompile everything ?
How about something like this? You could easily enhance it to report
any errors that occur.

#include <stdio.h>

int main(void)
{
FILE *fp, *fq;
int c;
if(fp=fopen("progname", "rb")) {
if(fq=fopen("progname-new", "wb")) {
while((c=fgetc(fp))!=EOF) {
c ^= 0x42; /* <--- supply the desired modification here */
if(fputc(c, fq)==EOF)
break;
}
fclose(fq);
}
fclose(fp);
}
return 0;
}
>
thanks,
You're welcome.
--Ben
Dec 6 '07 #3

P: n/a
On Dec 6, 4:55 pm, santosh <santosh....@gmail.comwrote:
Benoit Lefebvre wrote:
Anyone have hints for me on how I can disassemble a binary file using
objdump, do some modifications and then recompile everything ?

No. This cannot be done. Disassembly gives you assembler code which a C
compiler cannot compile. Also often disassembly is very difficult to
figure out and modifications might lead to errors. If source is not
accessible and you must modify the binary then ask in a platform
specific group. For example if you are disassembling x86 machine code
ask in <news:comp.lang.asm.x86or <news:alt.lang.asm>.
And... can't an asm compiler recompile the code ?
Dec 7 '07 #4

P: n/a
Benoit Lefebvre wrote:
On Dec 6, 4:55 pm, santosh <santosh....@gmail.comwrote:
>Benoit Lefebvre wrote:
Anyone have hints for me on how I can disassemble a binary file
using objdump, do some modifications and then recompile everything
?

No. This cannot be done. Disassembly gives you assembler code which a
C compiler cannot compile. Also often disassembly is very difficult
to figure out and modifications might lead to errors. If source is
not accessible and you must modify the binary then ask in a platform
specific group. For example if you are disassembling x86 machine code
ask in <news:comp.lang.asm.x86or <news:alt.lang.asm>.

And... can't an asm compiler recompile the code ?
It could, but that's off-topic here.

Dec 7 '07 #5

P: n/a
santosh wrote:
>
Benoit Lefebvre wrote:
On Dec 6, 4:55 pm, santosh <santosh....@gmail.comwrote:
Benoit Lefebvre wrote:
Anyone have hints for me on how I can disassemble a binary file
using objdump, do some modifications and then recompile everything
?

No. This cannot be done. Disassembly gives you assembler code which a
C compiler cannot compile. Also often disassembly is very difficult
to figure out and modifications might lead to errors. If source is
not accessible and you must modify the binary then ask in a platform
specific group. For example if you are disassembling x86 machine code
ask in <news:comp.lang.asm.x86or <news:alt.lang.asm>.
And... can't an asm compiler recompile the code ?
Assuming the disassembler got everything correct, perhaps. But,
I doubt that it would generate code that could be modified and
then properly recompiled without considerable effort, in all but
the simplest of programs.

Consider a simple disassembly of:

push 0x1234

Is "0x1234" a constant, or the address of a variable?
It could, but that's off-topic here.
"What he said."

(And why has no one brought up the "cow from hamburger" analogy yet?)

--
+-------------------------+--------------------+-----------------------+
| Kenneth J. Brody | www.hvcomputer.com | #include |
| kenbrody/at\spamcop.net | www.fptech.com | <std_disclaimer.h|
+-------------------------+--------------------+-----------------------+
Don't e-mail me at: <mailto:Th*************@gmail.com>

Dec 7 '07 #6

P: n/a
Kenneth Brody wrote:
santosh wrote:

Benoit Lefebvre wrote:
On Dec 6, 4:55 pm, santosh <santosh....@gmail.comwrote:
>Benoit Lefebvre wrote:
Anyone have hints for me on how I can disassemble a binary file
using objdump, do some modifications and then recompile everything
?
>>
>No. This cannot be done. Disassembly gives you assembler code which a
>C compiler cannot compile. Also often disassembly is very difficult
>to figure out and modifications might lead to errors. If source is
>not accessible and you must modify the binary then ask in a platform
>specific group. For example if you are disassembling x86 machine code
>ask in <news:comp.lang.asm.x86or <news:alt.lang.asm>.
>
And... can't an asm compiler recompile the code ?

Assuming the disassembler got everything correct, perhaps. But,
I doubt that it would generate code that could be modified and
then properly recompiled without considerable effort, in all but
the simplest of programs.

Consider a simple disassembly of:

push 0x1234

Is "0x1234" a constant, or the address of a variable?
Correct me if I'm wrong; I've never used one - but wouldn't "push
0x1234" be the output from a disassember, rather than the input? I
thought a disassembler is something which takes machine code and
converts it to corresponding assembler code. As such it should be a
perfectly straightforward task to reassemble the results.

I think what you (and the OP) are thinking about is a decompiler:
something that takes assembly language and converts it into a high-
level language like C. That would run into precisely the problems you
mention.
Dec 7 '07 #7

P: n/a
Benoit Lefebvre wrote:
santosh <santosh....@gmail.comwrote:
>Benoit Lefebvre wrote:
>>Anyone have hints for me on how I can disassemble a binary file
using objdump, do some modifications and then recompile everything ?

No. This cannot be done. Disassembly gives you assembler code
which a C compiler cannot compile. Also often disassembly is
very difficult to figure out and modifications might lead to
errors. If source is not accessible and you must modify the
binary then ask in a platform specific group. For example if
you are disassembling x86 machine code ask in
<news:comp.lang.asm.x86or <news:alt.lang.asm>.

And... can't an asm compiler recompile the code ?
No such thing exists. Assemblers 'assemble' from assembly source
code, which code describes each individual machine instruction.
The assembly language is different for every type of CPU, and often
for various sub-types. Assembly language is not written to be
understandable to the reader, but to the computer. (Although good
assembly language programmers can make assembly code
understandable)

--
Chuck F (cbfalconer at maineline dot net)
<http://cbfalconer.home.att.net>
Try the download section.

--
Posted via a free Usenet account from http://www.teranews.com

Dec 8 '07 #8

P: n/a
ja*********@verizon.net wrote:
Kenneth Brody wrote:
>santosh wrote:
>
Benoit Lefebvre wrote:

On Dec 6, 4:55 pm, santosh <santosh....@gmail.comwrote:
Benoit Lefebvre wrote:
Anyone have hints for me on how I can disassemble a binary
file using objdump, do some modifications and then recompile
everything ?

No. This cannot be done. Disassembly gives you assembler code
which a C compiler cannot compile. Also often disassembly is
very difficult to figure out and modifications might lead to
errors. If source is not accessible and you must modify the
binary then ask in a platform specific group. For example if you
are disassembling x86 machine code ask in
<news:comp.lang.asm.x86or <news:alt.lang.asm>.

And... can't an asm compiler recompile the code ?

Assuming the disassembler got everything correct, perhaps. But,
I doubt that it would generate code that could be modified and
then properly recompiled without considerable effort, in all but
the simplest of programs.

Consider a simple disassembly of:

push 0x1234

Is "0x1234" a constant, or the address of a variable?

Correct me if I'm wrong; I've never used one - but wouldn't "push
0x1234" be the output from a disassember, rather than the input?
It is output. A disassembler often interprets the machine code literally
and thus can generate instructions that the original source did not
have. Additionally symbols and type information are likely to be lost.
The disassembly could even come out erroneously for a reasonably
complex program.

Just try to disassemble a hello world C++ program and assemble it back
to an executable in a suitable assembler (that understands the
disassembler's output syntax) and run it. Sometimes the reassembly will
fail, while often when it succeeds the program run erroneously.

The <news:alt.lang.asmand <news:comp.lang.asm.x86newsgroups have had
a lot of detailed discussions on disassembly and related topics. For
anyone interested (specifically the OP) a Google search of those groups
will be useful.

As this is totally OT to this group, I'll stop here.

<snip>

Dec 8 '07 #9

P: n/a
[snips]

On Fri, 07 Dec 2007 11:45:18 -0800, jameskuyper wrote:
>Consider a simple disassembly of:

push 0x1234

Is "0x1234" a constant, or the address of a variable?

Correct me if I'm wrong; I've never used one - but wouldn't "push
0x1234" be the output from a disassember, rather than the input?
I think he might have skipped some context. Consider two possible
disassemblies of the equivalent of a "Hello, world" program:

; Listing one
txt db 'Hello, world'

..main
load reg, offset_of txt
push reg
call .printf

; Listing two
txt db 'Hello, world'

..main
push 0x1234 ; address of 'Hello, world'
call 0x3917 ; address of printf
Each is a perfectly reasonable disassembling; one of 'em ain't gonna work
on re-assembling, unless every single byte is in exactly the right spot,
which even in assembly is not necessarily gonna happen, particularly if
the reason for disassembling was to fix/add/alter the code somehow.
Dec 9 '07 #10

P: n/a
Kenneth Brody wrote:
Consider a simple disassembly of:

push 0x1234

Is "0x1234" a constant, or the address of a variable?
The concepts of "address" and "constant",
aren't mutually exclusive.

N869
6.6 Constant expressions

[#9] An address constant is a null pointer, a pointer to an
lvalue designating an object of static storage duration, or
to a function designator;

--
pete
Dec 9 '07 #11

P: n/a
pete wrote:
>
Kenneth Brody wrote:
Consider a simple disassembly of:

push 0x1234

Is "0x1234" a constant, or the address of a variable?

The concepts of "address" and "constant",
aren't mutually exclusive.

N869
6.6 Constant expressions

[#9] An address constant is a null pointer, a pointer to an
lvalue designating an object of static storage duration, or
to a function designator;
However, in the OPs case of wanting to disassemble, modify,
reassemble, it makes a big difference. Consider:

foo(&x);
bar(0x1234);

If &x==0x1234, it is quite possible to see this as a disassembly:

push 0x1234
call foo
push 0x1234
call bar

--
+-------------------------+--------------------+-----------------------+
| Kenneth J. Brody | www.hvcomputer.com | #include |
| kenbrody/at\spamcop.net | www.fptech.com | <std_disclaimer.h|
+-------------------------+--------------------+-----------------------+
Don't e-mail me at: <mailto:Th*************@gmail.com>
Dec 10 '07 #12

This discussion thread is closed

Replies have been disabled for this discussion.