如何找出程序或其他库使用了共享对象的哪些函数?

发布于 2024-10-19 05:26:40 字数 240 浏览 6 评论 0原文

如何找出程序或其他库使用了共享对象的哪些函数? 在这种特定情况下,我想查看 /lib/libgcc1_s.so.1 中的哪些函数被其他动态库使用。 由于它们是动态链接的,因此 objdump -d 不会解析函数调用地址。 有没有办法在调试器中运行程序或静态重新链接? 谢谢,

Luca

编辑:

nm 和 readelf 不会这样做,我不需要查看共享对象中存在哪些符号,但实际上在链接到它的其他对象中使用了哪些符号。

How do I find out which functions of a shared object are used by a program or an other library?
In this specific case, I would like to see which functions in /lib/libgcc1_s.so.1 are used by an other dynamic library.
Since they are dynamically linked, objdump -d doesn't resolve the function call addresses.
Is there a way short of running the program in a debugger or relinking statically?
Thanks,

Luca

Edit:

nm and readelf won't do, I don't need to see which symbols are present in a shared object, but which are actually used in an other object that links to it.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(5

半衬遮猫 2024-10-26 05:26:40

nm 仅在库未删除其符号的情况下才有效。但是,nm -D 可以向您显示一些信息:

nm -D /lib/libgcc_s.so.1

但是还有另一个工具可以帮助您:readelf

readelf - 显示有关的信息
ELF 文件。

如果您检查手册页,选项-s显示文件的符号表部分中的条目(如果有)。

readelf -s /lib/libgcc_s.so.1

编辑:

好吧,在您使用 nm 检查的对象内部未实现的符号将在其前面显示一个 U 标志,但 nm 不会告诉您系统上的哪个库实现了该符号。

因此,您所寻找的可能可以通过 lddnm 的混合来实现。 ldd 告诉您的应用程序链接到哪些库,nm 告诉哪些符号未定义(U 标志)或本地实现(T 标志)。

列出目标应用程序上所有未定义的符号(使用 nm)后,您应该迭代 ldd 报告的所有库以搜索这些符号(再次使用 nm)。如果您找到该符号并且其前面有 T 标志,那么您就找到了它。

顺便说一下,我刚刚写了这个bash 的一句话来说明我的想法。它分析一个名为 win 的应用程序,并尝试查找实现所有报告为未定义符号的库。

target="win"; for symbol in $(nm -D $target | grep "U " | cut -b12-); do for library in $(ldd $target | cut -d ' ' -f3- | cut -d' ' -f1); do for lib_symbol in $(nm -D $library | grep "T " | cut -b12-); do if [ $symbol == $lib_symbol ]; then echo "Found symbol: $symbol at [$library]"; fi ; done; done; done;

或者,如果您的终端支持颜色:

target="win"; for symbol in $(nm -D $target | grep "U " | cut -b12-); do for library in $(ldd $target | cut -d ' ' -f3- | cut -d' ' -f1); do for lib_symbol in $(nm -D $library | grep "T " | cut -b12-); do if [ $symbol == $lib_symbol ]; then echo -e "Found symbol: \e[1;36m$symbol\033[0m at \e[1;34m$library\033[0m"; fi ; done; done; done;

我相信有人会发现性能改进。

输出:

Found symbol: XCreateColormap at [/usr/lib/libX11.so.6]
Found symbol: XCreateWindow at [/usr/lib/libX11.so.6]
Found symbol: XIfEvent at [/usr/lib/libX11.so.6]
Found symbol: XMapWindow at [/usr/lib/libX11.so.6]
Found symbol: XOpenDisplay at [/usr/lib/libX11.so.6]
Found symbol: __libc_start_main at [/lib/tls/i686/cmov/libc.so.6]
Found symbol: __stack_chk_fail at [/lib/tls/i686/cmov/libc.so.6]
Found symbol: glClear at [/usr/lib/mesa/libGL.so.1]
Found symbol: glClearColor at [/usr/lib/mesa/libGL.so.1]
Found symbol: glFlush at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXChooseFBConfig at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXChooseVisual at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXCreateContext at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXCreateNewContext at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXCreateWindow at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXGetVisualFromFBConfig at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXMakeContextCurrent at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXMakeCurrent at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXQueryVersion at [/usr/lib/mesa/libGL.so.1]

nm will only work if the library wasn't stripped of its symbols. However, nm -D could show you some info:

nm -D /lib/libgcc_s.so.1

But there's another tool which can help you: readelf

readelf - Displays information about
ELF files.

And if you check the man pages, option -s: Displays the entries in symbol table section of the file, if it has one.

readelf -s /lib/libgcc_s.so.1

EDIT:

Well, symbols that are not implemented inside the object you are inspecting with nm will appear with a U flag in front of it, but nm won't tell you which library on your system implements that symbol.

So what you are looking for can probably be achieved with a mixture of ldd and nm. ldd tells which libraries your application is linked with, and nm tells which symbols are undefined (U flag) or implemented locally (T flag).

After listing all the undefined symbols (with nm) on the target application, you should iterate through all libraries reported by ldd in search of those symbols (using nm again). If you find the symbol and it's preceded by the T flag, you found it.

By the way, I just wrote this one-liner for bash to illustrate my idea. It analyses an application named win and tries to find the libraries that implement all the symbols reported as undefined.

target="win"; for symbol in $(nm -D $target | grep "U " | cut -b12-); do for library in $(ldd $target | cut -d ' ' -f3- | cut -d' ' -f1); do for lib_symbol in $(nm -D $library | grep "T " | cut -b12-); do if [ $symbol == $lib_symbol ]; then echo "Found symbol: $symbol at [$library]"; fi ; done; done; done;

Or, if your terminal supports colors:

target="win"; for symbol in $(nm -D $target | grep "U " | cut -b12-); do for library in $(ldd $target | cut -d ' ' -f3- | cut -d' ' -f1); do for lib_symbol in $(nm -D $library | grep "T " | cut -b12-); do if [ $symbol == $lib_symbol ]; then echo -e "Found symbol: \e[1;36m$symbol\033[0m at \e[1;34m$library\033[0m"; fi ; done; done; done;

I'm sure someone will find a performance improvement.

Outputs:

Found symbol: XCreateColormap at [/usr/lib/libX11.so.6]
Found symbol: XCreateWindow at [/usr/lib/libX11.so.6]
Found symbol: XIfEvent at [/usr/lib/libX11.so.6]
Found symbol: XMapWindow at [/usr/lib/libX11.so.6]
Found symbol: XOpenDisplay at [/usr/lib/libX11.so.6]
Found symbol: __libc_start_main at [/lib/tls/i686/cmov/libc.so.6]
Found symbol: __stack_chk_fail at [/lib/tls/i686/cmov/libc.so.6]
Found symbol: glClear at [/usr/lib/mesa/libGL.so.1]
Found symbol: glClearColor at [/usr/lib/mesa/libGL.so.1]
Found symbol: glFlush at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXChooseFBConfig at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXChooseVisual at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXCreateContext at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXCreateNewContext at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXCreateWindow at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXGetVisualFromFBConfig at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXMakeContextCurrent at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXMakeCurrent at [/usr/lib/mesa/libGL.so.1]
Found symbol: glXQueryVersion at [/usr/lib/mesa/libGL.so.1]
走走停停 2024-10-26 05:26:40

您看过 ltrace 吗?它在运行时拦截对共享库函数的调用,并在它们发生时打印有关它们的信息。

由于这是一个动态解决方案,因此它不会打印在程序中从未执行的部分中进行的库调用的任何信息。但根据您的需要,它可能仍然有帮助。

Have you looked at ltrace? It intercepts calls to shared library functions at runtime and prints information about them as they occur.

Since this is a dynamic solution, it wouldn't print any information for a library call made in part of your program that never gets executed. But it might still be helpful depending on your needs.

风筝有风,海豚有海 2024-10-26 05:26:40

我不知道,即使是 nm 对于您似乎想要的用途来说也是有限的。此外,(GNU 链接器的)预加载可能会使您在使用据称可以做到这一点的工具后所做的任何假设无效。请参阅 ld.so 手册页。任何人都可以使用 LD_PRELOAD 来覆盖正常情况下发生的符号解析。

但是,即使没有调试器,您也可以使用 LD_DEBUG 来查看最终使用的是哪个函数。

I'm not aware of one, even nm is of limited use for what you seem to intend. Also, preloading (of the GNU linker) could invalidate any assumptions you make after using a tool that purportedly could do that. See the ld.so man page. LD_PRELOAD can be used by anyone to override the resolution of symbols as it would occur under normal circumstances.

However, even without a debugger you can use LD_DEBUG to see which function ultimately is being used.

时光暖心i 2024-10-26 05:26:40

也许 nm 工具可以帮助您,因为它显示二进制文件中包含的符号名称。
使用起来就像ABC一样简单:

nm my_binary

Maybe the nm tool can help you since it displays the symbols' names contained in a binary file.
It is as simple as ABC to use:

nm my_binary
提笔落墨 2024-10-26 05:26:40

这可以使用逆向工程中称为静态分析的技术来实现,

为此您需要一个反汇编程序。请参阅http://en.wikipedia.org/wiki/Disassembler

IDA PRO 是一个很好的反汇编程序回答你的问题。它能够读取 ELF 文件格式,但不幸的是它不是免费的。

This can be achieved using technique called static analysis in Reverse Engineering

You need a Disassembler for this. See http://en.wikipedia.org/wiki/Disassembler

IDA PRO is a good disassembler witch answers your question.It is capable of reading ELF file format but unfortunately it is not free.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文