Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision |
info:development [2009/12/03 21:34] – restore failed mirroring moritz | info:development [2010/06/24 10:17] – eclipse moritz |
---|
set autoindent | set autoindent |
</code> | </code> |
| |
| ===== Eclipse ===== |
| For many applications, Eclipse is the best editor and IDE. See [[.:eclipse]] for more details. |
| |
===== C/C++ Development ===== | ===== C/C++ Development ===== |
To get help on C functions like ''printf'', install ''manpages-dev''. Having it installed, one can issue ''man printf'' on the console to get the function's description. | To get help on C functions like ''printf'', install ''manpages-dev''. Having it installed, one can issue ''man printf'' on the console to get the function's description. |
| |
| [[c_global_local|Variables in C]] |
| |
==== Make ==== | ==== Make ==== |
Example to disable a function call in a compiled application. Assume the binary is called ''prog'' and inside there is a call to a function that needs to be disabled. The tools required are ''objdump'', a hex editor and ''diff'' for correctness checking. | Example to disable a function call in a compiled application. Assume the binary is called ''prog'' and inside there is a call to a function that needs to be disabled. The tools required are ''objdump'', a hex editor and ''diff'' for correctness checking. |
- Disassemble the whole program: <code>$ objdump -D prog > prog.s</code> | - Disassemble the whole program: <code>$ objdump -D prog > prog.s</code> |
- Find the function call assuming it is in ''<main>'': <code>less prog.s</code> and search for ''main'': <code>/main</code> Something like this should appear: <code>080489a4 <main>: | - Find the function call assuming it is in ''<main>'': <code>less prog.s</code> and search for ''main'': <code>/main</code> Something like this should appear: <code asm>080489a4 <main>: |
80489a4: 8d 4c 24 04 lea 0x4(%esp),%ecx | 80489a4: 8d 4c 24 04 lea 0x4(%esp),%ecx |
80489a8: 83 e4 f0 and $0xfffffff0,%esp | 80489a8: 83 e4 f0 and $0xfffffff0,%esp |
- Now the code that needs to be replaced is identified, it is the byte sequence ''e8 40 0b 00 00''. Open a hex editor, and search for this sequence. It is not possible to map the addresses created by ''objdump'' to addresses in the binary file, that's why we just have to stick to do a plain search. Make sure that it is the right function call by checking that the surrounding bytes match the ones in the ''objdump'' output. | - Now the code that needs to be replaced is identified, it is the byte sequence ''e8 40 0b 00 00''. Open a hex editor, and search for this sequence. It is not possible to map the addresses created by ''objdump'' to addresses in the binary file, that's why we just have to stick to do a plain search. Make sure that it is the right function call by checking that the surrounding bytes match the ones in the ''objdump'' output. |
- Now replace ''e8 40 0b 00 00'' by ''90 90 90 90 90'', the Intel command for NOP. | - Now replace ''e8 40 0b 00 00'' by ''90 90 90 90 90'', the Intel command for NOP. |
- To test if the patch was successful, use <code>$ objdump -D prog > prog.s2 | - To test if the patch was successful, use <code bash>$ objdump -D prog > prog.s2 |
diff prog.s prog.s2</code> The output should be something like this: <code> | diff prog.s prog.s2</code> The output should be something like this: <code diff> |
< 8048a30: e8 40 0b 00 00 call 8049575 <some_function> | < 8048a30: e8 40 0b 00 00 call 8049575 <some_function> |
--- | --- |