Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#54 add elf info method #90

Merged
merged 1 commit into from
Feb 28, 2024
Merged

#54 add elf info method #90

merged 1 commit into from
Feb 28, 2024

Conversation

unknown321
Copy link
Contributor

This method provides info required to build ELF file accepted by gdb:

  • machine id
  • endianness
  • bit size

It also provides:

  • image base offset to rebase symbols to their original offsets
  • ELF flags (not mandatory)
  • program name

@unknown321
mahaloz#54 add elf info method
b1cb3c7 
This method provides info required to build ELF file accepted by gdb:
  - machine id
  - endianness
  - bit size

It also provides:
  - image base offset to rebase symbols to their original offsets
  - ELF flags (not mandatory)
  - program name
@mahaloz
Copy link
Owner

mahaloz commented Feb 27, 2024

Hi @unknown321, I like the code you've added here, but I don't see it used on the client side. What exactly is the purpose of adding this api endpoint?

@unknown321
Copy link
Contributor Author

When lief-project/LIEF#213 is resolved, this endpoint could be used by client to build ELF without gcc.

Right now it is used by my client - https://github.com/unknown321/decompelf.

@mahaloz
Copy link
Owner

mahaloz commented Feb 28, 2024

Since it doesn't cause any harm, I'm for merging it. Ideally, if you learn anything about better caching in your project, I'd appreciate the backport here since you'll be the main user of this API :).

@mahaloz mahaloz merged commit 79c2376 into mahaloz:main Feb 28, 2024
2 checks passed
@unknown321
Copy link
Contributor Author

Ideally, if you learn anything about better caching in your project, I'd appreciate the backport here since you'll be the main user of this API :).

There is no need to cache on client side at all; Ghidra has all tools to build ELF by itself (most likely with DWARF).

Possible implementation:

  1. Create minimal ELF in Ghidra from .text, symtab, strtab, shstrtab sections, cache this object
  2. Update sections on any ghidra changes (can plugin watch for specific changes?)
  3. Return binary representation on /get_elf endpoint.
  4. Return changes status on /changed endpoint. If there were no changes, no need to download the binary.

In fact, you can just slap new symbols into original binary without having to recreate elf from scratch.

This solves following problems:

  • dependency on objcopy/gcc
  • multiarch issues
  • client caching
  • saves some network traffic (34Mb of xml definitions vs 7.2Mb binary in my case)
  • reduces client code to check and pull+load functions

Not sure about DWARF, but as far as I can see, Ghidra has some utility to work with it.

However, this api will be unique to Ghidra only - no idea if other decompilers can produce binary with built-in tools (angr, binja, ida).

@mahaloz
Copy link
Owner

mahaloz commented Feb 28, 2024

@unknown321 I'm not sure what your full use-case is, but maybe you would be interested in a tool more like this:
https://github.com/cesena/ghidra2dwarf

It uses the Ghidra API to actually construct a DWARF (though it relies on libdwarf to do the actual building). In general, I've stayed closer to the client machine constructing the ELF because the client may be running on a different arch than the decompiler. That is nearly always true for me at least: I debug on an x86 machine, but my host is arm.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@unknown321 @mahaloz