tags:

views:

64

answers:

3
+2  Q: 

How can I debug a binary that has no debugging symbols?

I have an executable that remained from a previous programmer ( and no source code is available ). The thing is, it started to work kind of buggy and I'm trying to figure out why. The tool reads data from somewhere and populates a combobox with it. Is there anyway I could debug it, and see where is it getting the data from?

What tool can do this? Do you have some examples on doing this?

+5  A: 

There's a whole palette of tools in the SysInternals suite, formerly by Mark Russinovich, now on Microsoft's Web site (still free, I think). There's something called FileMonProcessMonitor, for example, which tracks opening and closing files, and probably also reading (and more).

There are also similar tools for monitoring network/Internet access.

These tools let you look at many aspects of the program from a "black box" perspective, i.e. without going into source or machine code - just seeing what it does.

Carl Smotricz  2010-01-19 08:35:46
FileMon is retried, they now the a tool called ProcessMonitor which monitors both file system and registry. using these tools is a good way to go to put out the immediate fire. but for long run you should aim to replace this non maintainable magic executable
Alon  2010-01-19 08:41:50
Thanks for the update! And yes, I agree about getting rid of the liability. But in a company environment this may be hard.
Carl Smotricz  2010-01-19 08:54:38
Thanks! This helped us figure it out.
Geo  2010-01-19 09:58:42
+1  A: 

As you have the "windows" tag, maybe this is not a useful answer, but on an unix-like environment I would first try the "truss" command, or, on linux, the "strace" command, before attempting to debug the program, to check what system calls does the binary use, and try to find were that data comes from.

Maybe you can try using "strace" from Cygwin, although that's maybe not useful for a "pure" windows program.

Another, maybe better option in windows could be this other tool.

I hope some of that helps.

machielo  2010-01-19 09:03:02
+1  A: 

Since you haven't told us the original language or IDE it's difficult to give advice. If the original was written in C/C++ and you have a matching PDB (Program DataBase) file from that build, then you can debug the release with function names visible just by loading the exe into visual studio and single-stepping into it. Otherwise you're stuck entirely in assembler-land, which is about as much fun as root canal work without an anaesthetic.

But if you don't have the source then (a) you probably don't have the PDB either and (b) if you don't have the source, what are you going to do about any bug you find? Are you hoping that the problem has an external cause?

Bob Moore  2010-01-19 09:29:20
Yeah, that was what we initially thought. Turns out we were wrong.
Geo  2010-01-19 14:17:18

related questions

Verifying files for testing
How do you create your own moniker (URL Protocol) on Windows systems?
Windows Equivalent of 'nice'
Is this a good way to determine OS Architecture?
Dual vs. Quadcore on a Webserver
Is there a WMI Redistributable Package?
PHP Error - Uploading a file
Ruby On Rails with Windows Vista - Best Setup?
OpenVPN Config file to prevent timeout
How can I create Debian install packages in Windows for a Visual Studio project?
How do I configure and communicate with a serial port?
What's the best setup for Mono development on Windows?
Appropriate pagefile size for SQL Server
XML Editing/Viewing Software
Linux shell equivalent on IIS
What is a better file copy alternative than the Windows default?
Windows Help files - what are the options?
Heap corruption under Win32; how to locate?
Best way to access Exchange using PHP?
Get a preview jpeg of a pdf on windows?
WinForms ComboBox data binding gotcha
How do you schedule tasks in Windows?
Register Windows program with the mailto protocol programmatically
Embedding Windows Media Player for all Browsers
Best Subversion clients for Windows Vista (64bit)