I have a List of executables which may call a certain function. I need to find out which all execs call that function. I know I can do "strings -a " but is there some other better way to find that out. Full code is written in C.
+4
A:
You can use the nm utility in conjuction with grep to find which executables reference the symbol, like so:
nm name_of_executable | grep symbol
So, for example, if I had a list of executables that might use "strcat", I could check for that using:
for file in exectuble1 executable2 ... executableN; do
references_to_strcat=`nm "$file" | grep strcat -c`
if [ $references_to_strcat -ne 0 ] ; then
echo "$file"
fi
done
The little loop above (assuming BASH) would print out the list of all files referencing "strcat". Note that this will only tell you which executable actually linked against the symbol... there is no way that I know of to determine which executables may reference the function using dynamic loading (e.g. dlopen/dlsym/dlcose).
Note that if you have the source code, and not just the executables, you can use Doxygen to generate a complete call graph (in addition to documentation) for your source code, so that is another possibility.
Michael Aaron Safyan
2010-04-12 06:38:28
You fundamentally cannot determine what the arguments of each `dlopen()` call will be. A program could in theory read the arguments to `dlopen` from standard input.
MSalters
2010-04-13 12:45:12
@MSalters, I agree. That is why I do not know any way to determine which executables reference the function using dynamic loading. In theory, though, one could determine if the parameters to dlopen()/dlsym() are compile-time constants (or inferrable from compile-time constants) or whether they are generated in a way that depends on user input. I don't know of a good way to do that, though. In the case where it is generated from user input, one could also theoretically determine whether the particular function name can be constructed (does validation prevent that name), etc.
Michael Aaron Safyan
2010-04-13 23:46:59
A:
As a variation of Michael Aaron Safyan's, you can use 'objdump -d' to generate an assembler listing of the file. You can then 'grep -wn' to determine the line numbers in your assembly listing where the desired function call occurs. Once you have the line numbers, you can view your listing and determine the function/routine in which they are called/used, and how they are used (called, branched to, pushed onto the stack, ...).
Hope this helps.
Peter
Sparky
2010-04-12 10:40:20