Andes Workshop

It is currently Sat Jul 11, 2020 10:09 am

All times are UTC + 8 hours [ DST ]




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: 比對memory內容及程式碼的差異
PostPosted: Fri Dec 23, 2011 7:17 am 
Offline
User avatar

Joined: Fri Mar 04, 2011 9:36 pm
Posts: 500
如果download到memory裡的程式有誤,
程式的執行一定不正確。
我們用比對的方式,驗證load進去的code與原始的內容是否相同。

(1) 把memory的內容dump出來。
用Andesight裡的memory view的export功能
記得先在gdb command view裡打 set trust-readonly-sections off
讀出來的memory才是真實的內容。
type要選擇RAW binary
Attachment:
export.gif
export.gif [ 19.68 KiB | Viewed 5363 times ]

用hex editor(16進位檔案編輯器)可以讀檔,例如下面我用pspad開啟檔案
Attachment:
pspad.gif
pspad.gif [ 26.07 KiB | Viewed 5363 times ]


(2)從*.adx檔(elf檔),把程式剪出來..
舉個例子..下面.nds32_init的起始點為.adx檔的0x1000開始。(請看File offset)
Attachment:
adx.gif
adx.gif [ 26.31 KiB | Viewed 5363 times ]

Sections:
Idx Name Size VMA LMA File off Algn
0 .nds32_init 00000004 00500000 00500000 00001000 2**0
CONTENTS, ALLOC, LOAD, READONLY, CODE
1 .init 00000004 00500004 00500004 00001004 2**0
CONTENTS, ALLOC, LOAD, READONLY, CODE
2 .text 00001dd8 00500010 00500010 00001010 2**4
CONTENTS, ALLOC, LOAD, READONLY, CODE
3 .rodata 00000020 00501de8 00501de8 00002de8 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA

剛才找到這個編輯器滿好用的。
Cygnus Hex Editor 官網如下,要抓Cygnus Hex Editor,非Free版才有這個功能
http://www.softcircuits.com/cygnus/
下面是刪除0~0x1000內容的步驟
Attachment:
del1.gif
del1.gif [ 14.41 KiB | Viewed 5360 times ]

Attachment:
del2.gif
del2.gif [ 35.5 KiB | Viewed 5360 times ]



(3)比對hex檔案的內容,下面是我比對結果的截圖
Attachment:
cyg.gif
cyg.gif [ 41.68 KiB | Viewed 5361 times ]


Top
 Profile Send private message E-mail  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC + 8 hours [ DST ]


Who is online

Users browsing this forum: Google [Bot] and 10 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group