23

I have a stripped binary and symbol-file. Is it possible to add the symbols back to binary and create an unstripped binary.

My use-case is using this binary w/ valgrind.

Qix - MONICA WAS MISTREATED
  • 14,451
  • 16
  • 82
  • 145
cached
  • 569
  • 1
  • 7
  • 14

3 Answers3

17

For those tools that do not support separate files for debug information, you can glue the debug sections back to the original binary.

You can do something along these lines, for example:

  • First build a small program that efficiently extracts an arbitrary chunk from a file

    (note that dd will not do this efficiently as we'd have to use bs=1 to support an arbitrary offset and length, and objcopy -O binary does not copy sections that are not ALLOC, LOAD)

    cat <<EOF | gcc -xc -o ./mydd -
#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/stat.h>
#include <unistd.h>
#include <macros.h>

char buf[1024*1024];

int main(int argc, char** argv) {
  char    *fin, *fout;
  int     fdin, fdout;
  off_t   off;
  size_t  len;
  ssize_t rd;
  int     status;

  if (argc != 5) {
    fprintf(stderr, "Usage: %s fin skip count fout\n", argv[0]);
    return 1;
  }

  fin   = argv[1];
  off   = strtoul(argv[2], NULL, 0);
  len   = strtoul(argv[3], NULL, 0);
  fout  = argv[4];
  fdin  = -1;
  fdout = -1;

  if ((fdin  = open(fin,  O_RDONLY)) < 0) {
    status = errno;
    perror(fin);
  } else if ((fdout = open(fout, O_WRONLY|O_TRUNC|O_CREAT, 0660)) < 0) {
    status = errno;
    perror(fout);
  } else if (lseek(fdin, off, SEEK_SET) == (off_t)-1) {
    status = errno;
    perror("Seeking input");
  } else {
    while (len > 0 && (rd = read(fdin, buf, min(len, sizeof(buf)))) > 0) {
      if (write(fdout, buf, rd) != rd) {
        /*don't bother with partial writes or EINTR/EAGAIN*/
        status = errno;
        perror(fin);
        break;
      }
      len -= rd;
    }
    if (rd < 0) {
      status = errno;
      perror(fin);
    }
  }
  if (fdin >= 0)  close(fdin);
  if (fdout >= 0) close(fdout);
  return status;
}
EOF

  • Finally, extract the .debug sections and glue them to the stripped binary.

    objcopy `
    objdump -h program.dbg  |
    awk '$2~/^\.debug/' |
    while read idx name size vma lma off algn ; do
        echo "$name" >&2
        echo " --add-section=$name=$name.raw"
        ./mydd program.dbg 0x$off 0x$size $name".raw"
    done
` program program_with_dbg
Community
  • 1
  • 1
vladr
  • 65,483
  • 18
  • 129
  • 130
8

elfutils comes with the tool eu-unstrip which can be used to merge symbol files with executables. The result can then be used in place of the stripped version.

the8472
  • 40,999
  • 5
  • 70
  • 122
  • For anyone else that made the same mistake as myself, the man page is not the best and an interesting decision was made. "The first form puts the result in DEBUG-FILE if -o was not given." If you just provide the stripped from .so file, followed by the stripped to .so.debug file, the ultimate result is placed into the .so.debug file. I think it's safe to say almost anyone would expect the combined symbols to go back into the stripped from .so file. Or maybe their use of 'STRIPPED-FILE' is ambiguous as to 'stripped from' or 'stripped into'? – JoeManiaci Jul 22 '22 at 19:30
  • 1
    For reference: `eu-unstrip binary binary.dbg` : binary.dbg now has both the binary and debug symbols – Étienne Jan 26 '23 at 15:22
5

Valgrind supports separate debug files, so you should use the answer here, and valgrind should work properly with the externalized debug file.

Community
  • 1
  • 1
Anya Shenanigans
  • 91,618
  • 3
  • 107
  • 122