Producing x86 assembly code from a binary executable/C array

Question

I have a C array that contains binary x86_64 machine code, which I need to convert to assembly code on a Linux machine. I have no problem in converting the C array to a binary executable, but can't find the utility to convert it to asm code.

Any ideas?

Thanks!

linux http://stackoverflow.com/questions/5125896/how-to-disassemble-a-binary-executable-in-linux-to-get-the-assembly-code — Ciro Santilli OurBigBook.com, Apr 03 '17 at 15:43

stakx - no longer contributing · Accepted Answer · 2010-05-08T15:04:31.953

You are probably looking for a disassembler. A disassembler takes machine code (either from an executable, or from an object file) and turns it back into human-readable assembly language. If that's what you need, have a look at this list of disassemblers for Linux.

Some disassemblers that aren't listed there:

IDA Pro: Apparently one of the most powerful disassemblers. Probably overkill for your purposes.
ndisasm (accompanies the nasm assembler)

score 2 · Answer 2 · answered May 08 '10 at 14:58

2

You need a disassembler. I personally use NDISASM from the NASM package.

answered May 08 '10 at 14:58

Cromulent

3,788
4
31
41

score 0 · Answer 3 · answered May 14 '10 at 16:51

0

If you can afford to link to GPL code, you could link to libbfd and have it disassemble the array for you. Do this if you can't afford to spawn a new process that does it.

answered May 14 '10 at 16:51

Bernd Jendrissek

1,088
6
15

score 0 · Answer 4 · answered Mar 27 '17 at 08:22

The Standard disassembler on linux is a tool called objdump and has a very simple use case:

Lets say we have a simple hello world ANSI C program.

#include <stdio.h>

int main() {

   printf("Hello world!\n");
   return 0;

}

In my file called hello.c the above code is what I use. When I compile with gcc and get my hello executable, we will then use objdump to do a quick dump conversion. When using objdump -D hello we get the following output:

objdump output

objdump is very good for quick disassembly of executable portions of a C binary.

score 0 · Answer 5 · answered Dec 19 '10 at 19:08

I prefer libdisasm http://bastard.sourceforge.net/libdisasm.html, but you can always call objdump -D.

From my jitter:

#ifdef HAVE_LIBDISASM
# define LINE_SIZE 255`
char line[LINE_SIZE];
int pos = 0;
int insnsize;            /* size of instruction */
x86_insn_t insn;         /* one instruction */

x86_init(opt_none, NULL, NULL);
while ( pos < size ) {
    insnsize = x86_disasm(code, size, 0, pos, &insn);
    if ( insnsize ) {
    x86_format_insn(&insn, line, LINE_SIZE, att_syntax);
    printf("(code+%3x): ", pos);
    for ( i = 0; i < 10; i++ ) {
        if ( i < insn.size ) printf(" %02x", insn.bytes[i]);
        else printf("   ");
    }
    printf("%s\n", line);
    pos += insnsize;
    } else {
    printf("Invalid instruction at 0x%x. size=0x%x\n", pos, size);
    pos++;
    }
}
x86_cleanup();
#else
fh = fopen("run-jit.bin", "w");
    fwrite(code,size,1,fh);
    fclose(fh);
    system("objdump -D --target=binary --architecture i386"
#ifdef JIT_CPU_AMD64
           ":x86-64"
#endif
           " run-jit.bin");
#endif

Producing x86 assembly code from a binary executable/C array

5 Answers5