1

i'm testing a tool called UROBOROS(https://github.com/s3team/uroboros) which used for reassemble(reassemble means converting binary back to integrated assembly code which is able to be assembled to binary again).

I've got an assembly code file(final.s) from UROBOROS. But when i was trying to reassemble final.s to binary via gcc, error occured as follow.

# gcc final.s -lm -ldl -lrt -lpthread -lcrypt -m64
final.s: Assembler messages:
final.s:159: Error: junk `@GLIBC_2.2.5' after expression

the insturction above is from UROBOROS. And related assembly code near is followed.

BB_23:
notify:
mov stdin@GLIBC_2.2.5,%rax
push %r14
mov %edx,%r14d
push %r13
push %r12
mov %rdi,%r12
push %rbp
push %rbx
mov %rsi,%r13
mov (%rax),%rdi
callq fileno
mov %eax,%edi
callq isatty
test %eax,%eax
jne S_0x4048F8

Note that assembly file from UROBOROS has more sections than common mannal assembly file.

Not very familiar with assembly code. Thanks for your help!

S1mple
  • 35
  • 6
  • Looks like a bug or missing featuring in that tool; it should strip the symbol-version stuff from the symbol name. There might be no way to represent it in the asm source; I think it'd `ld` that turns `stdin` into a name with glibc ABI versions info. Also, it should be `mov stdin@GOTPCREL(%rip), %rax`, not an absolute addressing mode. – Peter Cordes Mar 02 '22 at 06:02
  • i've tried the code.but other errors occured as followed. – S1mple Mar 03 '22 at 15:07
  • `/usr/bin/ld: /tmp/ccvJsPmb.o: relocation R_X86_64_32S against '.text' can not be used when making a PIE object; recompile with -fPIC` `/usr/bin/ld: error in /tmp/ccvJsPmb.o(.eh_frame); no .eh_frame_hdr table will be created.` `/usr/bin/ld: final link failed: Nonrepresentable section on output` `collect2: error: ld returned 1 exit status` – S1mple Mar 03 '22 at 15:09
  • Is there any other ways? Thanks! – S1mple Mar 03 '22 at 15:11
  • `mov stdin@GOTPCREL(%rip), %rax` shouldn't give that link error. If you don't show the code that gives the error, all I can do is point you at [32-bit absolute addresses no longer allowed in x86-64 Linux?](https://stackoverflow.com/q/43367427) and tell you to write position-independent code. As for library function calls, [Can't call C standard library function on 64-bit Linux from assembly (yasm) code](https://stackoverflow.com/a/52131094) / [x86\_64: Is it possible to "in-line substitute" PLT/GOT references?](https://stackoverflow.com/a/37444445) or `call isatty@plt` if making a PIE. – Peter Cordes Mar 03 '22 at 15:19

0 Answers0