bash - How to disassemble line by line from stdin? -
my program output encoded instructions this :
0x81fb4300000090 0x69fc4300000090 0x81fc4300000090 0x69fd4300000090 0x81fd4300000090 0x69fe4300000090 0x81fe4300000090 0x69ff4300000090 0x81ff4300000090 0x00054400000090 0x01054400000090 0x02054400000090 0x03054400000090 0x08054400000090 0x09054400000090 0x0a054400000090 0x0b054400000090 0x10054400000090 0x11054400000090 0x12054400000090 0x13054400000090 0x18054400000090 0x19054400000090 0x1a054400000090 0x1b054400000090 0x20054400000090 0x21054400000090 0x22054400000090 0x23054400000090 0x28054400000090 0x29054400000090 0x2a054400000090 0x2b054400000090 0x30054400000090 0x31054400000090 0x32054400000090 0x33054400000090 0x38054400000090 0x39054400000090 0x3a054400000090 0x3b054400000090 0x40054400000090 0x41054400000090 0x42054400000090 0x43054400000090 0x44054400000090 0x45054400000090 0x46054400000090 0x47054400000090
where each lines above independent set of instructions , need disassembled separate programs. each line contains 7 bytes of instructions. can output them in binary directly, ***in case, every block of 7 bytes need disassembled separately.
in bash script run program, want filter out lines contains static jumps.
so, how disassemble each lines separately stdin ? (i want ./my_c_program | the_disassembler | grep loopne
)
tried objdump, refuse use /dev/stdin
input file.
since slow fork disassembler each line, need way separate 1 stream of disassembler output.
un-hexdump input using xxd -r
, , pipe through disassembler, , pipe disassembler output perl program or something. or grep-with-context: grep -c8 loopne
print 8 surrounding lines when match found.
to aid in separating output separate records: maybe add kind of sentinel (like ud2 instruction) doesn't appear in of lines. since sequences might not end on instruction boundary, sentinel 90 90 90 90 90 90 90 90 90 0f 0b
should safely soak bytes. that's 9 bytes of nops, in case sequence ends start of instruction looking imm32 , disp32 part of addressing mode. (and 9th nop measure, since didn't check 0x90 means modrm or sib byte).
if sequences same number of bytes, use address ranges.
and btw, i'd suggest perl make easy take multiple lines group can pattern match on.
if need efficient, need make sure can separate output of 1 disassembler stream separate blocks, or else need embed disassembler process generates these lines (and not print them ascii strings in first place).
there's no completely-general way that's fast. can't have cake , eat too. if problem, you're going have make number-generating program know more x86 machine code.
the other option can see create object file symbols marking start of each block, mean feeding whole thing through assembler, after turning each line like:
label1234: dq 0x11054400000090
this option seems bad, haven't tried solve byte-order issues. uses lot of memory, since x86 assemblers not one-pass, , aren't designed assembling massive amounts of data no jump instructions require picking short or long encoding.
Comments
Post a Comment