Date: Wed, 26 Mar 2003 07:16:37 -0600 From: D J Hawkey Jr <hawkeyd@visi.com> To: Simon Barner <barner@in.tum.de> Cc: security at FreeBSD <freebsd-security@freebsd.org> Subject: Re: what actually uses xdr_mem.c? Message-ID: <20030326071637.A17385@sheol.localdomain> In-Reply-To: <20030326130056.GD657@zi025.glhnet.mhn.de>; from barner@in.tum.de on Wed, Mar 26, 2003 at 02:00:56PM %2B0100 References: <Pine.LNX.4.43.0303252144400.21019-100000@pilchuck.reedmedia.net> <20030326102057.GC657@zi025.glhnet.mhn.de> <20030326061041.A17052@sheol.localdomain> <20030326130056.GD657@zi025.glhnet.mhn.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mar 26, at 02:00 PM, Simon Barner wrote:
>
> As far as I understood your script, it scans the output of "readelf -a", and
> prints that file name if and only if this output contains "XDR" or "xdr". Will
> this work if the binary is stripped (sorry in case I just overlooked something
> stupid :-)
Yes, it does. AFAIK, all base (and port?) software is [by default] stripped
on installation, and the environment I tested that command with had stripped
binaries.
That isn't "stupid"; it took me a little while to work up that command
(I didn't even know about readelf(1) until someone mentioned it to me).
I'm no ELF expert - I'm no anything expert - but it appears that the ELF
format itself contains these "labels".
> Regards,
> Simon
Dave
--
______________________ ______________________
\__________________ \ D. J. HAWKEY JR. / __________________/
\________________/\ hawkeyd@visi.com /\________________/
http://www.visi.com/~hawkeyd/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030326071637.A17385>