Aucbvax.6909
fa.info-vax
utzoo!decvax!ucbvax!info-vax
Sun Apr 25 10:26:34 1982
Examining .EXE files linked /NOTRACE
>From EPS@MIT-AI Sun Apr 25 10:15:53 1982
Most of the stuff that comes from DEC is linked /NOTRACE,
so RUN/DEBUG doesn't work.  You can use PATCH, but I find
DEBUG better suited for general hackery.
                                     * * *
       .title  debugable       make /NOTRACE image DEBUGable
       $dscdef
       $fabdef
       $rabdef
       $rmsdef
       .library        /sys$library:lib/
       $ihddef
       $ihadef
       .psect  debugable,nowrt,shr,pic,long
       .entry  debugable,^m
       clrl    -(sp)
       pushl   #<DSC$K_DTYPE_T@16>!<DSC$K_CLASS_D@24>
       pushaq  prompt
       pushaq  4(sp)
       calls   #2,g^lib$get_foreign
       cmpl    r0,#rms$_eof
       bneq    3$
       brw     done
3$:     blbc    r0,death
       $fab_store      fab=exefab,-
               fns=(sp),fna=@4(sp)
       $open   fab=exefab
       blbc    r0,death
       cmpb    exefab+fab$b_rfm,#fab$c_fix
       beql    docon
       brw     notexe
docon:  movab   -512(sp),sp
       $rab_store      rab=exerab,-
               rbf=(sp),ubf=(sp)
       $connect        rab=exerab
       blbc    r0,death
       $read   rab=exerab
       blbs    r0,check
death:  $exit_s r0
check:  cmpw    exerab+rab$w_rsz,#512
       bneq    notexe
       cmpw    ihd$w_majorid(sp),#^a/02/
       bneq    notexe
       cmpb    ihd$b_imgtype(sp),#ihd$k_exe
       bneq    notexe
       bbs     #ihd$v_lnknotfr,ihd$l_lnkflags(sp),noxfer
       movzwl  ihd$w_activoff(sp),r0
       addl2   sp,r0
       cmpl    iha$l_tfradr1(r0),#sys$imgsta
       beql    doesst
       tstl    iha$l_tfradr3(r0)
       bneq    notclr
       movq    iha$l_tfradr1(r0),iha$l_tfradr2(r0)
       movaw   @#sys$imgsta,iha$l_tfradr1(r0)
       $write  rab=exerab
       blbc    r0,die1
       $close  fab=exefab
       blbc    r0,die1
done:   movzwl  #1,r0
       ret
notexe: pushaq  notex1
scream: calls   #1,g^lib$put_output
       blbs    r0,done
die1:   brw     death
noxfer: pushaq  noxfe1
       brb     scream
doesst: pushaq  doess1
       brb     scream
notclr: pushaq  notcl1
       brb     scream
       .psect  constants,nowrt,noexe,shr,long
prompt: .ascid  /.EXE file: /
       .align  long
notex1: .ascid  /?Not an executable file/
       .align  long
noxfe1: .ascid  /?No transfer address/
       .align  long
doess1: .ascid  /?Already DEBUGable/
       .align  long
notcl1: .ascid  /?Activation section full/
       .psect  exefab,wrt,noexe,long
exefab::        $fab    fac=<BIO,GET,PUT>,-
                       dnm=<.EXE>,-
                       mrs=512,-
                       rfm=fix
       .psect  exerab,wrt,noexe,long
exerab::        $rab    fab=exefab,-
                       bkt=1,-
                       rop=<BIO>,-
                       usz=512
       .end    debugable
                                     * * *
This will not work for .EXE files created by TKB.
Since the .EXE file will have no symbols, you should
make a 'SYSDEF.COM' file containing lines like
       DEFINE SYS$QIOW = ^X80000000
to define all the symbols in SYSVECTOR.  Then RUN/DEBUG
your .EXE file and type '@SYSDEF' to load the symbols.
Most images load at ^X200.  I have a program that dumps
all the interesting things in .EXE files (everything
but the code) so I use that to get the start address
and locations of the various image sections.  Before
you attack a program with DEBUG, an ASCII dump should
be made.  RUN the program and immediately type ^Y.
Then $ EXAMINE/ASCII 200:7FFFFFFF to get a general idea
of where things are.  You can't do this with programs
INSTALLed with privileges; make a copy of the known
EXE and ^Y out of that.  Good luck as always.

                                       --Eric

-----------------------------------------------------------------
gopher://quux.org/ conversion by John Goerzen <[email protected]>
of http://communication.ucsd.edu/A-News/


This Usenet Oldnews Archive
article may be copied and distributed freely, provided:

1. There is no money collected for the text(s) of the articles.

2. The following notice remains appended to each copy:

The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996
Bruce Jones, Henry Spencer, David Wiseman.

You are viewing proxied material from gopher.quux.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.