Aucbvax.6909
fa.info-vax
utzoo!decvax!ucbvax!info-vax
Sun Apr 25 10:26:34 1982
Examining .EXE files linked /NOTRACE
>From EPS@MIT-AI Sun Apr 25 10:15:53 1982
Most of the stuff that comes from DEC is linked /NOTRACE,
so RUN/DEBUG doesn't work. You can use PATCH, but I find
DEBUG better suited for general hackery.
* * *
.title debugable make /NOTRACE image DEBUGable
$dscdef
$fabdef
$rabdef
$rmsdef
.library /sys$library:lib/
$ihddef
$ihadef
.psect debugable,nowrt,shr,pic,long
.entry debugable,^m
clrl -(sp)
pushl #<DSC$K_DTYPE_T@16>!<DSC$K_CLASS_D@24>
pushaq prompt
pushaq 4(sp)
calls #2,g^lib$get_foreign
cmpl r0,#rms$_eof
bneq 3$
brw done
3$: blbc r0,death
$fab_store fab=exefab,-
fns=(sp),fna=@4(sp)
$open fab=exefab
blbc r0,death
cmpb exefab+fab$b_rfm,#fab$c_fix
beql docon
brw notexe
docon: movab -512(sp),sp
$rab_store rab=exerab,-
rbf=(sp),ubf=(sp)
$connect rab=exerab
blbc r0,death
$read rab=exerab
blbs r0,check
death: $exit_s r0
check: cmpw exerab+rab$w_rsz,#512
bneq notexe
cmpw ihd$w_majorid(sp),#^a/02/
bneq notexe
cmpb ihd$b_imgtype(sp),#ihd$k_exe
bneq notexe
bbs #ihd$v_lnknotfr,ihd$l_lnkflags(sp),noxfer
movzwl ihd$w_activoff(sp),r0
addl2 sp,r0
cmpl iha$l_tfradr1(r0),#sys$imgsta
beql doesst
tstl iha$l_tfradr3(r0)
bneq notclr
movq iha$l_tfradr1(r0),iha$l_tfradr2(r0)
movaw @#sys$imgsta,iha$l_tfradr1(r0)
$write rab=exerab
blbc r0,die1
$close fab=exefab
blbc r0,die1
done: movzwl #1,r0
ret
notexe: pushaq notex1
scream: calls #1,g^lib$put_output
blbs r0,done
die1: brw death
noxfer: pushaq noxfe1
brb scream
doesst: pushaq doess1
brb scream
notclr: pushaq notcl1
brb scream
.psect constants,nowrt,noexe,shr,long
prompt: .ascid /.EXE file: /
.align long
notex1: .ascid /?Not an executable file/
.align long
noxfe1: .ascid /?No transfer address/
.align long
doess1: .ascid /?Already DEBUGable/
.align long
notcl1: .ascid /?Activation section full/
.psect exefab,wrt,noexe,long
exefab:: $fab fac=<BIO,GET,PUT>,-
dnm=<.EXE>,-
mrs=512,-
rfm=fix
.psect exerab,wrt,noexe,long
exerab:: $rab fab=exefab,-
bkt=1,-
rop=<BIO>,-
usz=512
.end debugable
* * *
This will not work for .EXE files created by TKB.
Since the .EXE file will have no symbols, you should
make a 'SYSDEF.COM' file containing lines like
DEFINE SYS$QIOW = ^X80000000
to define all the symbols in SYSVECTOR. Then RUN/DEBUG
your .EXE file and type '@SYSDEF' to load the symbols.
Most images load at ^X200. I have a program that dumps
all the interesting things in .EXE files (everything
but the code) so I use that to get the start address
and locations of the various image sections. Before
you attack a program with DEBUG, an ASCII dump should
be made. RUN the program and immediately type ^Y.
Then $ EXAMINE/ASCII 200:7FFFFFFF to get a general idea
of where things are. You can't do this with programs
INSTALLed with privileges; make a copy of the known
EXE and ^Y out of that. Good luck as always.
--Eric
-----------------------------------------------------------------
gopher://quux.org/ conversion by John Goerzen <
[email protected]>
of
http://communication.ucsd.edu/A-News/
This Usenet Oldnews Archive
article may be copied and distributed freely, provided:
1. There is no money collected for the text(s) of the articles.
2. The following notice remains appended to each copy:
The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996
Bruce Jones, Henry Spencer, David Wiseman.