Disassembling ELF files with Beyond-Compare
Written 2012-12-16
Tags:objdump Disassembly BeyondCompare
Today I combined two great tools - BeyondCompare and objdump. Objdump is GNU's assembler. BeyondCompare is a slick text-and-more differencing tool with a neat UI. However, BeyondCompare also supports using external programs to generate text on the fly from binary files. Under Tools-\>File Formats, you can see a list of custom filetypes. You can make a new one, and under the 'Conversion' tab, specify 'External Program' and add "objdump -d %s > %t".
{
return ((int)x*(int)x+y*y) > 65536;
}
{
return (x*x+y*y) > 65536;
}
Well, it works. You can see the instructions are very similar except in how they load the operands from the stack. It would be nice to drop the offset column(column 1). Additionally, if BeyondCompare had the ability to extend folder structures(maybe it exists, but I haven't found it), I'd set it up to parse every ELF file as an archive, and each function could be disassembled in its own instance. My current setup gets pretty messy when diffing files with many large functions in it. It may need a little refinement, but I think this'll be a useful tool for me.
Left-hand-side
int check_result( float x, int y ){
return ((int)x*(int)x+y*y) > 65536;
}
Right-hand-side
int check_result( int x, int y ){
return (x*x+y*y) > 65536;
}
Results
Well, it works. You can see the instructions are very similar except in how they load the operands from the stack. It would be nice to drop the offset column(column 1). Additionally, if BeyondCompare had the ability to extend folder structures(maybe it exists, but I haven't found it), I'd set it up to parse every ELF file as an archive, and each function could be disassembled in its own instance. My current setup gets pretty messy when diffing files with many large functions in it. It may need a little refinement, but I think this'll be a useful tool for me.