hngopher.com

       [HN Gopher] Analyzing ELF symbols using SQL
       ___________________________________________________________________
        
       Analyzing ELF symbols using SQL
        
       Author : setheron
       Score  : 58 points
       Date   : 2023-09-11 22:11 UTC (2 days ago)
        
 (HTM) web link (fzakaria.com)
 (TXT) w3m dump (fzakaria.com)
        
       | gumby wrote:
       | This looks like an interesting and useful approach, but there's
       | no need to overdo the claims:
       | 
       | > Which library that I load is providing function foo?
       | 
       | > The state of the art (prior to sqlelf) of how to retrieve this
       | diagnostic information is using LD_DEBUG environment variable and
       | trolling through the large dump of logs it emits
       | 
       | That's far from the state of the art. Just use a tool like ldd or
       | otool to get a list of dependencies, loop a call to nm over that
       | and grep for the symbol you want. It's a one liner that gives you
       | the answer (and tells you which other libraries export the same
       | symbol, in case you need to reorder the library loading).
       | 
       | Nevertheless I regret not putting higher resolution file metadata
       | support into bfd. Objdump is more oriented to the _content_ of
       | the sections, and some section metadata, but there 's a lot of
       | interesting and fun stuff in the ELF file header (not that ELF
       | existed back then)
        
         | pcstl wrote:
         | ldd itself, at least on most Linux variants, is simply a
         | wrapper around setting the LD_TRACE_LOADED_OBJECTS environment
         | variable and then running the wrapped command, which can bite
         | people in the ass, as it assumes that the code being run by ldd
         | will respect the environment variable.
        
         | aleden wrote:
         | Personally I regard llvm-readobj and llvm-objdump as the state
         | of the art. They are very well written.
        
       | cmrdporcupine wrote:
       | In my ideal world all system utilities (and many applications)
       | output relational tuples, and the shell includes a relational
       | algebraic query tool --equivalent to SQL, but with a more
       | composable syntax. Instead of awk'ing and grepping, we'd be doing
       | Restrict, Join, Union, and Project on the output of _anything_ ,
       | and there'd be no need to be dumping into a separate database
       | system just to be able to have access to the kind of
       | recomposable, queryable, consistent, discoverable information
       | management that is every user's right since Codd first penned _"A
       | Relational Model of Data for Large Shared Data Banks."_ in
       | _1970_.
       | 
       | Sorry, old-man-me is feeling unwell today, back to bed to take a
       | nap.
        
       | mistrial9 wrote:
       | static analysis | filters | sql_db ## done that
       | 
       | this reads running binaries and gets link symbols? linux
        
       ___________________________________________________________________
       (page generated 2023-09-13 23:01 UTC)