Skip to content

Instantly share code, notes, and snippets.

@jperkin

jperkin/gist:eca867773bb52472fe263b4de88faeb7

Last active October 3, 2023 15:19
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jperkin/eca867773bb52472fe263b4de88faeb7 to your computer and use it in GitHub Desktop.
Save jperkin/eca867773bb52472fe263b4de88faeb7 to your computer and use it in GitHub Desktop.
Download ZIP
CTF vs strip
Raw
gistfile1.md

Original file with CTF:

$ ls -l test.ctf
-rwxr-xr-x   1 root     root       13128 Oct  3 14:16 test.ctf
$ dtrace -lvn 'pid$target:a.out:foo:entry' -c ./test.ctf

        Argument Types
                args[0]: userland int

/usr/bin/strip

Test with no arguments, with -l, and with -x:

$ ls -l test.ctf.strip*
-rwxr-xr-x   1 root     root        8072 Oct  3 14:43 test.ctf.strip
-rwxr-xr-x   1 root     root       13128 Oct  3 14:40 test.ctf.strip-l
-rwxr-xr-x   1 root     root       11320 Oct  3 14:40 test.ctf.strip-x

stripped:

        Argument Types
                None

stripped -l:

        Argument Types
                args[0]: (unknown)

stripped -x:

        Argument Types
                args[0]: (unknown)

gstrip

Trying to enable every option to retain information still results in unusable file:

$ gstrip -v -D -p --no-merge-notes --keep-file-symbols --keep-section-symbols -w --keep-section=* --keep-symbol=* -o test.ctf-gstrip test.ctf

$ ls -l test.ctf test.ctf-gstrip
-rwxr-xr-x   1 root     root       13128 Oct  3 14:16 test.ctf
-rwxr-xr-x   1 root     root       13088 Oct  3 14:16 test.ctf-gstrip

$ dtrace -lvn 'pid$target:a.out:foo:entry' -c ./test.ctf-gstrip
   ID   PROVIDER            MODULE                          FUNCTION NAME
74704   pid75093   test.ctf-gstrip                               foo entry
[...]
        Argument Types
                None
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment