3

I know we can get the user defined function's begin address in elf by reading symbol table, just like below, function main and foo:

08048330 T _start
0804a014 b completed.6159
0804a00c W data_start
0804a018 b dtor_idx.6161
080483e4 T foo
080483c0 t frame_dummy
080483ee T main

but how to get the end address of certain functions?

Could anyone give me some help? Thank you!

lllllllllllll
  • 8,519
  • 9
  • 45
  • 80
  • I don't think there is an "end address" for symbols. Note that functions might have multiple return points, not just one; and not all symbols are functions. – TypeIA Jan 03 '14 at 15:55
  • thank you for your answer@dvnrrs, but I don't think you got what I mean – lllllllllllll Jan 03 '14 at 16:06
  • Maybe not; care to explain/elaborate? – TypeIA Jan 03 '14 at 16:15
  • if you use some disassembly tools like objdump to disassembly a elf file, you can locate user defined function like "main", "foo" and others. and you can find their begin and end address easily. What I am trying to do is find begin and end address of these functions without disassembly. Begin address of function can be obtained by looking up symbol table, but how to get the end address? – lllllllllllll Jan 03 '14 at 16:23
  • 1
    I think I do understand, and I still don't think this is possible because symbols in an ELF file do not have an inherent "end address." Symbols are simply entry addresses. If you know the symbol is a function, you could disassemble it and locate the `ret` instructions (there may be more than one). Or you could find where the next symbol starts and "assume" the previous one ends at the next one, but this too may not be accurate because the compiler is free to insert padding. What exactly are you trying to accomplish (why do you need to know an "end address")? – TypeIA Jan 03 '14 at 16:28
  • nm -S will show the size (if available). – tristan Jan 03 '14 at 17:01
  • @tristan Yes, that's what I am looking for! Thank you! Could you please "Answer this question" so I can mark your reply as answer? – lllllllllllll Jan 03 '14 at 19:32

1 Answers1

5

nm -S a.out will show the symbol size (if available). Then you can get the 'end address' from the start address and size.

tristan
  • 4,235
  • 2
  • 21
  • 45