SE Can't Code

A Tokyo based Software Engineer. Not System Engineer :(

Using od, dump binary file.

When you wanna dump binary files, you use hexadecimal number dump command (ex: hex, hexdump, xd) that is already installed. But you can dump binary files using default tool without using these tools. This tools is od that is default dump tool for octal number (means "octal dump"), however it can dump hexadecimal number with output option. There are below output options below:

type means
a string's name (7bit ASCII)
c ASCII string or escape string
d decimal number with sign
f floating point number
o octal number
u decimal number without sign
x hexadecimal number


And there are more specifier that can specify number of byte, size, expression of ASCII string, expression of offset. You wanna dump hexadecimal number each of bytes with ASCII, you can type below:

$ od -t x1z -A x /etc/ld.so.cache | head -5
000000 6c 64 2e 73 6f 2d 31 2e 37 2e 30 00 e4 03 00 00  >ld.so-1.7.0.....<
000010 03 03 00 00 78 5d 00 00 87 5d 00 00 03 03 00 00  >....x]...]......<
000020 9f 5d 00 00 b5 5d 00 00 03 03 00 00 e5 5d 00 00  >.]...].......]..<
000030 fb 5d 00 00 03 03 00 00 2b 5e 00 00 35 5e 00 00  >.]......+^..5^..<
000040 03 03 00 00 55 5e 00 00 5d 5e 00 00 03 03 00 00  >....U^..]^......<


There is function of dumping string in od. Using -s option (like a --string option), it searches the byte array that has at least three ASCII strings with finishing by \0 and expresses offsets and detail of it. But there is a little bit difference between od dump and strings. od's output has only strings ASCII and finishing \0, but strings can output if only it continues ASCII strings.

$ od -Ax -S12 /etc/ld.so.cache | head -5
008c38 libzinnia.so.0
008c47 /usr/lib/libzinnia.so.0
008c5f libzeitgeist-2.0.so.0
008c75 /usr/lib/x86_64-linux-gnu/libzeitgeist-2.0.so.0
008ca5 libzeitgeist-1.0.so.1
$ diff -u <(od -An -S12 /etc/ld.so.cache) <(strings /etc/ld.so.cache ) | head
--- /dev/fd/63  2016-10-15 18:46:05.519146991 +0900
+++ /dev/fd/62  2016-10-15 18:46:05.519146991 +0900
@@ -1,10 +1,14 @@
+ld.so-1.7.0
+glibc-ld.so.cache1.1
 libzinnia.so.0
 /usr/lib/libzinnia.so.0
 libzeitgeist-2.0.so.0
 /usr/lib/x86_64-linux-gnu/libzeitgeist-2.0.so.0
 libzeitgeist-1.0.so.1


When you wanna change binary file to C language array with dump, you can only use od and sed below:

#!/bin/sh
# $0 objname < in > out
objname=${1:-objname}
od -A n -v -t x1 | sed -e '1i\'
const unsighned char '$objname'[] = {
s/\([0-9a-f][0-9a-f]\) */0x\1,/g
$s/,$//
$a\
};
'

First argument is a name of allay. This read binary file from standard input and outputs C language array to standard output. The -A n means that don't express offsets, the -v means that full dump and the -t x1 means that dump hexadecimal number each one byte. And using sed command, you can make array. Add const unsighned char '$objname'[] = { to first row and convert format of OxNN, each one byte. For end row, remove , from end row and add }; row to end. So using od command, you can easily dump as any format.

Remove all ads