Add to symbol table for reverse engineering?

Hi all,

I am trying to reverse engineer a stripped binary using gdb.
 I wonder if 
there is a way to interactively add symbols as I go.  For
example, suppose 
I discover that 0xdeadbeef is the address of a function that
does "foo". 
Presumably the binary originally had an entry "foo =
0xdeadbeef" in its 
symbol table, which is now gone.  I would like to be able to
"put it back" 
and use it with gdb's convenient symbol features.  For
instance, if I come 
across a "call 0xdeadbeef" instruction elsewhere
in the program, I would 
like the gdb disassembler to tag it as "call 0xdeadbeef
<foo>".  Is there 
any way to do this?  I didn't see such a thing in the
manual.

I know I can do:

set $foo = 0xdeadbeef


so that at least the address is saved, but gdb won't do the
reverse 
translation in disassembly.

I suppose it is possible to keep an external symbol table
which I load, 
but then I would have to have a separate file which I have
to paste in 
stuff from gdb, and then reload it every time I add
something new.

-- 

Nate Eldredge
neldredgemath.ucsd.edu

On Wed, Jul 18, 2007 at 02:56:39PM -0700, Nate Eldredge
wrote:
> I am trying to reverse engineer a stripped binary using
gdb.  I wonder if there 
> is a way to interactively add symbols as I go.  For
example, suppose I discover 
> that 0xdeadbeef is the address of a function that does
"foo". Presumably the 
> binary originally had an entry "foo =
0xdeadbeef" in its symbol table, which is 
> now gone.  I would like to be able to "put it
back" and use it with gdb's 
> convenient symbol features.  For instance, if I come
across a "call 0xdeadbeef" 
> instruction elsewhere in the program, I would like the
gdb disassembler to tag 
> it as "call 0xdeadbeef <foo>".  Is
there any way to do this?  I didn't see such 
> a thing in the manual.

Not using GDB.  But you can probably do it with objcopy on
the binary.

-- 
Daniel Jacobowitz
CodeSourcery