Linux和windows 查看程序、进程的依赖库的方法

2018-12-10 20:43 youxin 阅读(9278) 评论(0) 编辑收藏举报

Linux:

1. 利用ldd查看可执行程序的依赖库

[root@~]# ldd /usr/local/php/bin/php
linux-vdso.so.1 => (0x00007fff753f5000

注：ldd通过调用动态链接器来获取可执行程序的依赖库，但是并不推荐在未知的可执行程序上执行业ldd来获取其依赖库，因为部分版本的ldd会直接通过调用该可执行程序来获取其依赖库，这存在安全风险。

如果某个依赖的库不存在，会打印类似“xxx.so not found”的提示。

2. 利用pmap工具查询未知的可执行程序的依赖库

[root@~]# objdump -p /usr/local/php/bin/php |grep NEEDED
NEEDED libcrypt.so.1
NEEDED librt.so.1
NEEDED libmysqlclient.so.18
NEEDED libmcrypt.so.4
NEEDED libiconv.so.2
NEEDED libcurl.so.4
NEEDED libm.so.6
NEEDED libdl.so.2
NEEDED libnsl.so.1
NEEDED libxml2.so.2
NEEDED libz.so.1
NEEDED libssl.so.10
NEEDED libcrypto.so.10
NEEDED libpthread.so.0
NEEDED libc.so.6
NEEDED libresolv.so.2

3. 利用pmap查看正在运行时的进程的依赖库

利用pldd工具既可以获取进程的内存映射信息，也可以获取进程的依赖共享库信息：

[root@~/software/pldd]# ps -ef|grep php-fpm
root 26534 1 0 2014 ? 00:01:34 php-fpm: master process (/usr/local/php-5.3.29/etc/php-fpm.conf)
nobody 26535 26534 0 2014 ? 00:00:04 php-fpm: pool www
nobody 26536 26534 0 2014 ? 00:00:05 php-fpm: pool www
root 30510 30324 0 00:39 pts/0 00:00:00 grep php-fpm
[root@~/software/pldd]# pmap 26534 |head
26534: php-fpm: master process (/usr/local/php-5.3.29/etc/php-fpm.conf)
0000000000400000 10452K r-x-- /usr/local/php-5.3.29/sbin/php-fpm
0000000001035000 76K rw--- /usr/local/php-5.3.29/sbin/php-fpm
0000000001048000 104K rw--- [ anon ]
0000000002a65000 3448K rw--- [ anon ]
000000311c600000 388K r-x-- /usr/lib64/libssl.so.1.0.1e
000000311c661000 2048K ----- /usr/lib64/libssl.so.1.0.1e
000000311c861000 16K r---- /usr/lib64/libssl.so.1.0.1e
000000311c865000 28K rw--- /usr/lib64/libssl.so.1.0.1e

1.查看依赖的库：

objdump -x xxx.so | grep NEEDED

2.查看可执行程序依赖的库：

objdump -x 可执行程序名 | grep NEEDED

3.查看缺少的库：

ldd xxx.so


windows:

有时候我们想查看一个exe引用了哪些动态库，或者我们想看某个动态库包含哪些接口函数，这个时候可以使用dumpbin.exe工具：

1.输入Dumpbin -imports calldll.exe查看它的输入信息，可以看到它加载了***.dll
2.输入dumpbin –exports dlltest.dll,列出导出函数

开始->所有程序->Microsoft Visual Studio 2010->Visual Studio Tools ->“Visual Studio 命令提示(2010)”后，

就像普通的cmd一样的命令行环境，就可以正常使用VS的一些工具，其中就包括dumpbin。

输入如下命令，查看dll信息：

D:\Program Files (x86)\Microsoft Visual Studio 10.0\VC>

dumpbin -exports D:\WorkSpace\DLLTutorial\Debug\DLLTutorial.dll

\dumpbin /dependents your-file.dll

1.输入Dumpbin -imports calldll.exe查看它的输入信息，可以看到它加载了***.dll
2.输入dumpbin –exports dlltest.dll,列出导出函数

/DEPENDENTS:

查看依赖项；如: dumpbin /dependents vlc.exe

ps:1. 如果有Image has the following delay load dependencies，列出的为运行时动态加载的dll。
2. 如果有Image has the following dependencies，列出的为载入程序时加载的dll。

windows下，进程查看器（ProcessExplorer）可以用来查看进程（实时运行）依赖的dll文件；DependencyWalker可以用来查看dll或exe依赖的dll文件。

linux下，ldd可以用来查看bin文件或dll文件依赖的dll.

用来查看链接库的依赖关系的软件，名称为：Dependency Walker.
它的官方网站如下：
http://www.dependencywalker.com/

关于Dependency Walker的介绍：

Dependency Walker is a free utility that scans any 32-bit or 64-bit Windows module (exe, dll, ocx, sys, etc.) and builds a hierarchical tree diagram of all dependent modules. For each module found, it lists all the functions that are exported by that module, and which of those functions are actually being called by other modules. Another view displays the minimum set of required files, along with detailed information about each file including a full path to the file, base address, version numbers, machine type, debug information, and more.

Dependency Walker is also very useful for troubleshooting system errors related to loading and executing modules. Dependency Walker detects many common application problems such as missing modules, invalid modules, import/export mismatches, circular dependency errors, mismatched machine types of modules, and module initialization failures.

Dependency Walker runs on Windows 95, 98, Me, NT, 2000, XP, 2003, Vista, 7, and 8. It can process any 32-bit or 64-bit Windows module, including ones designed for Windows CE. It can be run as graphical application or as a console application. Dependency Walker handles all types of module dependencies, including implicit, explicit (dynamic / runtime), forwarded, delay-loaded, and injected. A detailed help is included.

会员力量，点亮园子希望

刷新页面返回顶部

有心故我在