Hey all,

Quick question. I am working on a target whose main protection routines reside in a COM type library. Now, I was directed to a rather ancient tool on MSDN by Matt Pietrik that generates a .map file for the lib and I wondering if anyone was aware of a utility that will take a type library and produce a .pdb (or even a .dbg) symbol file?

I thought maybe I could feed the .map file to softice or ida to generate a .pdb but this does not seem to be doable?

Also, does anyone know of any good tutorials on loading debugging sybols in to Ollydbg, I tried the olly users forum but the discussion of these issues is kind of sparse. (see: hxxp://ollydbg.win32asmcommunity.net/?action=vthread&forum=1&topic=679, etc...) I believe that Olly should be able to resolve the symbol info in a .pdb file, but I've had no success to date...

Any assistance would be greatly appreciated.

Thanx

br00t_4_c :

What happened to the requirement that one do one's own searching HERE before asking a question? Recognizing that pdb is only three letters, if you had tried the "Search" button and entered "pdb*" (without the quotes) you would have found threads with facinating titles, such as:

NTice.sys Patch for DriverStudio v3.x,fix problem of Symbol Loader not breaking

SoftIce Symbol Retriever - Getting PDB Files aka Symbols

and many others with references to pdb files. A similar search using "com debugging" would get you additional information on COM issues. How about helping yourself to those threads and then ask for help.

Regards,

With all due respect JMI, I'm wondering if you even read my post before dismissing it as an inane and ill-considered question? I am asking a very specific question about the conversion of a .map file to .pdb format and subsequently how to properly load the symbols into Ollydbg in order to more effectively debug a COM type library. Alas the use of symbol files in Ollydbg seems to be a poorly documented topic and I will gladly direct you to three or four unanswered threads on the Ollydbg users forum that attest to this fact. I was actually directed to a very useful resource on COM debugging by information contained in another posting on this forum , but unfortunately it left me with new questions. It's all well and good to generate softice symbol files with nsym, but I highly doubt that said files will be of any use to me while debugging in Olly. Perhaps (entirely possible) I am gravely misinformed. If so, then flame away Otherwise I think the question is legit and I would appreciate some thoughts on the matter.

Regards... nay... warm regards,

br00t_4_c

br00t_4_c:

"With all due respect br00t_4_c" we have this problem "all the time" and it has to do with the simple fact THAT I READ YOUR POST MORE CAREFULLY THAN YOU APPARENTLY DID. You have a thought process IN YOUR MIND which we have no access to. We are forced to deal with WHAT YOU WRITE in your question. What is also clear is that you did not carefully read what I posted.

No one dismissed your post as either inane and ill-considered, but it is my function here to attempt to insure that members use the search facility before posting. It happens to be one of our Rules. To illustrate my point I will quote parts of your original post and your current one.

Your original post said nothing about using the search facility here before posting your question, hence the tenor of my response. Your first actual question was:

"I wondering if anyone was aware of a utility that will take a type library and produce a .pdb (or even a .dbg) symbol file? I thought maybe I could feed the .map file to softice or ida to generate a .pdb but this does not seem to be doable?"

You will notice there is NO mention of OllyDBG in the context of this question, but rather the generation of .pdb (or .dbg) symbols files "using softice or IDA." Hence I gave you references to threads discussing the generation of pdb files and, because you mentioned a "COM type library" I also gave you threads mentioning debugging com objects.

In your second post you state:

"I am asking a very specific question about the conversion of a .map file to .pdb format and subsequently how to properly load the symbols into Ollydbg in order to more effectively debug a COM type library."

Yet the words you wrote in your first post fail to make this explicit connection. In fact, you phrase the question about Olly as an addendum and state:

"Also, does anyone know of any good tutorials on loading debugging sybols in to Ollydbg, I tried the olly users forum but the discussion of these issues is kind of sparse. "

So, despite your current protestation that you were somehow treated unfairly, it is clear that your original post EXPRESSLY mentions the generation of pdb files and using Softice and working on a COM protection in the same context, not directely connected to Olly. Although you discuss use of Olly, it is referenced in the context of "good tutorials on loading debugging sybols in to Ollydbg" with no EXPRESS statement that you either were or intended to use Olly on your COM object.

Now, with "all due respect" I suggest you do three things:

1.) Assume that I have carefully read the post and that when I suggest someone use the search function on the Board, their post does not indicate that they have searched here and that I am fulfilling my responsibilities.

2.) That if you are given specific references to threads which contain information about the subjects YOU ACTUALLY MENTIONED in your post, assume that someone is actually trying to help you out, particularily when you state:

"Any assistance would be greatly appreciated."

3.) Take a little more time to actually THINK about what you ACTUALLY WRITE and then ask yourself what someone who looked ONLY AT THE WORDS YOU WROTE would think you were asking.

If it will help you sleep better at night, you may also assume that I read the OllyDBG Forum, and many others, on a regular basis.

Regards,

Hmm, well taking a second look at my original posting, perhaps it was poorly worded. If my poor writing caused any confusion, I apologize. I am also quite certain that you are a regular reader of a large number of forums JMI -the deity be praised I shall sleep again. Anyhow, I'm still wondering... you know what forget it, the whole twenty paragraph chastisement just wore me out, I'll figure it out myself.

Wooo....quite a battle there. I think my English just got notched up 2 slots higher...

Anyways, there are the following things to note:

1. .map files are of 2 types (YUP!!). Borland map files and microsoft map files
2. IDA produces Borland map files
3. There is no known software that converts either Borland / Microsoft .map files to .PDB formats
4. You may find a tool (related to delphi) called MAP2DBG.exe (or .zip) which takes map files and produces .DBG files
5. Problem is, you also have 2 .dbg categories. Borland and Microsoft. Microsoft .DBG files are now defunct and they use .PDB files.
6. But now .PDB files from microsoft are also (a) .NET based and (b) native code based (whew!!)

So hope that clarifies a couple of things that you have doubts about.

A good idea is to read the documentation on Ollydbg plugins and decide how you want to go about doing the same (as comments, as labels, etc.)

Have Phun

Aimless, your reply is much appreciated.

As for the "battle", I get cranky on when I get shunted off to the search page (my fault in this case) and hope JMI doesn't take my comments the wrong way. I have just found this to be a frustrating issue and have not been able to make much progress with it -br00t_4_c shakes his fist in the general direction of poorly documented proprietary debugging formats... meh.

Anyways, thanks Aimless