Peres
November 13th, 2006, 08:39
I'm trying to reverse engineer an old dos program which uses overlays. I've read some interesting articles about overlaying techniques and managed to reconstruct the overlay tree from the overlay table contained in the main program, so I actually know the layout of the overlay files and the segments they contain.
The overlay tree yields 22 mutually exclusive combinations of running segments [overlay paths], so here is the question I need to answer: how do I efficiently reverse engineer each leaf of the tree?
There are 2 approaches I can think of:
A) disassemble the main program (using IDA), then load the overlays as additional binary files. The big drawback here is manually fixing the segments to be able to properly navigate the 22 versions of the database.
B) create 22 different executables by merging the main program and the overlay files. This would remove the segment fixing needed in the previous solution, but would leave me with 22 files to be analyzed from scratch.
I'm hoping for someone to suggest a third feasible solution.
Thanks
Peres
The overlay tree yields 22 mutually exclusive combinations of running segments [overlay paths], so here is the question I need to answer: how do I efficiently reverse engineer each leaf of the tree?
There are 2 approaches I can think of:
A) disassemble the main program (using IDA), then load the overlays as additional binary files. The big drawback here is manually fixing the segments to be able to properly navigate the 22 versions of the database.
B) create 22 different executables by merging the main program and the overlay files. This would remove the segment fixing needed in the previous solution, but would leave me with 22 files to be analyzed from scratch.
I'm hoping for someone to suggest a third feasible solution.
Thanks
Peres
