ptrace question
in [Unix Programming]
|
Prev: open all bloced sites with free proxy service facebook,myspace,twitter ......etc
Next: SIGPIPE doesn't work in Cygwin?
From: boltar2003 on 18 May 2010 09:50 In the linux man page for the ptrace PTRACE_PEEKTEXT option it says: "Reads a word at the location addr in the child's memory" My question is , how do you get the list of valid addresses for the child process? Ie its text/data area start and end addresses. Thanks for any help. B2003
From: Ersek, Laszlo on 18 May 2010 10:31 On Tue, 18 May 2010, boltar2003(a)boltar.world wrote: > In the linux man page for the ptrace PTRACE_PEEKTEXT option it says: > > "Reads a word at the location addr in the child's memory" > > My question is , how do you get the list of valid addresses for the child > process? Ie its text/data area start and end addresses. Look at nm's source (or just call it and parse its output). The output of "nm -P -t [dox]" should be portable: http://www.opengroup.org/onlinepubs/9699919799/utilities/nm.html See also readelf. Cheers, lacos
From: boltar2003 on 18 May 2010 10:54 On Tue, 18 May 2010 16:31:07 +0200 "Ersek, Laszlo" <lacos(a)caesar.elte.hu> wrote: >On Tue, 18 May 2010, boltar2003(a)boltar.world wrote: > >> In the linux man page for the ptrace PTRACE_PEEKTEXT option it says: >> >> "Reads a word at the location addr in the child's memory" >> >> My question is , how do you get the list of valid addresses for the child >> process? Ie its text/data area start and end addresses. > >Look at nm's source (or just call it and parse its output). I don't have the source at hand. Surely theres an API call? >The output of "nm -P -t [dox]" should be portable: >http://www.opengroup.org/onlinepubs/9699919799/utilities/nm.html Thats an ugly way of doing things. B2003
From: Ersek, Laszlo on 18 May 2010 11:22 On Tue, 18 May 2010, boltar2003(a)boltar.world wrote: > On Tue, 18 May 2010 16:31:07 +0200 > "Ersek, Laszlo" <lacos(a)caesar.elte.hu> wrote: >> On Tue, 18 May 2010, boltar2003(a)boltar.world wrote: >> >>> In the linux man page for the ptrace PTRACE_PEEKTEXT option it says: >>> >>> "Reads a word at the location addr in the child's memory" >>> >>> My question is , how do you get the list of valid addresses for the >>> child process? Ie its text/data area start and end addresses. >> >> Look at nm's source (or just call it and parse its output). > > I don't have the source at hand. Surely theres an API call? If you're on GNU, you might have a chance. Good luck: http://sourceware.org/binutils/docs-2.20/bfd/index.html Perhaps bfd_symbol_info() is what you're looking for. No idea. Some other places to look: http://sources.redhat.com/gdb/current/onlinedocs/gdbint.html http://refspecs.freestandards.org/ Cheers, lacos
From: Scott Lurndal on 18 May 2010 15:09
boltar2003(a)boltar.world writes: >In the linux man page for the ptrace PTRACE_PEEKTEXT option it says: > >"Reads a word at the location addr in the child's memory" > >My question is , how do you get the list of valid addresses for the child >process? Ie its text/data area start and end addresses. > >Thanks for any help. > >B2003 > read and parse /proc/<pid>/maps and /proc/<pid>/numa_maps along with the ELF headers from /proc/<pid>/exe. scott |