Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories

ptrace PTRACE_SINGLESTEP help


Hi all, i have written a small programm to count the instructions executed in the child process. but it is not working well and giving some arbitrary (might) result. the ouput given by this program is not matching with disassemble file of the executable. Please help.



#include
#include
#include
#include
#include
#include
#include
int main()
{ pid_t child;
const int long_size = sizeof(long);
child = fork();
if(child == 0)
{
ptrace(PTRACE_TRACEME, 0, NULL, NULL);
execl("./test.out", "test.out", NULL);
}
else
{
int status;
struct user_regs_struct regs;
int start = 0;
long ins;
unsigned char ch;
while(1)
{
wait(&status);
if(WIFEXITED(status))
break;
if(status != 1407)
break;
ptrace(PTRACE_GETREGS, child, NULL, &regs);
ins = ptrace(PTRACE_PEEKTEXT, child, regs.eip, NULL);
printf("EIP: %lx Instruction executed: %lx
", regs.eip, ch);
ptrace(PTRACE_SINGLESTEP, child, NULL, NULL);

}
}
return 0;
}

Sign In or Register to comment.