Programming

hello everybody!!
I want to post a question!I am confused about the explanation of ptrace command.
long ins;
ins=ptrace(PTRACE_GETREGS,pid,NULL,&regs); with this command i am able to read, for instance, regs.eip context or get regs.eip address?
And if i write the commad ptrace(PEEKTEXT,pid,regs.eip,NULL); after it, I get the next command that the program will execute or now i get the regs.eip context?

thanx in advance!

That command stores a copy of the contents of the child process registers - in the memory of the parent process.

Yes, you can see them. But - no - you cannot directly turn them into text. The reason is that most of those have addresses, not values, in them. Text is referenced by a pointer - a memory address. You have to translate the offset the pointer "looks" at (as if you were the child process) to be able to read the text.

Also you have to "know" what those registers are doing for a living - pointer to text, integer value, pointer to integer, pointer to program text, stack pointer, etc.

First of all, I would like to thank you for the help!!!
what i want to do is: to flip a bit, at the next instruction to be executed!(

ptrace(PTRACE_GETREGS,pid, NULL, &regs);//get register contents
ins=ptrace(PTRACE_PEEKDATA,pid, regs.eip,NULL);//ins= get the next instruction!?!
bit flip ins...
ptrace(PTRACE_SETREGS,pid,NULL,&regs);

Am I right??