A couple problems with this.
1. It can't be done if you service the segmentation violation
properly as a fatal error.
2.If invalid memory has been accessed and overwritten
causing the kernel to send sigsegv the program is in an
unstable state and should exit.
Further operations are no longer trustworthy as many critical
memory locations may have been altered.
Hi,All,
I use ptrace to capture the OPEN syscall, and find problems on getting filename as its argument. Basically, what ebx returns is a pointer to the filename of file to open. My code is as follows, and the program keep throwing segment fault. Besides, even if I can get filePath, how can I know... (2 Replies)
Hi all
What 's the relationship between gdb and ptrace, if the kernel does
not support ptrace, can gdb work ?
Is there some one can explain this for me (3 Replies)
hi,'m using the 5.11 kernel version on amd64 architecture, 32-bit. i need help on the following issues
1)a proper structure to represent the register structure in the architecture
2)a function which would change the register values of the child when the control is with the parent.. ptrace_setregs... (0 Replies)
hello everybody!!
I want to post a question!I am confused about the explanation of ptrace command.
long ins;
ins=ptrace(PTRACE_GETREGS,pid,NULL,®s); with this command i am able to read, for instance, regs.eip context or get regs.eip address?
And if i write the commad... (2 Replies)
Hello,
I'm trying to obtain process memory contents using ptrace( ) on FreeBSD 4.7. I know this is neither portable nor clean, yet I'd really like to get it to work... I read the manual help page and did a google search, but couldn't find anything helpful.
First, the code I'm using to read an... (5 Replies)