This is a multipart MIME message.
>Did you write this program? Is the source available anywhere?
Sure. There's no particular rocket science involved: it just single-steps the
program in question and writes out the word at the PC after each instruction.
Here's the code.
p.
--
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include <sys/types.h>
#include <sys/ptrace.h>
#include <sys/resource.h>
#include <sys/wait.h>
#include <unistd.h>
main(int argc, char *argv[])
{
FILE *fp = fopen("ssd.log", "w");
int logging = 0;
pid_t pid;
argv++;
pid = vfork();
if (pid == 0)
{
ptrace(PTRACE_TRACEME, 0, NULL, NULL);
execvp(argv[0], argv);
}
for (;;)
{
int status;
pid_t pid = wait3(&status, 0, NULL);
if (WIFSTOPPED(status))
{
unsigned long pc = ptrace(PTRACE_PEEKUSER, pid, (void *)(15*4), NULL);
if (logging) {
unsigned long insn = ptrace(PTRACE_PEEKTEXT, pid, (void *)pc, NULL);
fprintf(fp, "%08x %08x\n", pc, insn);
} else {
if (pc < 0x40000000)
logging = 1;
}
ptrace(PTRACE_SINGLESTEP, pid, NULL, NULL);
}
else if (WIFEXITED(status))
{
fclose(fp);
exit(0);
}
else
{
fprintf(stderr, "status %08x\n", status);
abort();
}
}
}
pgpuL8LdoEc3U.pgp
Description: PGP signature
