Mailing List Archives

Authenticated access

 		[Computer Systems Lab]

[← Prev[Date]  [Next →] [← Prev[Thread]  [Next →]

[DynInst_API:] dyninst help

Date: Wed, 05 Aug 2015 16:13:12 +0000
From: 2013030203009 <2013030203009@xxxxxxxxxxxxxxxx>
Subject: [DynInst_API:] dyninst help
Hello everyone,I want to use dyninst to write a program to avoid buffer overflow.
And this is part of my pprogram.If call's target belongs to a sharedlib, I'd not insert a snippet.But this code doesn't work.fun1 equals Null all the time.
if(category == Dyninst::InstructionAPI::c_CallInsn) {
                                    vector<BPatch_point *> callPoints;
                                    appImage->findPoints(addr, callPoints);
                                    BPatch_function * fun1=(*(callPoints[0])).getCalledFunction();
                                    if(fun1==NULL)    {printf("as");exit(1);}
                                    if((*fun1).isSharedLib()) continue;
                                    else


I would save the call instruction address compare with the next ret instruction's target address.If they are not equal,I would quit the program. I load a dll to save the address and compare the address. And insert a callfunction snippet before call instruction and ret instruction.
At first I didn't care about the call's target function.And my output is like this
call  0x7ffca5b5df48
call  0x7ffca5b5de48
ret  0x7ffca5b5de48
call  0x600e10
ret  0x7ffca5b5de88
call  0x7ffca5b5de78
call  0x7ffca5b5de68
asdret  0x7ffca5b5de78
call  0x7ffca5b5de78
call  0x7ffca5b5de68
0call  0x7ffca5b5de68
1call  0x7ffca5b5de68
2call  0x7ffca5b5de68
3call  0x7ffca5b5de68
4call  0x7ffca5b5de68
5call  0x7ffca5b5de68
6call  0x7ffca5b5de68
7call  0x7ffca5b5de68
8call  0x7ffca5b5de68
9call  0x7ffca5b5de68
10ret  0x7ffca5b5de78
ret  0x7ffca5b5de88
call  0x7ffca5b5dd68
ret  0x7ffca5b5dd78
ret  0x7ffca5b5dd78
the dll didn't receive the ret of printf.  below is the code to be instrumented.
#include<stdio.h>
void shuchu()
{
    printf("asd");

}
void loop()
{
    int j=0;
    for(j=0;j<=10;j++)
        printf("%d",j);
}
int main()
{
    shuchu();
    loop();
    return 0;
}

this is my dll to instrument.

void * orgnladd;
int flag=0;
void TargetCall(void *addr) {
//    orgnladd=addr;
//    flag=1;
    printf("call  %p\n",(unsigned long*)addr);
}

void TargetJmp(void *addr) {
    printf("[JMP - Target] : %p\n", (unsigned long *)addr);
}

void TargetRet(void *addr) {
//    if(flag&&addr!=orgnladd)    {printf("ret call not the same address\n");exit(1);}
    printf("ret  %p\n",(unsigned long*)addr);
}
there is some wrong in the dll that i hadn't change.I should use a vector to store the address.
[← Prev in Thread] Current Thread [Next in Thread→]
Previous by Date:  [DynInst_API:] COMMIT: documentation and ELF extension patches, bill
Next by Date:  Re: [DynInst_API:] dyninst help, Xiaozhu Meng
Previous by Thread:  [DynInst_API:] =?gb18030?b?u9i4tKO6ICBkeW5pbnN0IGhlbHA=?=, =?gb18030?b?ZHh5?=
Next by Thread:  Re: [DynInst_API:] Dyninst Help, Barton Miller
Indexes:  [Date] [Thread]