Hi all,
I use getMemoryWriteOperands() to get the _expression_ of Operands that write to memory and size() to get the actual size of the write. However, it always returns 4 byte, even if I write a single byte (char) like in the following program.
int main(void) {
char x = 'A';
return 0;
}
Even gdb disassembles it to a byte sized write: “mov BYTE PTR [ebp-0x1], 0x41”.
I know that EBP is a 4 byte register, but a 4 byte write would just overwrite the variable next to “x” (at least if layout is not 4 byte aligned). Tell me if I am wrong.
I am using a 32-Bit Linux mint (vmware) and Dyninst 9.2.0.
Relevant code:
int main(int argc, const char** argv) {
BPatch bpatch;
BPatch_addressSpace *app = bpatch.openBinary(“MUTATEE”, true);
BPatch_image *appImage = app->getImage();
BPatch_Vector<BPatch_function *> functions;
appImage->findFunction("main", functions);
BPatch_function* f = functions[0];
BPatch_flowGraph* fg = f->getCFG();
std::set<BPatch_basicBlock *> blocks;
fg->getAllBasicBlocks(blocks);
for(auto bb_iter = blocks.begin(); bb_iter != blocks.end(); ++bb_iter){
std::vector<Instruction::Ptr> insns;
(*bb_iter)->getInstructions(insns);
for(auto ins_iter = insns.begin(); ins_iter != insns.end(); ++ins_iter){
cout << (*ins_iter)->format() << endl;
if((*ins_iter)->writesMemory()){
std::set<_expression_::Ptr> memAccessors;
(*ins_iter)->getMemoryWriteOperands(memAccessors);
if (memAccessors.size())
{
for(auto it = memAccessors.begin(); it != memAccessors.end(); ++it)
{
std::cout << "\tmem write (size: " << (*it)->size() << ")" << endl;;
}
}
}
}
}
BPatch_binaryEdit *appBin = dynamic_cast<BPatch_binaryEdit *>(app);
appBin->writeFile(“MUTATEE_PATCHED”);
return 0;
}
Thanks!
--Fredi
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}