Hi
all,
I use
getMemoryWriteOperands() to get the _expression_ of
Operands that write to memory and size() to get the
actual size of the write. However, it always returns 4
byte, even if I write a single byte (char) like in the
following program.
int
main(void) {
char x
= 'A';
return
0;
}
Even gdb
disassembles it to a byte sized write: “mov BYTE PTR
[ebp-0x1], 0x41”.
I know
that EBP is a 4 byte register, but a 4 byte write
would just overwrite the variable next to “x” (at
least if layout is not 4 byte aligned). Tell me if I
am wrong.
I am
using a 32-Bit Linux mint (vmware) and Dyninst 9.2.0.
Relevant
code:
int
main(int argc, const char** argv) {
BPatch bpatch;
BPatch_addressSpace *app =
bpatch.openBinary(“MUTATEE”, true);
BPatch_image *appImage = app->getImage();
BPatch_Vector<BPatch_function *> functions;
appImage->findFunction("main",
functions);
BPatch_function* f = functions[0];
BPatch_flowGraph* fg = f->getCFG();
std::set<BPatch_basicBlock *> blocks;
fg->getAllBasicBlocks(blocks);
for(auto bb_iter = blocks.begin(); bb_iter !=
blocks.end(); ++bb_iter){
std::vector<Instruction::Ptr> insns;
(*bb_iter)->getInstructions(insns);
for(auto ins_iter = insns.begin(); ins_iter !=
insns.end(); ++ins_iter){
cout << (*ins_iter)->format() << endl;
if((*ins_iter)->writesMemory()){
std::set<_expression_::Ptr> memAccessors;
(*ins_iter)->getMemoryWriteOperands(memAccessors);
if (memAccessors.size())
{
for(auto it = memAccessors.begin(); it !=
memAccessors.end(); ++it)
{
std::cout << "\tmem write (size: " <<
(*it)->size() << ")" << endl;;
}
}
}
}
}
BPatch_binaryEdit
*appBin = dynamic_cast<BPatch_binaryEdit
*>(app);
appBin->writeFile(“MUTATEE_PATCHED”);
return 0;
}
Thanks!
--Fredi
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}