I'm doing research into stack monitoring and have made a simple server that has
the following method:
int handle_reply(char *str){
char response[256];
strcpy(response,str);
printf("The client says \"%s\"\n",response);
return 0;
}
I'm overflowing this with 300 bytes of the letter 'A'. I'm verifying with gdb
that the eip register contains the hex value for 'A' (0x41) but when i print
out the value of eip in dtrace with uregs[R_EIP] on function return, it is
still the original return address, not 0x41414141. The program is seg faulting
so i know the eip is being overwritten but obviously i'm not using dtrace
correctly in this case. I'm under the impression that uregs[] holds the values
of the registers on the stack for the pocess it is instrumenting. I'm not
exactly sure of how dtrace is implemented but i'm thinking dtrace should be
copying the value of the eip register into a local buffer when the above
function returns and therefore should have the value 0x41414141 since it has
already been overwritten with that value. Dtrace does return the value
0x41414141 for the ebp register though, which is what i expected. Should the
value of uregs[R_EIP] not also be 0x41414141?
Any help on this would be appreciated.
--
This message posted from opensolaris.org
_______________________________________________
dtrace-discuss mailing list
[email protected]
