Hello everyone,I want to use dyninst to write a program to avoid buffer overflow. And this is part of my pprogram.If call's target belongs to a sharedlib, I'd not insert a snippet.But this code doesn't work.fun1 equals Null all the time. if(category == Dyninst::InstructionAPI::c_CallInsn) { vector<BPatch_point *> callPoints; appImage->findPoints(addr, callPoints); BPatch_function * fun1=(*(callPoints[0])).getCalledFunction(); if(fun1==NULL) {printf("as");exit(1);} if((*fun1).isSharedLib()) continue; else
I would save the call instruction address compare with the next ret instruction's target address.If they are not equal,I would quit the program. I load a dll to save the address and compare the address. And insert a callfunction snippet before call instruction and ret instruction. At first I didn't care about the call's target function.And my output is like this call 0x7ffca5b5df48 call 0x7ffca5b5de48 ret 0x7ffca5b5de48 call 0x600e10 ret 0x7ffca5b5de88 call 0x7ffca5b5de78 call 0x7ffca5b5de68 asdret 0x7ffca5b5de78 call 0x7ffca5b5de78 call 0x7ffca5b5de68 0call 0x7ffca5b5de68 1call 0x7ffca5b5de68 2call 0x7ffca5b5de68 3call 0x7ffca5b5de68 4call 0x7ffca5b5de68 5call 0x7ffca5b5de68 6call 0x7ffca5b5de68 7call 0x7ffca5b5de68 8call 0x7ffca5b5de68 9call 0x7ffca5b5de68 10ret 0x7ffca5b5de78 ret 0x7ffca5b5de88 call 0x7ffca5b5dd68 ret 0x7ffca5b5dd78 ret 0x7ffca5b5dd78 the dll didn't receive the ret of printf. below is the code to be instrumented. #include<stdio.h> void shuchu() { printf("asd"); } void loop() { int j=0; for(j=0;j<=10;j++) printf("%d",j); } int main() { shuchu(); loop(); return 0; } this is my dll to instrument. void * orgnladd; int flag=0; void TargetCall(void *addr) { // orgnladd=addr; // flag=1; printf("call %p\n",(unsigned long*)addr); } void TargetJmp(void *addr) { printf("[JMP - Target] : %p\n", (unsigned long *)addr); } void TargetRet(void *addr) { // if(flag&&addr!=orgnladd) {printf("ret call not the same address\n");exit(1);} printf("ret %p\n",(unsigned long*)addr); } there is some wrong in the dll that i hadn't change.I should use a vector to store the address.
_______________________________________________ Dyninst-api mailing list Dyninst-api@cs.wisc.edu https://lists.cs.wisc.edu/mailman/listinfo/dyninst-api