Hi,
I am using Dyninst to implement a CFI shadow stack. I am trying to get the
target address of the return instruction as below:
//Inst_pair is the iterator I get over the vector returned by
getInstructions(). Inst_pair.first is InstructionAPI instruction object and
Inst_pair.second is the starting address of the instruction.
if(Inst_pair.first.getCategory() == Dyninst::InstructionAPI::c_ReturnInsn){
appImage->findPoints(Inst_pair.second, points);
BPatch_dynamicTargetExpr retAddr;
instArgs.push_back(&retAddr);
BPatch_funcCallExpr actionCallExpr2(*func_1, instArgs);
BPatchSnippetHandle *handle2 = app->insertSnippet(actionCallExpr2,
*points[0] ,BPatch_callBefore,BPatch_lastSnippet);
}
void func_1(void * trgAddr){
cout<<hex<<trgAddr<<endl;
}
However the values returned to func_1 are random values and not actual
return addresses. How to use BPatch_dynamicTargetExpr properly with return
instructions?
_______________________________________________
Dyninst-api mailing list
Dyninst-api@cs.wisc.edu
https://lists.cs.wisc.edu/mailman/listinfo/dyninst-api
