查找Tracee的集合结构（正在调试的程序） [英] Finding the rendezvous structure of tracee (program being debugged)

问题描述

我需要编写调试器，以便给我要调试的程序链接或动态加载的共享库的名称。我得到了link.h中描述的集合结构，并在_DYNAMIC []循环中使用DT_DEBUG回答了其他问题。
首先，调试器永远不会达到r_brk设置的断点。
然后我在正在调试的程序中稍作休息，并使用link_map打印所有已加载的库。它仅打印调试器加载的库，而不打印正在调试的程序。
看来，我要得到的集合结构属于调试器本身。如果是这样，您能告诉我如何获取正在调试的程序的集合结构吗？如果我正在做的事情必须奏效，那么您的确认可能会有所帮助，也许还会暗示您可能还需要什么。
谢谢。

I need debugger I am writing to give me the name of shared lib that program being debugged is linking with, or loading dynamically. I get the rendezvous structure as described in link.h, and answers to other questions, using DT_DEBUG, in the loop over _DYNAMIC[]. First, debugger never hits the break point set at r_brk. Then I put a break in the program being debugged, and use link_map to print all loaded libraries. It only prints libraries loaded by the debugger, not the program being debugged. It seems that, the rendezvous structure I am getting belongs to the debugger itself. If so, could you please tell me how to get the rendezvous structure of the program I am debugging? If what I am doing must work, your confirmation will be helpful, perhaps with some hint as to what else might be needed. Thank you.

推荐答案

// You need to include <link.h>. All structures are explained
// in elf(5) manual pages.
// Caller has opened "prog_name", the debugee, and fd is the
// file descriptor. You can send the name instead, and do open()
// here.
// Debugger is tracing the debugee, so we are using ptrace().

void getRandezvousStructure(int fd, pid_t pd, r_debug& rendezvous) {

    Elf64_Ehdr elfHeader;
    char* elfHdrPtr = (char*) &elfHeader;
    read(fd, elfHdrPtr, sizeof(elfHeader));

    Elf64_Addr debugeeEntry = elfHeader.e_entry; // entry point of debugee

// Here, set a break at debugeeEntry, and after "PTRACE_CONT",
// and waitpid(), remove the break, and set rip back to debugeeEntry.
// After that, here it goes.

    lseek(fd, elfHeader.e_shoff, SEEK_SET); // offset of section header

    Elf64_Shdr secHeader;
    elfHdrPtr = (char*) &secHeader;
    Elf64_Dyn* dynPtr;

// Keep reading until we get: secHeader.sh_addr.
// That is the address of _DYNAMIC.

    for (int i = 0; i < elfHeader.e_shnum; i++) {
        read(fd, elfHdrPtr, elfHeader.e_shentsize);
        if (secHeader.sh_type == SHT_DYNAMIC) {
            dynPtr = (Elf64_Dyn*) secHeader.sh_addr; // address of _DYNAMIC
            break;
        }
    }

// Here, we get "dynPtr->d_un.d_ptr" which points to rendezvous
// structure, r_debug

    uint64_t data;

    for (;; dynPtr++) {
        data = ptrace(PTRACE_PEEKDATA, pd, dynPtr, 0);
        if (data == DT_NULL) break;
        if (data == DT_DEBUG) {
            data = ptrace(PTRACE_PEEKDATA, pd, (uint64_t) dynPtr + 8 , 0);
            break;
        }
    }

// Using ptrace() we read sufficient chunk of memory of debugee
// to copy to rendezvous.

    int ren_size = sizeof(rendezvous);
    char* buffer = new char[2 * ren_size];
    char* p = buffer;
    int total = 0;
    uint64_t value;

    for (;;) {
        value = ptrace(PTRACE_PEEKDATA, pd, data, 0);
        memcpy(p, &value, sizeof(value));
        total += sizeof(value);
        if (total > ren_size + sizeof(value)) break;
        data += sizeof(data);
        p += sizeof(data);
    }

// Finally, copy the memory to rendezvous, which was
// passed by reference.

    memcpy(&rendezvous, buffer, ren_size);
    delete [] buffer;
}

这篇关于查找Tracee的集合结构（正在调试的程序）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！