关于ptrace追踪进程的问题

技能讨论
1 
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>
#include <sys/ptrace.h>
int main() {
    while(1) {
        printf("Hello, ptrace! [pid:%d], [ppid:%d] \n", getpid(), getppid());
        sleep(2);
    }
    return 0;
}

上面是一个循环打印这个当前进程pid,pppid的程序
然后我通过另一个程序根据他的pid去操作系统发起一个软中断,使进程暂停,到这里都正常,但是执行完成时候本来应该回车之后就让进程继续执行,但是回车之后报了一个Segmentation fault (core dumped)的错,然后进程就结束了,下面是追踪的代码:

#include <sys/ptrace.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>
#include <sys/user.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

const int long_size = sizeof(long);

void getdata(pid_t child, long addr,
             char *str, int len)
{
    char *laddr;
    int i, j;
    union u {
            long val;
            char chars[long_size];
    }data;

    i = 0;
    j = len / long_size;
    laddr = str;

    while(i < j) {
        data.val = ptrace(PTRACE_PEEKDATA, child,
                          addr + i * 4, NULL);
        memcpy(laddr, data.chars, long_size);
        ++i;
        laddr += long_size;
    }
    j = len % long_size;
    if(j != 0) {
        data.val = ptrace(PTRACE_PEEKDATA, child,
                          addr + i * 4, NULL);
        memcpy(laddr, data.chars, j);
    }
    str[len] = '\0';
}

void putdata(pid_t child, long addr,
             char *str, int len)
{
    char *laddr;
    int i, j;
    union u {
            long val;
            char chars[long_size];
    }data;

    i = 0;
    j = len / long_size;
    laddr = str;
    while(i < j) {
        memcpy(data.chars, laddr, long_size);
        ptrace(PTRACE_POKEDATA, child,
               addr + i * 4, data.val);
        ++i;
        laddr += long_size;
    }
    j = len % long_size;
    if(j != 0) {
        memcpy(data.chars, laddr, j);
        ptrace(PTRACE_POKEDATA, child,
               addr + i * 4, data.val);
    }
}


//attach.c
int main(int argc, char *argv[]) {
    if(argc!=2) {
        printf("Usage: %s pid\n", argv[0]);
        return 1;
    }
    pid_t victim = atoi(argv[1]);
    struct user_regs_struct regs;
    /* int 0x80, int3 */
    unsigned char code[] = {0xcd,0x80,0xcc,0x00};
    char backup[4];
    ptrace(PTRACE_ATTACH, victim, NULL, NULL);
    long inst;

    wait(NULL);
    ptrace(PTRACE_GETREGS, victim, NULL, &regs);
    inst = ptrace(PTRACE_PEEKTEXT, victim, regs.eip, NULL);
    printf("Victim: EIP:0x%lx INST: 0x%lx\n", regs.eip, inst);

    /* Copy instructions into a backup variable */
    getdata(victim, regs.eip, backup, 3);
    /* Put the breakpoint */
    putdata(victim, regs.eip, code, 3);
    /* Let the process continue and execute the int 3 instruction */
    ptrace(PTRACE_CONT, victim, NULL, NULL);

    wait(NULL);
    printf("Press Enter to continue ptraced process.\n");
    getchar();
    putdata(victim, regs.eip, backup, 3);
    ptrace(PTRACE_SETREGS, victim, NULL, &regs);

    ptrace(PTRACE_CONT, victim, NULL, NULL);
    ptrace(PTRACE_DETACH, victim, NULL, NULL);
    return 0;
}

然后再附上一张图:

image.png1143×139 258 KB