CODEWITHSUNDEEP
clinux
noname
noname

Reputation: 17

ptrace is not working in 64 bit

please anyone tell me that why the bellow code is not working on 64 bit linux parent process will change the data value in tchild by ptrace.initially child process executed normally and suspend the process by signal and change the data in tchild program.

  #include <stdio.h>
  #include <unistd.h>
  #include <signal.h>
  #include <sys/ptrace.h>
  #include <sys/stat.h>
  #include <sys/types.h> 
  #include <stdlib.h>
  #include <wait.h>
  #include <linux/user.h>
  int main()
  {
      struct user_regs_struct regs;
      int pid, status;  /* process id & status */
      pid = fork();   /* create new process */
      int data;

      if(pid == 0) { 
     ptrace(PTRACE_TRACEME, 0, 0, 0);
      if(execl("/home/neeraj/neerajgit/ptrace/tchild", "tchild", 0) == -1)         
         {
          fprintf(stderr, "exec err \n");  /* err msg */
          exit(EXIT_FAILURE);
        }
     }
    else if(pid < 0) {
       fprintf(stderr, "fork  err\n");
    }
    else {  
       wait(&status);

       if(WIFSTOPPED(status) ) { printf("child stopped \n"); } 

       printf("parent start\n");
       kill(pid, SIGSTOP);
        data = ptrace(PTRACE_GETREGS, pid, 0,&regs); printf("%d\n", data);
        data = 30; 
       ptrace(PTRACE_POKEDATA, pid,   201010  + 8 , &data );  




    ptrace(PTRACE_PEEKDATA, pid, 201010 + 8,  NULL); printf("%d\n", data);
    printf("child started\n");
    printf("%ld \n", regs.rbx);
    ptrace(PTRACE_CONT, pid, 0, 0);
    sleep(5);
    }

    this is the tchild program

    #include <stdio.h>
   #include <sys/ptrace.h>
   int data;
   data = 20;  /* tchild main */
   int main()
    {       printf("child started \n");
    while(data != 30) ;
    printf("child stopped %d\n", data);
   }

Upvotes: 0

Views: 836

Answers (1)

Tezirg
Tezirg

Reputation: 1649

Looks like you forgot to attach the target process in the parent processus. You also need to wait for the traced program to stop after sending the signal.

ptrace(PTRACE_ATTACH, pid, 0, 0);
wait(&status);
printf("parent start\n");

if (WIFSTOPPED(status)) { printf("child stopped \n"); } 

data = ptrace(PTRACE_GETREGS, pid, 0,&regs); printf("%d\n", data);
data = 30; 
ptrace(PTRACE_POKEDATA, pid,   201010  + 8 , &data );  )

Upvotes: 1

Related Questions