Deepanjali Mishra
Reputation: 41
Determining whether a value stored at a given memory location is a pointer
I am using the PinTool APIs to examine the values stored at specific memory locations. As shown in the attached image, I observe several unusually long values (printed in decimal) that appear to be pointers.
I used the PIN_SafeCopy API to dereference these suspected pointers, only to find that they likely represent pointers to pointers with considerable depth. Is there a more efficient method to differentiate between regular data and pointers?
You can find the relevant code snippet below:
void RecordMemRead(void* ip, void* ea) {
unsigned long long value;
PIN_SafeCopy(&value, ea, sizeof(unsigned long long));
output_file << "IP: " << ip << " Read Addr: " << ea << " Value: " << value << "\n";
}
void RecordMemWrite(void* ip, void* ea) {
unsigned long long value;
PIN_SafeCopy(&value, ea, sizeof(unsigned long long));
output_file << "IP: " << ip << " Write Addr: " << ea << " Value: " << value << "\n";
}
void Instruction(INS ins, VOID *v) {
INS_InsertCall(ins, IPOINT_BEFORE, (AFUNPTR)docount, IARG_END);
if (INS_IsMemoryRead(ins) && INS_IsStandardMemop(ins)) {
INS_InsertPredicatedCall(ins, IPOINT_BEFORE, (AFUNPTR)RecordMemRead, IARG_INST_PTR, IARG_MEMORYREAD_EA, IARG_MEMORYREAD_SIZE, IARG_END);
}
if (INS_HasMemoryRead2(ins) && INS_IsStandardMemop(ins)) {
INS_InsertPredicatedCall(ins, IPOINT_BEFORE, (AFUNPTR)RecordMemWrite, IARG_INST_PTR, IARG_MEMORYREAD2_EA, IARG_MEMORYREAD_SIZE, IARG_END);
}
}
Upvotes: 2
Views: 32
Answers (0)
Related Questions
- Value receiver vs. pointer receiver
- What exactly is a C pointer if not a memory address?
- Where in memory are my variables stored in C?
- Pointer to memory location stored in uint64_t
- Determining Whether Pointer is Valid
- printf by given pointer and format string. Issue with floats
- reading value from memory for pointer location