我想使用ptrace将我的工具附加到Linux进程,读取和写入此进程的堆内存并再次分离我的工具。 实际上,虽然没有错误,但它不起作用。运行该工具后,我无法在进程的堆内存中看到任何修改。无论如何,我不太确定这是否可能。目前,我的C代码如下所示:
int res = 0, i = 0;
int size = heap_address->end - heap_address->start;
char tmp_page[size];
memset(tmp_page, 'x', size); // just a test, I know this makes no sense
printf(" -> Attaching to process...\n");
res = ptrace(PTRACE_ATTACH, pid, NULL, NULL);
if (res == -1) printf(" -> Error: ptrace attach\n");
res = waitpid(pid, NULL, WUNTRACED);
if (res != pid) printf(" -> Error: waitpid\n");
printf(" -> Replacing heap\n");
for (i=0; i < size; i+=4) {
res = ptrace(PTRACE_POKEDATA, pid, heap_address->start+i, *(int *)(tmp_page+i));
if (res == -1) printf(" -> Error: ptrace pokedata\n");
}
printf(" -> Detaching from process...\n");
res = ptrace(PTRACE_DETACH, pid, NULL, NULL);
if (res == -1) printf(" -> Error: ptrace detach\n");