问题
I would like to use ptrace in order to attach my tool to a Linux process, read and write to the heap memory of this process and again detach my tool. Actually, it's not working although there is no error. I can not see any modifications in the heap memory of the process after I run the tool. Anyway, I'm quite not sure if that is possible in general. Currently, my C code looks like this:
int res = 0, i = 0;
int size = heap_address->end - heap_address->start;
char tmp_page[size];
memset(tmp_page, 'x', size); // just a test, I know this makes no sense
printf(" -> Attaching to process...\n");
res = ptrace(PTRACE_ATTACH, pid, NULL, NULL);
if (res == -1) printf(" -> Error: ptrace attach\n");
res = waitpid(pid, NULL, WUNTRACED);
if (res != pid) printf(" -> Error: waitpid\n");
printf(" -> Replacing heap\n");
for (i=0; i < size; i+=4) {
res = ptrace(PTRACE_POKEDATA, pid, heap_address->start+i, *(int *)(tmp_page+i));
if (res == -1) printf(" -> Error: ptrace pokedata\n");
}
printf(" -> Detaching from process...\n");
res = ptrace(PTRACE_DETACH, pid, NULL, NULL);
if (res == -1) printf(" -> Error: ptrace detach\n");
来源:https://stackoverflow.com/questions/20099916/using-ptrace-pokedata-to-replace-data-in-the-heap-of-a-process