Version 0.0.1997.07.17 Added configuration file: functions.cfg

commit: 5b2f98182fc7fbf909f45a766b62a8eaa229eed3 [log] [tgz]
author: Juan Cespedes <cespedes@thehackers.org> Thu Jul 17 00:05:10 1997 +0200
committer: Juan Cespedes <cespedes@thehackers.org> Thu Jul 17 00:05:10 1997 +0200
tree: 732fbe3fdbc8e369a58fc223c6cc006692541acb
parent: 24c8253c7bdb2f069f0320f1a6109402720f6d44 [diff]
diff --git a/KK b/KK
new file mode 100644
index 0000000..4c73cd7
--- /dev/null
+++ b/KK

@@ -0,0 +1,22 @@
+pid 295 attached
+Enabling breakpoints...
+[0x0804890c] atexit(0x40006010) = ???
+[0x08048912] __libc_init_first(2,0xbffffc19,0xbffffc22,0,0xbffffc2e) = ???
+[0x08048934] atexit(0x080497d0) = ???
+[0x08048fab] setlocale(6,0x08049c6c,0x4000ac98,2,0x08048900) = ???
+[0x08048fba] bindtextdomain(0x08049c7f,0x08049c6d,6,0x08049c6c,0x4000ac98) = ???
+[0x08048fc4] textdomain(0x08049c7f,0x08049c7f,0x08049c6d,6,0x08049c6c) = ???
+[0x08048fe1] getopt_long(2,0xbffffb38,"benstuvAET",0x08049b6c,0) = ???
+[0x0804921a] __fxstat(3,1,0xbffffac8,0x4000ac98,2) = ???
+[0x0804931e] open("/etc/passwd",0,0x4000ac98) = ???
+[0x08049340] __fxstat(3,5,0xbffffac8,0x4000ac98,2) = ???
+[0x080496fd] malloc(4096) = ???
+[0x0804965b] read(5,0x0804af68,4096,0x0804af68,4096) = ???
+[0x080495f5] write(1,0x0804af68,1835,0x0804af68,4096) = ???
+[0x0804965b] read(5,0x0804af68,4096,0x0804af68,4096) = ???
+[0x080494c0] free(0x0804af68) = ???
+[0x080494e6] close(5) = ???
+[0x08049556] close(1) = ???
+[0x080495c5] exit(0) = ???
+pid 295 exited
+No more children

diff --git a/Makefile b/Makefile
index 1a9e078..3878d63 100644
--- a/Makefile
+++ b/Makefile

@@ -9,4 +9,4 @@
 	rm -f ltrace ltrace.o
 
 dist:	#clean
-	( cd .. ; tar zcvf ltrace2-`date +%y%m%d`.tgz ltrace2 )
+	( cd .. ; tar zcvf ltrace-`date +%y%m%d`.tgz ltrace )

diff --git a/README b/README
index 57a1f7e..e357ff1 100644
--- a/README
+++ b/README

@@ -2,7 +2,7 @@
 ---------------
 
 * 2nd approach: using soft breakpoints (INT 3, CC) in process using
-  ptrace, just like gdb/strace
+  ptrace, just like gdb & strace
 
 Tue Jun 24 22:42:59 CEST 1997  Juan Cespedes <cespedes@etsit.upm.es>
 

diff --git a/functions.c b/functions.c
index 7f974c3..6d3cb89 100644
--- a/functions.c
+++ b/functions.c

@@ -3,29 +3,9 @@
 #include <sys/ptrace.h>
 
 extern int pid;
+extern FILE * output;
 
-struct functions {
-	const char * function_name;
-	int return_type;
-	int no_params;
-	int params_type[10];
-};
-
-/*
- *	Lista de types:
- */
-
-#define	_T_UNKNOWN	-1
-#define	_T_VOID		0
-#define	_T_INT		1
-#define	_T_UINT		2
-#define	_T_OCTAL	3
-#define	_T_CHAR		4
-#define	_T_STRING	5
-#define	_T_ADDR		6
-#define	_T_FILE		7
-#define	_T_HEX		8
-#define	_T_FORMAT	9		/* printf-like format */
+#include "functions.h"
 
 struct functions functions_list[] = {
 	{"atexit",      _T_INT,     1, {_T_ADDR}},
@@ -39,6 +19,7 @@
 	{"malloc",      _T_ADDR,    1, {_T_UINT}},
 	{"memset",      _T_ADDR,    3, {_T_ADDR, _T_CHAR, _T_UINT}},
 	{"mkdir",       _T_INT,     2, {_T_STRING, _T_OCTAL}},
+	{"open",        _T_INT,     3, {_T_STRING, _T_INT, _T_INT}},
 	{"printf",      _T_INT,     1, {_T_FORMAT}},
 	{"rindex",      _T_STRING,  2, {_T_STRING, _T_CHAR}},
 	{"strcmp",      _T_INT,     2, {_T_STRING, _T_STRING}},
@@ -131,5 +112,6 @@
 	for(i=1; i<tmp->no_params; i++) {
 		sprintf(message, "%s,%s", message, print_param(tmp->params_type[i], esp+4*(i+1)));
 	}
-	fprintf(stderr, "%s) = ???\n", message);
+	fprintf(output, "%s) = ???\n", message);
+	fflush(output);
 }

diff --git a/functions.cfg b/functions.cfg
new file mode 100644
index 0000000..f49dd77
--- /dev/null
+++ b/functions.cfg

@@ -0,0 +1,36 @@
+; +	== May vary (ie, is a returned value)
+; int
+; addr	== (void *)		[int, expresado en hexa]
+; file	== (FILE *)
+; format	== ((char *), ...)	[printf() like]
+; octal	== int			[expresado en octal]
+
+int atexit(addr);
+int close(int);
+int exit(int);
+int fclose(file);
+int fprintf(file,format);
+int free(addr);
+int gethostname(+string,int);
+int getopt_long(int,addr,string,addr,addr);
+addr malloc(int);
+addr memset(addr,char,int);
+int mkdir(string,octal);
+int open(string,int,octal);			<- OJO
+int printf(format);
+string rindex(string,char);
+int strcmp(string,string);
+int strncmp(string,string,int);
+int time(addr);
+
+; #define	_T_UNKNOWN	-1
+; #define	_T_VOID		0
+; #define	_T_INT		1
+; #define	_T_UINT		2
+; #define	_T_OCTAL	3
+; #define	_T_CHAR		4
+; #define	_T_STRING	5
+; #define	_T_ADDR		6
+; #define	_T_FILE		7
+; #define	_T_HEX		8
+; #define	_T_FORMAT	9		/* printf-like format */

diff --git a/functions.h b/functions.h
index 991b181..811019f 100644
--- a/functions.h
+++ b/functions.h

@@ -1,15 +1,3 @@
-#include <stdio.h>
-#include <string.h>
-#include <sys/ptrace.h>
-
-extern int pid;
-
-struct functions {
-	const char * function_name;
-	int return_type;
-	int num_params;
-	int params_type[10];
-};
 
 /*
  *	Lista de types:
@@ -27,109 +15,12 @@
 #define	_T_HEX		8
 #define	_T_FORMAT	9		/* printf-like format */
 
-struct functions functions_list[] = {
-	{"atexit",      _T_INT,     1, {_T_ADDR}},
-	{"close",       _T_INT,     1, {_T_INT}},
-	{"exit",        _T_INT,     1, {_T_INT}},
-	{"fclose",      _T_INT,     1, {_T_FILE}},
-	{"fprintf",     _T_INT,     2, {_T_FILE, _T_FORMAT}},
-	{"free",        _T_INT,     1, {_T_ADDR}},
-	{"gethostname", _T_INT,     2, {_T_STRING, _T_INT}},
-	{"getopt_long", _T_INT,     5, {_T_INT, _T_ADDR, _T_STRING, _T_ADDR, _T_ADDR}},
-	{"malloc",      _T_ADDR,    1, {_T_UINT}},
-	{"memset",      _T_ADDR,    3, {_T_ADDR, _T_CHAR, _T_UINT}},
-	{"mkdir",       _T_INT,     2, {_T_STRING, _T_OCTAL}},
-	{"printf",      _T_INT,     1, {_T_FORMAT}},
-	{"rindex",      _T_STRING,  2, {_T_STRING, _T_CHAR}},
-	{"strcmp",      _T_INT,     2, {_T_STRING, _T_STRING}},
-	{"strncmp",     _T_INT,     3, {_T_STRING, _T_STRING, _T_INT}},
-	{"time",        _T_UINT,    1, {_T_ADDR}},
-	{NULL,          _T_UNKNOWN, 5, {_T_UNKNOWN, _T_UNKNOWN, _T_UNKNOWN, _T_UNKNOWN, _T_UNKNOWN}},
+struct function {
+	const char * function_name;
+	int return_type;
+	int num_params;
+	int params_type[10];
+	struct function * next;
 };
 
-static char * process_string(unsigned char * str)
-{
-	static char tmp[256];
-
-	tmp[0] = '\0';
-	while(*str) {
-		switch(*str) {
-			case '\r':	strcat(tmp,"\\r"); break;
-			case '\n':	strcat(tmp,"\\n"); break;
-			case '\t':	strcat(tmp,"\\t"); break;
-			case '\\':	strcat(tmp,"\\"); break;
-			default:
-				if ((*str<32) || (*str>126)) {
-					sprintf(tmp,"%s\\%03o", tmp, *str);
-				} else {
-					sprintf(tmp, "%s%c", tmp, *str);
-				}
-		}
-		str++;
-	}
-	return tmp;
-}
-
-static char * print_string(int addr)
-{
-	static char tmp[256];
-	int a;
-	int i=0;
-
-	tmp[0] = '\0';
-	while(1) {
-		a = ptrace(PTRACE_PEEKTEXT, pid, addr+i, 0);
-		*(int *)&tmp[i] = a;
-		if (!tmp[i] || !tmp[i+1] || !tmp[i+2] || !tmp[i+3] || i>100) {
-			break;
-		}
-		i += 4;
-	}
-	return process_string(tmp);
-}
-
-static char * print_param(int type, int esp)
-{
-	static char tmp[256];
-	int a;
-
-	a = ptrace(PTRACE_PEEKTEXT, pid, esp, 0);
-
-	switch(type) {
-		case _T_STRING:
-		case _T_FORMAT:
-			sprintf(tmp,"\"%s\"",print_string(a));
-			break;
-		default:
-			if (a<1000000 && a>-1000000) {
-				sprintf(tmp, "%d", a);
-			} else {
-				sprintf(tmp, "0x%08x", a);
-			}
-	}
-	return tmp;
-}
-
-void print_function(const char *name, int esp)
-{
-	struct functions * tmp;
-	char message[1024];
-	int i;
-
-	tmp = &functions_list[0];
-
-	while(tmp->function_name) {
-		if (!strcmp(name, tmp->function_name)) {
-			break;
-		}
-		tmp++;
-	}
-	sprintf(message, "%s(", name);
-	if (tmp->no_params>0) {
-		sprintf(message, "%s%s", message, print_param(tmp->params_type[0], esp+4));
-	}
-	for(i=1; i<tmp->no_params; i++) {
-		sprintf(message, "%s,%s", message, print_param(tmp->params_type[i], esp+4*(i+1)));
-	}
-	fprintf(stderr, "%s) = ???\n", message);
-}
+extern struct function * list_of_functions;

diff --git a/functions.o b/functions.o
index a339c66..265e04f 100644
--- a/functions.o
+++ b/functions.o
Binary files differ

diff --git a/ltrace b/ltrace
index 082066e..a460885 100755
--- a/ltrace
+++ b/ltrace
Binary files differ

diff --git a/ltrace.c b/ltrace.c
index 432b5eb..dda9683 100644
--- a/ltrace.c
+++ b/ltrace.c

@@ -13,7 +13,7 @@
 #include <string.h>
 #include <signal.h>
 
-void print_function(const char *, int);
+extern void print_function(const char *, int);
 
 int pid;
 
@@ -23,11 +23,15 @@
 	char * name;
 	unsigned long addr;
 	unsigned char value;
-	unsigned long return_addr;
-	unsigned char return_value;
 	struct library_symbol * next;
 };
 
+FILE * output = stderr;
+
+unsigned long return_addr;
+unsigned char return_value;
+struct library_symbol * current_symbol;
+
 struct library_symbol * library_symbols = NULL;
 
 static int read_elf(char *filename)
@@ -88,9 +92,9 @@
 		}
 	}
 	if (debug>0) {
-		fprintf(stderr, "symtab: 0x%08x\n", (unsigned)symtab);
-		fprintf(stderr, "symtab_len: %lu\n", symtab_len);
-		fprintf(stderr, "strtab: 0x%08x\n", (unsigned)strtab);
+		fprintf(output, "symtab: 0x%08x\n", (unsigned)symtab);
+		fprintf(output, "symtab_len: %lu\n", symtab_len);
+		fprintf(output, "strtab: 0x%08x\n", (unsigned)strtab);
 	}
 	if (!symtab) {
 		return 0;
@@ -108,7 +112,7 @@
 			library_symbols->name = strtab+(symtab+i)->st_name;
 			library_symbols->next = tmp;
 			if (debug>0) {
-				fprintf(stderr, "addr: 0x%08x, symbol: \"%s\"\n",
+				fprintf(output, "addr: 0x%08x, symbol: \"%s\"\n",
 					(unsigned)((symtab+i)->st_value),
 					(strtab+(symtab+i)->st_name));
 			}
@@ -117,27 +121,48 @@
 	return 1;
 }
 
+static void insert_breakpoint(int pid, unsigned long addr, unsigned char * value)
+{
+}
+
+static void delete_breakpoint(int pid, unsigned long addr, unsigned char * value)
+{
+}
+
+static void usage(void)
+{
+	fprintf(stderr," Usage: ltrace [-d][-o output] <program> [<arguments>...]\n");
+}
+
 int main(int argc, char **argv)
 {
 	int status;
 	struct library_symbol * tmp = NULL;
 
-	while ((argc>1) && (argv[1][0] == '-') && (argv[1][2] == '\0')) {
+	while ((argc>2) && (argv[1][0] == '-') && (argv[1][2] == '\0')) {
 		switch(argv[1][1]) {
 			case 'd':	debug++;
 					break;
+			case 'o':	output = fopen(argv[2], "w");
+					if (!output) {
+						fprintf(stderr, "Can't open %s for output: %s\n", argv[2], sys_errlist[errno]);
+						exit(1);
+					}
+					argc--; argv++;
+					break;
 			default:	fprintf(stderr, "Unknown option '%c'\n", argv[1][1]);
+					usage();
 					exit(1);
 		}
 		argc--; argv++;
 	}
 
 	if (argc<2) {
-		fprintf(stderr, "Usage: %s [<options>] <program> [<arguments>]\n", argv[0]);
+		usage();
 		exit(1);
 	}
 	if (!read_elf(argv[1])) {
-		fprintf(stderr, "%s: Not dynamically linked\n", argv[0]);
+		fprintf(stderr, "%s: Not dynamically linked\n", argv[1]);
 		exit(1);
 	}
 	pid = fork();
@@ -153,7 +178,7 @@
 		fprintf(stderr, "Can't execute \"%s\": %s\n", argv[1], sys_errlist[errno]);
 		exit(1);
 	}
-	fprintf(stderr, "pid %u attached\n", pid);
+	fprintf(output, "pid %u attached\n", pid);
 
 	/* Enable breakpoints: */
 	pid = wait4(-1, &status, 0, NULL);
@@ -161,7 +186,7 @@
 		perror("wait4");
 		exit(1);
 	}
-	fprintf(stderr, "Enabling breakpoints...\n");
+	fprintf(output, "Enabling breakpoints...\n");
 	tmp = library_symbols;
 	while(tmp) {
 		int a;
@@ -182,26 +207,26 @@
 		pid = wait4(-1, &status, 0, NULL);
 		if (pid==-1) {
 			if (errno == ECHILD) {
-				fprintf(stderr, "No more children\n");
+				fprintf(output, "No more children\n");
 				exit(0);
 			}
 			perror("wait4");
 			exit(1);
 		}
 		if (WIFEXITED(status)) {
-			fprintf(stderr, "pid %u exited\n", pid);
+			fprintf(output, "pid %u exited\n", pid);
 			continue;
 		}
 		if (WIFSIGNALED(status)) {
-			fprintf(stderr, "pid %u exited on signal %u\n", pid, WTERMSIG(status));
+			fprintf(output, "pid %u exited on signal %u\n", pid, WTERMSIG(status));
 			continue;
 		}
 		if (!WIFSTOPPED(status)) {
-			fprintf(stderr, "pid %u ???\n", pid);
+			fprintf(output, "pid %u ???\n", pid);
 			continue;
 		}
 		if (WSTOPSIG(status) != SIGTRAP) {
-			fprintf(stderr, "Signal: %u\n", WSTOPSIG(status));
+			fprintf(output, "Signal: %u\n", WSTOPSIG(status));
 			ptrace(PTRACE_CONT, pid, 1, WSTOPSIG(status));
 			continue;
 		}
@@ -209,10 +234,10 @@
 		eip = ptrace(PTRACE_PEEKUSR, pid, 4*EIP, 0);
 		esp = ptrace(PTRACE_PEEKUSR, pid, 4*UESP, 0);
 #if 0
-		fprintf(stderr,"EIP = 0x%08x\n", eip);
-		fprintf(stderr,"ESP = 0x%08x\n", esp);
+		fprintf(output,"EIP = 0x%08x\n", eip);
+		fprintf(output,"ESP = 0x%08x\n", esp);
 #endif
-		fprintf(stderr,"[0x%08x] ", ptrace(PTRACE_PEEKTEXT, pid, esp, 0));
+		fprintf(output,"[0x%08x] ", ptrace(PTRACE_PEEKTEXT, pid, esp, 0));
 		tmp = library_symbols;
 		function_seen = 0;
 		while(tmp) {
@@ -229,7 +254,7 @@
 				pid = wait4(-1, &status, 0, NULL);
 				if (pid==-1) {
 					if (errno == ECHILD) {
-						fprintf(stderr, "No more children\n");
+						fprintf(output, "No more children\n");
 						exit(0);
 					}
 					perror("wait4");
@@ -245,7 +270,7 @@
 			tmp = tmp->next;
 		}
 		if (!function_seen) {
-			fprintf(stderr, "pid %u stopped; continuing it...\n", pid);
+			fprintf(output, "pid %u stopped; continuing it...\n", pid);
 			ptrace(PTRACE_CONT, pid, 1, 0);
 		}
 	}

diff --git a/ltrace.o b/ltrace.o
index bab8618..6796c41 100644
--- a/ltrace.o
+++ b/ltrace.o
Binary files differ
commit	5b2f98182fc7fbf909f45a766b62a8eaa229eed3	[log] [tgz]
author	Juan Cespedes <cespedes@thehackers.org>	Thu Jul 17 00:05:10 1997 +0200
committer	Juan Cespedes <cespedes@thehackers.org>	Thu Jul 17 00:05:10 1997 +0200
tree	732fbe3fdbc8e369a58fc223c6cc006692541acb
parent	24c8253c7bdb2f069f0320f1a6109402720f6d44 [diff]