| commit | e5cab1cd01344597594c28cebbf43b68bbd04f2b | |
| author | strange <kawk256@gmail.com> | |
| Thu, 4 Feb 2010 05:41:13 +0000 (3 22:41 -0700) | ||
| committer | strange <kawk256@gmail.com> | |
| Thu, 4 Feb 2010 05:41:13 +0000 (3 22:41 -0700) | ||
| tree | adb509a6f01238821e04f7849084e8d2a6ea379f | treesnapshot (tar.gz zip) |
| parent | a454d7f9644068a0c4b23eb2237a4e4805fa6790 | commitdiff |
Implemented StorageManager support in the ELF:: namespace.
I'm wondering if I should add support for calloc(), while I'm thinking about
it . . . but no, I'll wait, for the time being.
I think it's time I re-re-introduced the overload library again, this time,
for speed reasons. Looking back to the beginning of October, Aesalon gathered
allocation information perfectly, and extremely fast, as well. If I write a
short overload for each function I'm trying to monitor, something like the
following . . .
malloc:
enter 16, 0
mov rdi, qword [rbp-16]
; . . . do dlsym() stuff here
mov rax, qword [rbp-8]
int3
leave
ret
. . . then I can increase portability, believe it or not -- currently, I'm
relying on the fact that rsp stores the return address for a malloc() call,
something that I'm sure is rather . . . hmm, discouraged. This way, the 32
bytes (rbp-24 to rbp+8) provide all of the information I need to gather: the
size, the address of the block, and the return address of the function. In
fact, I could even use my libc parser to get the address of the __malloc_hook
global, and change the value of it as so, during the initialization period,
rather than setting ptrace breakpoints like I currently am . . .
I could even use a pipe again to transfer the information . . .
Something to muse about, anyhow.
I'm wondering if I should add support for calloc(), while I'm thinking about
it . . . but no, I'll wait, for the time being.
I think it's time I re-re-introduced the overload library again, this time,
for speed reasons. Looking back to the beginning of October, Aesalon gathered
allocation information perfectly, and extremely fast, as well. If I write a
short overload for each function I'm trying to monitor, something like the
following . . .
malloc:
enter 16, 0
mov rdi, qword [rbp-16]
; . . . do dlsym() stuff here
mov rax, qword [rbp-8]
int3
leave
ret
. . . then I can increase portability, believe it or not -- currently, I'm
relying on the fact that rsp stores the return address for a malloc() call,
something that I'm sure is rather . . . hmm, discouraged. This way, the 32
bytes (rbp-24 to rbp+8) provide all of the information I need to gather: the
size, the address of the block, and the return address of the function. In
fact, I could even use my libc parser to get the address of the __malloc_hook
global, and change the value of it as so, during the initialization period,
rather than setting ptrace breakpoints like I currently am . . .
I could even use a pipe again to transfer the information . . .
Something to muse about, anyhow.